The content on this page has been converted from PDF to HTML format using an artificial intelligence (AI) tool as part of our ongoing efforts to improve accessibility and usability of our publications. Note:

No human verification has been conducted of the converted content.
While we strive for accuracy errors or omissions may exist.
This content is provided for informational purposes only and should not be relied upon as a definitive or authoritative source.
For the official and verified version of the publication, refer to the original PDF document.

If you identify any inaccuracies or have concerns about the content, please contact us at [email protected].

BDO LLP Audit Quality Inspection and Supervision Report 2023

Introduction: FRC's objective of enhancing audit quality

The FRC is the Competent Authority for UK statutory audit, responsible for the regulation of UK statutory auditors and audit firms. We assess, via a fair evidence-based approach, whether firms are enhancing audit quality and are resilient. We adopt a forward-looking supervisory model and hold firms to account for changes needed to improve audit quality.

Auditors' opinions on financial statements play a vital role upholding trust and integrity in business. The FRC's objective is to achieve consistent high quality audits so that users have confidence in financial statements. To support this, we:

Set ethical, auditing and assurance standards and guidance, as well as influence the development of global standards.
Inspect the quality of audits performed by, and the systems of quality management of, firms that audit Public Interest Entities (PIEs¹) and register auditors who carry out PIE audit work.
Set eligibility criteria for auditors and oversee delegated regulatory tasks carried out by professional bodies such as qualification and the monitoring of non-PIE audits.
Bring enforcement action against auditors for breaches of relevant requirements.

Since our July 2022 report we have delivered on a reform programme ahead of the Government response to restoring trust in audit and corporate governance, including:

Taking responsibility for PIE auditor registration allowing us to impose conditions, suspensions and, in the most serious cases, remove registration of PIE auditors.
Agreeing a memorandum of understanding with the Department for Levelling Up, Housing and Communities (DLUHC) setting out our responsibilities as shadow system leader for local audit.
Updating Our Approach to Audit Supervision, outlining the work of our supervision teams.
Publishing a Minimum Standard for Audit Committees and the External Audit and consulting on revisions to the UK Corporate Governance Code.

Our 2023/24 transformation programme will demonstrate our continued commitment to the public interest and restoring trust in the audit profession.

The seven Tier 1 firm² reports provide an overview of key messages from our supervision and inspection work during the year ended 31 March 2023 (2022/23) and the firms' responses to our findings.

Our supervisory approach

The audit supervisory teams in the FRC's Supervision Division work closely together to develop an overall view of the key issues for each firm to improve audit quality. We also collaborate to develop our plans for future supervision work.

The supervisory staff producing our reports

The audit supervisory teams comprise 90 experienced professional and support staff assessing the risks to audit quality and resilience at each firm and the actions needed to address those risks.

Infographic presenting FRC's supervisory approach, staff numbers, audit scope, fee income trend, and types of audits performed across multiple years.

BDO LLP

Audits within the FRC's inspection scope⁴

Inspection Cycle	FTSE 250 audits	Total audits in FRC scope
2023-24	25	264
2022-23	17	270
2021-22	15	238

Audit fee income⁵ £m

Corporate audits inspected by the FRC⁶

Local audits⁷

This report sets out the FRC's findings on key matters relevant to audit quality at BDO LLP (BDO or the firm). As part of our 2022/23 inspection and supervision work, we reviewed a sample of individual audits and assessed elements of the firm's quality control systems.

The FRC focuses on the audit of PIEs. Our risk-based selection of audits for inspection focuses, for example, on entities: in a high-risk sector; experiencing financial difficulties; or having material account balances with high estimation uncertainty. We also inspect a small number of non-PIE audits on a risk-based selection.

Entity management and those charged with governance can make an important contribution to a robust audit. A well-governed company, transparent reporting and effective internal controls all help underpin a high quality audit. While there is some shared responsibility throughout the ecosystem for the quality of audits, we expect firms to achieve high quality audits regardless of any identified risk in relation to management, those charged with governance or the entity's financial reporting systems and controls.

Higher risk audits are inherently more challenging, requiring audit teams to assess and conclude on complex and judgemental issues (for example, future cash flows underpinning impairment and going concern assessments). Professional scepticism and rigorous challenge of management are especially important in such audits. Our increasing focus on higher risk audits means that our findings may not be representative of audit quality across a firm's entire audit portfolio or on a year-by-year basis. Our forward-looking supervision work provides a holistic picture of the firm's approach to audit quality and the development of its audit quality initiatives.

This report also considers other, wider measures of audit quality. The Quality Assurance Department (QAD) of the Institute of Chartered Accountants in England and Wales (ICAEW) inspects a sample of the firm's non-PIE audits. The firm also conducts internal quality reviews. A summary of the firm's internal quality review results is included in the Appendix.

1. Overview

Overall assessment

In the 2021/22 public report, we concluded that the number of audits requiring significant improvements or improvements was unacceptable and set out how the firm and the FRC would respond. We assessed that the firm had not responded quickly enough to strengthen its audit quality infrastructure to support its previous growth and its strategic ambitions. While doing so, we noted that there had been a step-change in the firm's investment in resources and other audit quality initiatives. During the last period, the firm's commitment to strengthening its audit quality infrastructure intensified. However, that commitment and the associated investment and enhancements have not yet had the opportunity to fully embed and impact inspection results.

This year, the proportion of audits assessed as requiring no more than limited improvements from our audit inspections was 69%, which was an improvement from the prior year. However, we still assessed two of the audits we reviewed as requiring significant improvements. The areas which contributed most to the audits that needed improvements or significant improvements were the audit of revenue, audit of financial services entities, scepticism and challenge in key areas of judgement, journal testing, and quality control and review, all recurring findings from the prior year. We also noted two thematic issues which the firm needs to take action on.

69%

Of audits inspected were found to require no more than limited improvements.

Two audits inspected in the current cycle required significant improvements.

We have, in the previous three years, given strong messages to the firm around the priority actions in its quality improvement plan and increased the depth of our supervision. This year, the actions the firm has undertaken or has in progress, have had some impact on the audits we have reviewed, however there is a persisting trend of recurrent themes. Given the timing delays embedded in our review cycle, it is not yet possible to assess if the firm's quality related actions have been sufficient to address the weaknesses in audit quality over the recurring themes.

The results from other measures of audit quality, covering a broader population and larger sample of audits are inconsistent. The results from the firm's internal quality monitoring process (IQM), covering both PIE and non-PIE audits, assessed only 67% of audits as meeting its highest quality standard (top two levels combined). These IQM results are now more comparable to our own findings which may be an indicator that the effectiveness and rigour of the firm's own IQM function has improved in response to previous public report actions. The results from the Quality Assurance Department of the ICAEW (QAD), over a similar period, weighted towards higher risk and complex non-PIE audits (within the ICAEW scope), assessed 90% of the audits inspected as good/generally acceptable. A summary of results is set out on pages 27 and 28.

QAD identified several good practices including the approach to risk assessment and consideration of fraud, and good documentation of ISA 600 procedures on a group audit.

The firm has continued to invest in resources and other audit quality initiatives and is actively managing the growth, complexity, and sector emphasis in its audit portfolio. The firm must continue its audit quality transformation journey ensuring that its resources and initiatives are embedded, effective and that its culture incentivises audit quality. The key priority is for the firm to ensure its quality transformation plan is delivered over a short time-frame in order to move its audit quality to a good standing.

In response to this year's findings, we will take the following action:

Maintain the elevated number of audits inspected in our 2023/24 inspection cycle.
Reassess the quality transformation plan, in so far as it relates to the recurring key findings, to track progess of initiatives and ensure reporting to both the firm's executive and the FRC Supervisor.
Require, again, that the breadth of the firm's hot reviews include all the most frequent and significant recurring issues identified in internal and external reviews.
Require that the firm's internal quality monitoring function, as instigated last year, review the following year's audit for all external inspections assessed as improvements required, or significant improvements required, in the previous year and include, where appropriate, the key findings in this report as focus areas for their reviews.
Require the firm to account to us that its Responsible Individuals (RIs) and Engagement Quality Control Reviewers (EQCRs) are meeting the firm's own internal standards for the absolute and relative time commitments to be spent on audits.
Work with the firm to further develop the Single Quality Plan (SQP) process, subject to formal reporting and regular review by the FRC.

All firms are required to include actions within a Single Quality Plan, subject to formal reporting and regular review by the FRC.

Inspection results: arising from our review of individual audits

We inspected 13 individual audits this year and assessed nine (69%) as requiring no more than limited improvements. Within financial services we inspected the audits of a bank, a building society, a financial services provider and an insurer. We also reviewed audits within sectors such as food production and retail, construction and materials, precious metals and mining, waste and disposal services, logistics providers and travel and leisure.

Our assessment of the quality of audits reviewed: BDO LLP

A bar chart showing the percentage of audits falling into three categories of improvements required, by year from 2018/19 to 2022/23.

Year	Good or limited improvements required	Improvements required	Significant improvements required
2018/19	7	1	0
2019/20	5	1	2
2020/21	4	4	1
2021/22	7	1	4
2022/23	9	2	2

The audits inspected in the 2022/23 cycle included above had year ends ranging from December 2020 to March 2022.

Changes to the proportion of audits falling within each category reflect a wide range of factors, including the size, complexity and risk of the audits selected for inspection and the individual inspection scope. Our inspections are also informed by the priority sectors and areas of focus as set out in the Tier 1 Overview Report. For these reasons, and given the sample sizes involved, changes from one year to the next cannot, on their own, be relied upon to provide a complete picture of a firm's performance and are not necessarily indicative of any overall change in audit quality at the firm.

Inspection results: arising from our review of the firm's quality control procedures

Any inspection cycle with audits requiring more than limited improvements is a cause for concern and indicates the need for a firm to take action to achieve the necessary improvements.

Our key findings related to the audit of revenue, audit work of financial services entities and financial services related balances, challenge and testing of estimates and assumptions, the audit testing of journals and quality control and review. We identified a range of good practice related to risk assessment and planning, execution of the audit, and completion and reporting.

Our key findings on individual audits included the audit of revenue, audit work on financial services entities, and challenge and testing of estimates and assumptions.

We also noted thematic matters on recurring themes, and IT and IT control related issues within key findings areas.

Further details are set out in section 2.

This year, our firm-wide work focused primarily on evaluating the firm's: compliance with the FRC's Revised Ethical Standard; partner and staff matters; acceptance, continuance, and resignation procedures; and audit methodology relating to settlement and clearing processes.

Our key findings related to compliance with the FRC's Revised Ethical Standard, partner and staff firmwide processes, and the audit methodology relating to settlement and clearing processes. We also identified good practice in the areas of compliance with the FRC's Revised Ethical Standard, and acceptance, continuance and resignation procedures.

With respect to quality control procedures, our key findings related to the firm's compliance with the FRC's Revised Ethical Standard, partner and staff firmwide processes, and audit methodology.

Further details are set out in section 3.

Forward-looking supervision

In 2022, in response to feedback from the FRC the firm set out a transformative Audit Quality Plan (AQP or the plan), resetting its focus and taking into account the challenges of implementing International Standard on Quality Management (UK) 1 (ISQM 1) and how the firm wanted to develop its audit culture. The plan, which was clearly prioritised, recognised the need to control growth, invest in central audit quality infrastructure, strengthen audit methodologies, and embed a culture of challenge.

Since then, the firm has continued to embed robust practices to manage growth and complexity at an audit portfolio level and now, in addition, has deepened its analysis of the balance and composition of RI portfolios and associated risks.

The firm has introduced frameworks that provide a more transparent linkage between audit quality and reward, and recognition for positive quality outcomes.

The firm has also set up a Revenue Centre of Excellence targeted at addressing the recurring theme of the audit of revenue. This, alongside perspectives from the thematic analysis of revenue root causes has been combined to focus on how to deliver high quality audits.

Recent improvements in root cause analysis (RCA), through using a wider set of data points, a stable taxonomy, taking into account behavioural factors and biases, and cross-review analysis should assist the firm in evaluating key causal factors across its audit portfolio and identifying appropriate actions. However, there is still more to do, and the RCA function needs to build on and embed the framework it has implemented in the past year.

Through the Single Quality Plan process the firm has continued to review its priorities, reaffirming the areas identified previously, but in addition recognising the need to improve its project management of audit planning and execution.

The step-change in the firm's commitment to and investment in audit quality has continued.

The step-change in the firm's commitment to, and investment in, audit quality that we highlighted in last year's public report has continued. However, given the inconsistent inspection results this year, it is important that the firm's leadership ensures that the full range of initiatives (and the people who support them) are fully embedded.

Further details are set out in section 4.

Firm's overall response and actions

Overview and introduction

BDO supports the FRC's purpose of serving the public interest by setting high standards of corporate governance, reporting and audit and by holding to account those responsible for delivering them. The Firm recognises and embraces the FRC's objectives of setting high audit quality standards, assessing their effectiveness and promoting a more resilient UK audit market.

Following last year's FRC Public Report the Firm put in place a comprehensive improvement programme in order to consistently deliver high-quality audits. The FRC and the Firm acknowledge that it will take time for the results of this programme to be fully seen. The Firm appreciates that section 1 of the report recognises that a step change has taken place in the Firm's investment in audit quality resources and audit quality initiatives through its transformative strategic Audit Quality Plan and embedding the Single Quality Plan (“SQP”). The Firm's strategy for the Audit Stream remains focused on controlled, sustainable growth, investment in resources and central audit quality infrastructure, embedding the System of Quality Management (“SOQM”) and the prioritisation of audit quality. The Firm's strategic objective of delivering consistently high-quality audits has been supported by:

Controlling both the pace and direction of growth with investment in additional capacity and capability, including 400 additional audit professionals and 18 additional lateral hire partners within the Audit Stream since the start of 2022.
Enhanced controls over what audit work is accepted and what is resigned from based upon centrally-led portfolio reviews and tender acceptance oversight.
£8m of additional investment to date in the central audit quality team, with further investment planned.
A 39% expansion in the Firm's Technology Risk Assurance function from 153 to 213 people since July 2022.

The Firm's strategic objective is also supported by the longer term measures of the development of its audit culture and audit specific behaviours framework and by the embedding of the SOQM. While the Firm has seen improvements since the last Public Report it knows that there remains further work to do. As highlighted by the FRC in Section 4, the Firm recognises the importance of embedding an appropriate culture within the Audit Stream; expected behaviours, focused on challenge and scepticism, need to be clearly articulated, promoted and recognised. The Firm is clear that actions must be underpinned by careful monitoring and evaluation to ensure they are effective and responsive to identified risks and causal factors.

While the Firm's inspection results show some improvement on the prior year, the Firm's Independent Non-Executives (“INEs”), Leadership Team, Audit Board and Audit Executive share the view of the FRC that the results of the inspections remain below the Firm's expectations; the Firm is disappointed that four of the audits inspected required either improvements or significant improvements. The Firm is encouraged that nine of the files inspected had no more than limited findings. The Firm also acknowledges that the FRC file inspection findings show recurring themes. The Firm and its Governance Bodies appreciate that recurring findings need to be urgently addressed.

The plans have been integrated into the SQP, which has been updated to ensure it is responsive to the issues noted by the FRC in their report, as detailed below. The engagement with the FRC and specifically the Supervisory team has been helpful and constructive in designing and implementing this programme, including prioritisation of actions.

Root Cause Analysis (“RCA”)

The Firm is pleased to note the FRC's observations on the steps taken to enhance its RCA function, while recognising that there is still more work to do to first to fully embed the newly developed framework and second to enable us to undertake a higher volume of RCA in order to achieve the full benefit of the programme.

RCA has been performed on all 13 engagements subject to inspection during this cycle. However, as key themes have recurred in multiple years, additional RCA needs to be performed. Having performed RCA under the new framework only on the findings of this inspection cycle, the RCA may not yet have identified all the relevant causal factors over recent years to allow the firm to target appropriate actions.

The following overarching causal factors have been identified in the current inspection cycle:

Specialists and experts: From a project management perspective, specialists and/or experts were not engaged at the appropriate time, or the specialists/experts and the engagement team did not work effectively together which led to their findings being misunderstood. Further, engagement teams did not effectively challenge specialists and experts due to insufficient knowledge in specialist areas. This was a key driver of findings relating to the audit of IT.
Auditors' mindset: In those engagements with adverse findings, audit teams did not demonstrate appropriate professional scepticism and challenge. There was a tendency to place over-reliance on other members of the team without challenging their view, or without confirming whether the evidence on the file reflected what had been verbally discussed. In some instances, over-reliance was placed on prior year approaches or audit work and in other instances, the auditors were uncomfortable with challenge due to a lack of confidence.
Engagement team composition and skillset: The engagement team composition or skillset/experience was not always appropriate to deliver a high-quality audit, particularly where there was a lack of continuity year on year, or within the same year.

A number of actions are currently in progress or planned under the SQP which will contribute to addressing these overarching causal factors; including training, templates and enhanced policies on engagement of specialists and experts; the Audit Stream's newly developed audit culture and audit specific behaviours framework; a new resource management tool, manager portfolio reviews and a new project management initiative. A further assessment of those plans will be undertaken to ensure the actions are fully responsive to the causal factors identified.

The Firm is alert to the emerging theme identified through its RCA in relation to sufficiency of RI and EQCR involvement as a factor in quality issues. This is being proactively managed through investment in additional partners and portfolio review processes.

Response to key areas for improvement

Below the Firm includes more detailed responses in relation to the five key finding areas highlighted in the FRC report. The Firm also acknowledges the thematic finding identified by the FRC in relation to IT and IT General Control ("ITGC”) related issues that link to three of the key finding areas (revenue, FS and journals). Actions already taken and in progress to address the IT and IT Control related thematic finding include:

A Digital Audit Methodology Director has been recruited to strengthen methodology, guidance and support for engagement teams in this area.
A detailed update and revision of the application guidance on IT risk identification, assessment and response to IT control deficiencies has been undertaken ahead of the 2023 year-end audit cycle.
The Firm has commenced a programme of communication and training on IT and IT Control related matters during 2023.

Audit of revenue

Root cause analysis identified inadequate project management as a key causal factor. Where insufficient time was allowed at the planning and completion stages, the audit teams were not able to stand back and appropriately perform a granular risk assessment, assess the sufficiency of the response to the identified risks, the quality of the evidence obtained and the sufficiency of the documentation. A skills gap was also identified in relation to the auditors' knowledge of the impact of ITGC deficiencies on the revenue approach.

The Firm has taken significant measures that seek to enhance the audit of revenue over the past 18 months. This includes the implementation of a new revenue methodology, mandatory training for the entire Audit Stream and the establishment of the Revenue Centre of Excellence to drive the adoption of controls-based and data-led auditing of revenue whilst providing coaching and consultation support to engagement teams and accelerating the development of additional guidance. Recognising the importance of project management, the Firm has recently established a programme to enhance project management both through its new project management initiative, 'Break the Cycle', and wider audit culture programme.

The auditors' knowledge of ITGC deficiency impacts is being addressed through the steps set out in relation to the IT thematic finding above. These measures will take time to have full effect.

On the FS engagements, insufficiently detailed methodology and a lack of standardised work programmes were identified as a key causal factor in certain areas, particularly in respect of IFRS 9 and IAS 39. In areas such as payment and settlement processes, detailed methodology did not exist at the time the audits took place but has subsequently been released.

On the non-FS engagements that contained FS related balances there was a lack of knowledge of the technical accounting requirements in IFRS 9 and IFRS 4. In some instances, audited entities lacked sufficiently detailed understanding of the accounting requirements and did not provide adequate information to support their technical accounting judgements. The audit of these balances was more difficult when engagement teams did not appropriately challenge management to provide better quality deliverables.

As recognised by the FRC, the Firm has taken key steps to strengthen its audit methodologies and guidance for engagement teams over the past 12 months, supported by training. As part of driving greater consistency in the quality of financial services audits, the Firm has established a specific Financial Services Quality Improvement Plan, focused on strengthening methodologies and guidance specific to the sector, further training programmes and additional investment in audit quality infrastructure in this area. Further development and embedding of the FS methodologies, including in relation to FS related balances in all entities and not just FS entities, remains a priority. As part of the methodology programme, the general FS methodology and additional sub-sector methodology will be integrated into the Audit Manual by the end of

This will be subject to further implementation effectiveness reviews and enhancements in 2024 and beyond to be responsive to the changing market.

Challenge and testing of estimates and assumptions

In areas of significant judgement, evidencing the extent of challenge on estimates and assumptions was not always prioritised leading to lack of clarity as to how the engagement team became satisfied with the evidence supporting their conclusion. In some cases, whilst the engagement team did challenge management, they did not sufficiently pursue the line of challenge, or suitably evidence their continued challenge. In several instances, the quality of information prepared by the audited entity was a contributory factor, making the appropriate challenge of judgments and estimates made by management more difficult to audit.

In order to support effective challenge by audit teams, it is key the Firm embeds the right culture within the Audit Stream, with expected behaviours focused on challenge and scepticism clearly articulated, promoted and recognised. A Head of People and Culture has been appointed who has joined the Audit Executive and is leading the Audit Stream's action plan in this area. This includes the recent launch of the Audit Stream's High Performing Teams and Audit Specific Behaviours programme, which focuses on a 'Challenge Mindset' as a core behaviour and building psychological safety to support continual challenge.

The Firm firmly believes that alongside the importance of an appropriate culture, the other key to enhancing the work performed over key areas of judgement, lies in the Firm's Professional Judgement Framework (“PJF”). The following additional actions are being implemented to build increased

Financial Reporting Council

The FRC does not accept any liability to any party for any loss, damage or costs however arising, whether directly or indirectly, whether in contract, tort or otherwise from action or decision taken (or not taken) as a result of any person relying on or otherwise using this document or arising from any omission from it. © The Financial Reporting Council Limited 2023 The Financial Reporting Council Limited is a company limited by guarantee. Registered in England number 2486368.

Footnotes

Challenge and testing of estimates and assumptions

A campaign in 2023 to re-launch the PJF to the Audit Stream and improve the level of application, commencing as part of Summer School 2023.
A programme of partner led coaching workshops focused on the challenge of management and the application of the PJF on audits.
Further embedding of the PJF into documentation aids, the Audit Manual, the audit tool content and training.

Audit testing over journals

The key causal factor for most findings in relation to the audit of journals was associated with the inappropriate identification and testing of the high-risk criteria journals. In some instances, the testing strategy was also not well defined nor discussed or agreed with senior members of the engagement team on a timely basis at the planning stage. Further, there was a lack of knowledge to assess the impact of ITGC deficiencies on the journals approach.

The Firm will undertake a review and enhance application guidance in this area and will then implement training of the revised guidance including, but not limited to, the appropriate audit response to ITGC deficiencies arising in an entity's control environment and all other findings raised during this inspection cycle and by the RCA. In turn, a thematic review of the effectiveness of the application guidance and training will be undertaken in 2024.

Quality Control Procedures

A lack of consistent understanding of the Engagement Quality Control Reviewer (“EQCR”) responsibilities which has led to inconsistent levels of involvement and approaches taken by certain EQCRs, has been identified as a causal factor. In some other instances, a lack of timely or proactive involvement was due to competing portfolio time commitments. In the case of files with adverse findings, there was often a narrow and high-level focus on reviewing, with insufficient inspection of underlying audit documentation which led to lack of challenge of the audit approach and work performed. Finally, due to a lack of consistent and prescribed way of documenting EQCR reviews, the evidence of the EQCR challenge is not easily retained as evidence in the audit file.

The Firm recognises the significant role that the EQCR has in terms of safeguarding audit quality and therefore recognises the matters highlighted and is focused on strengthening this role. Procedures over appointment and allocation of EQCRs have been strengthened.

The Audit Quality Improvement team have held roundtables with the EQCR population to establish clear expectations of the EQCR role particularly around the visible impact and challenge and to identify barriers to its effective performance.

Several actions are also in process to strengthen the linkage between the EQCR role and performance reviews, manage EQCR capacity through EQCR portfolio reviews, build consistency in expectations of the role and upskill the EQCR population.

Firm-wide areas

A number of firm-wide areas were also reviewed during the period – below is a summary of the actions undertaken to implement responses to the findings.

Relevant ethical requirements: Compliance with the FRC's Revised Ethical Standard 2019

The Firm enhanced its internal independence workbook, supported by guidance and communications, in relation to the documentation of the assessment of independence threats and safeguards before approving non-audit services in

The Firm will be undertaking an independence thematic review in 2023, which will include this workbook, to confirm the effectiveness of the actions taken.

Partner and staff matters, including recruitment, appraisals, remuneration, and promotion

The FRC identified three key findings in respect of their 2021 review of partner and staff matters. The Firm implemented comprehensive actions to address each of these findings in 2022, which are being further enhanced in 2023.

In respect of staff, actions taken in 2022, have included an improvement to the Firm's performance review process with a focus on audit quality, the introduction of non-financial recognition schemes, bonus schemes directly linked to audit quality, and strengthened internal processes to ensure consistency of how interviews are undertaken and evidenced. A new Partner and Director Audit Quality & Risk Assessment Framework was also implemented in 2022 to strengthen the linkage between audit quality and the impact on reward and progression outcomes.

Acceptance and continuance procedures for audits

The Firm is pleased to note that the FRC had no key findings in this area and that it noted improvements in the Firm's policies and processes since their last review. However, the Firm remains focused on continuous improvement in respect of acceptance and continuance as part of the SOQM.

Audit methodology (settlements and clearing processes for banks and building societies)

In the last quarter of 2022, the Firm introduced an initial payments process framework and ancillary guidance. The Firm acknowledges that further enhancements will be required to this initial framework and ancillary guidance and is committed to making the necessary amendments in the near future.

Conclusion

In summary, following the inspection results and public report last year, the Firm has put in place and made significant progress in its multi-year audit quality transformation programme. The level of investment has been significant, adding capacity and additional capabilities including within the central audit quality team. The Firm has also made significant progress in strengthening the controls over the audit portfolio. The complete impact of these measures will take a number of years to be fully reflected in the inspection results, but the Firm is confident they are already having an impact and are encouraged, without being complacent, by an upward trend in the grade profile. The Firm recognises the need to further improve inspection results and ensure that the recurring findings identified are addressed through the Firm's action plans. There remains much to do, and the Audit and Firm's leadership continues to regard this as the highest strategic priority. In the forthcoming year, the focus will be on embedding and monitoring the effectiveness of the investments made to date, making further investments where needed, and ensuring continuous improvement in the SOQM.

2. Review of individual audits

We set out below key areas where we believe improvements in audit quality are required. As well as findings on audits assessed as requiring improvements or significant improvements, where applicable, the key findings can include those on individual audits assessed as requiring limited improvements but are considered a key finding in this report due to the extent of occurrence across the audits we inspected.

Before we set out some key areas for improvement, we note the following important thematic matters, which the firm needs to action during the course of 2023/24:

Recurring key findings: All five of the key finding areas that we identified in this year's inspection cycle have recurred from the prior year and four (revenue, challenge of estimates and assumptions, testing of journals, quality control) have been recurring for more than one year.

Whilst there has been some improvement in the overall audit quality results, and the firm has undertaken certain quality actions during the year (further details are set out in section 1 and below), the level of recurring findings is unacceptable. The firm needs to: prioritise these five areas of audit weaknesses and assess the effectiveness of its own audit quality plan for these areas; and accelerate embedding the additional quality measures already introduced in the year, aimed at improving audit quality in these areas. * IT and IT control related issues within key finding areas: A number of deficiencies that were identified, including those which required more than limited improvement, related to the audit of IT and the approach for IT control related deficiencies, in the areas of revenue recognition, financial services audits and testing over journals in response to the risk of management override of controls.

The firm must take steps to ensure that audit teams sufficiently evaluate IT related deficiencies and appropriately assess the resulting impact on the audit approach. The firm should continue to evaluate and assess the root cause of these findings and ensure that planned actions are responsive to findings identified and ensure that it takes appropriate actions to address these deficiencies.

All five of the key findings areas that we identified have recurred from the prior year, and four have been recurring for more than one year.

A number of deficiencies that were identified related to the audit of IT and approach for IT related control deficiencies.

Urgently address the continuing deficiencies in the quality of the firm's audit of revenue

Revenue is a key driver of operating results for many entities and is often identified as a key performance indicator for investors and other users of the financial statements around the growth and future prospects of companies.

Revenue recognition can be more susceptible to management bias or error and auditors are expected to evaluate and address the related risks and obtain sufficient appropriate audit evidence over revenue recognised.

Key findings have been raised in relation to the firm's audit of revenue in our last five quality inspection cycles, including this year.

Last year we reported that the firm needed to take urgent action to address continuing deficiencies in the audit work on revenue. In particular, this was in the areas of long-term contracts, including inadequate challenge of significant judgements to support the revenue and profit recognised and in the substantive procedures performed not adequately addressing the risks over occurrence and accuracy of revenue.

Key findings

We continue to identify significant findings requiring more than limited improvements in relation to the audit of revenue in the current year's inspection cycle, although we have seen some improvement.

We reviewed the audit of revenue on the majority of audits inspected and identified weaknesses on five audits, of which three were assessed as requiring improvements or significant improvements:

Revenue recognition for financial services audits: On one audit, the audit team's overall audit approach and testing of revenue recognition was inadequate such that the risk of an undetected material misstatement remained unacceptably high. On this audit, the audit team did not obtain independent third-party evidence to corroborate the accuracy of data used in substantive testing performed. On another audit, the audit team performed insufficient procedures and obtained insufficient evidence to support its conclusion over certain aspects of the audit of the effective interest rate.
Revenue recognition: On one audit, there was insufficient evidence supporting audit evaluation of the reconciliation differences identified in the data analytical procedures to conclude that there was no risk of misstatement. In addition, insufficient procedures were performed over data used in the data analytics procedures to test the completeness and accuracy of revenue recognised.
Audit of IT and general IT controls for revenue: On one audit, we identified weaknesses associated with aspects of the work over the audit of IT and general IT controls for revenue. Bespoke analytic code used by the firm's IT specialists to recalculate revenue was not retained on the audit file; limited evidence that the test of transactions performed was sufficient to conclude on the completeness and accuracy of data flows for revenue transactions; and the group audit team did not sufficiently evidence its oversight, evaluation and challenge of certain procedures performed by the component audit team on a significant revenue stream impacted by IT.
Accrued income: Sufficient and appropriate evidence was not obtained to corroborate the accrued income recognised, on one audit.

We continue to identify significant findings requiring more than limited improvements in relation to the audit of revenue, although we have seen some improvement.

The firm has taken steps to improve its audit guidance and revenue methodology and established a Revenue Centre of Excellence focusing on control based audit approaches. We also identified some good practice in revenue planning procedures on two audits, indicating inconsistency across the audits we reviewed. The firm must continue to take prompt action to understand the root causes of the deficiencies identified above and ensure the firm's audit quality plan is evaluated to ensure that planned actions are responsive to these findings.

The firm must also continue to consider why the firm's quality control review processes are not significantly improving audit quality in this area. As we reported in the prior year, resulting actions must be given the highest priority.

Financial services audits, including financial services providers and insurance entities, have specialist areas involving high volumes of transactions, significant management judgement and estimation uncertainty in complex areas. These all require a high level of sector audit expertise.

Settlement, clearing and payments processes and the resultant reconciliations represent a core area for financial services entities. Auditors are expected to understand the overall process, including the IT and manual control environment, and perform sufficient and appropriate substantive testing. Auditors are expected to design and perform procedures, tailored to the audited entity's risks and business, to obtain sufficient, appropriate audit evidence to ensure that there is no material misstatement in the recording of transactions, particularly over revenue.

Key findings: Financial services providers

We inspected the audits of four financial services providers in this inspection cycle, with one assessed as requiring improvements and one requiring significant improvements. We identified the following deficiencies:

Audit of general IT controls and approach for IT control related deficiencies: On one audit, significant deficiencies were identified in the firm's specialist team's testing of general IT controls, and the audit team's overall assessment and response to the privileged user access risk identified. There was an inadequate audit response to the identified risk of material misstatement.
Revenue recognition: As detailed in the revenue section above, deficiencies were identified over the audit team's overall audit approach and testing of revenue recognition on one financial services audit and certain aspects of the audit of the effective interest rate on another financial services audit.
Payment and settlement process: On one of the above audits, the audit team failed to demonstrate its understanding of the overall payment and settlement process; the appropriateness of system rules to ensure funds were allocated and tagged appropriately. The audit team's testing was inadequate such that the risk of an undetected material misstatement remained unacceptably high. On another audit, insufficient procedures were performed and insufficient evidence was retained to demonstrate the audit team's testing over the payments process.
Quality control review procedures: As can be seen in the quality control section below, deficiencies in quality control procedures were identified on three financial services audits.
Impairment losses on loans and advances and loan loss provisioning: On one audit, the audit team performed insufficient procedures and obtained insufficient evidence over the appropriateness of the impairment provision. On another audit, insufficient procedures were performed for loan loss provisioning and there was inadequate evidence of certain aspects of the assessment and approach to the expected credit loss.
Financial instruments: On two audits, the audit team did not sufficiently evidence the final scope, work performed, and conclusions reached from an internal valuation expert over the fair value of derivative financial instruments. Insufficient evidence was obtained over aspects of the work performed over the valuation of level 3 investments, on a further audit.
Technical provisions: On one audit there were instances of insufficient challenge of aspects of the work undertaken by the audit team's actuarial experts.

We continue to identify deficiencies on the audit of financial services. One out of four audits inspected was assessed as requiring improvements and one requiring significant improvements.

Financial services-related balances (e.g. loan valuation and related impairment provisions and investments) may involve significant assumptions, judgement and estimation uncertainty. Audit teams should consider the complexity and subjectivity of management's judgements and perform appropriate procedures commensurate with and sufficiently responsive to the associated risks.

We identified deficiencies on two audits, including one audit assessed as requiring significant improvement.

Loan, advances and guarantees: On one audit, the audit approach and testing performed provided no evidence to support the material accuracy of the accounting for the loan, advances and guarantees to a related entity and whether the expected credit loss provision required a material increase; the interest rate on the loan was materially off-market; and the financial guarantee contract was material for recognition or disclosure.
Provisions: On one audit, we identified deficiencies in the area of valuation of provisions. There was no evidence that the firm's actuarial experts were sufficiently engaged to conclude on a valuation. There was inadequate evaluation of whether management's expert report provided sufficient appropriate evidence and there was no evidence of direct testing over the information provided by management to their expert to be able to conclude on the integrity of that data. There was no evidence that the audit team considered certain disclosure requirements.

The firm's guidance and methodology has been updated in this inspection cycle, including enhancements for financial instruments (IFRS 9), fair value measurement (IFRS 13) and payments and settlements, albeit not in time to make any impact on the audits we inspected in the year. Notwithstanding this, urgent and comprehensive action is required from the firm on specialised audits to address our concerns. This needs to include an update to the firm's overall financial services guidance and methodology, as detailed in section 3.

Prioritise improvements in the challenge and testing of estimates and assumptions in key areas of judgement

The risk of bias in key management judgements means that auditors need to provide an appropriate level of challenge when assessing the reasonableness of management's estimates and assumptions.

Estimates are inherently subjective. A relatively small change in the key assumptions could result in a material impact to financial statement balances. Auditors should therefore assess and challenge the reasonableness of the key assumptions.

Last year, for the third year in succession, we reported that the firm should take action on a range of issues, including scepticism, challenge and testing of estimates and assumptions. We continue to identify findings in this area. Whilst the firm has taken certain actions in response to these previous findings, it must now prioritise an assessment of what further actions are required to address these continuing deficiencies to eradicate such findings.

Key findings

We identified weaknesses on seven audits, of which two were assessed as requiring more than limited improvements. This year, findings related to work performed over the valuation of provisions and inventory, impairment assessment of non-financial assets, defined benefit pension asset balances and deferred tax recoverability.

Provisions: On one audit, the audit team obtained insufficient evidence to assess the appropriateness of management's discount rates and therefore to conclude that the provisions were not materially misstated. Despite the risks, there was a lack of consultation with valuation specialists on the appropriateness of management's discount rate methodology.
Impairment assessments of non-financial assets: On three audits, there was a lack of challenge over management's determination of the carrying value of each cash generating unit, and insufficient procedures to corroborate and challenge certain assumptions in management's cash flow forecasts.
Inventory: On two audits, the audit team did not obtain sufficient appropriate evidence over inventory valuation and overhead costs absorbed into inventory.
Defined benefit pension asset balances: On two audits, the audit team did not obtain sufficient appropriate evidence over the accuracy of pension surplus adjustments and the valuation of certain pension assets.
Deferred tax asset recoverability: On one audit, there was insufficient evidence of challenge over aspects of the judgements and conclusions made.

We continue to identify weaknesses on audits in the firm's testing of estimates and assumptions in key areas of judgement.

Urgently improve the audit testing over journals in response to the risk of management override of controls

Journals are an area of high risk of fraud and management override of controls. Auditors are expected to perform appropriate testing of journals as one of the key audit procedures to respond to the risk of management override.

Last year we reported that the firm should improve its auditing of journals, which followed findings raised in relation to the testing of journals in the previous quality inspection cycle.

Key findings

This year we reviewed the audit team's testing of journals in response to the risk of management override on nine of the audits inspected and we identified findings on four audits, of which two were assessed as requiring more than limited improvements:

Overall audit approach and testing to journal entries: On one audit, the audit team's overall audit approach and testing performed over journal entries was inappropriate such that a risk of misstatement remained unacceptably high as its corroboration of all high-risk journals identified was inadequate (for example, corroboration, where possible, to external evidence).
Response to the risk of management override of controls and an IT control deficiency: On one audit, the audit team did not perform sufficient procedures to respond to the risk of management override of controls, including: a lack of an adequate response to an IT control deficiency and its related risks, a lack of sufficient procedures over journal entries and insufficient audit evidence obtained to conclude that the credit entry journals contained no indications of fraud involving management override of controls.
Assessment of completeness of journals and accuracy of journal listing data: On two audits, there was inadequate assessment of the completeness of a journal population, including a lack of assessment of data integrity risks arising from identified IT deficiencies. On the same two audits there was a lack of sufficient audit procedures performed over the information provided by the entity to ensure that certain data elements within the journal listings were accurate and could be relied upon.
Journal selection criteria: There was inadequate justification of the appropriateness of selection criteria used for journal entry testing, on one audit.

We reviewed the testing of journals in response to the risk of management override on nine audits and identified findings on four of them.

Deficiencies in the audit procedures performed over journals in response to the risk of management override of controls is a recurring issue and, whilst the firm has taken certain actions in response to our previous findings, it must urgently develop further actions to address continuing deficiencies.

Urgently improve the firm's audit quality control procedures

Auditing Standards require the appointment of an audit partner and an Engagement Quality Control Reviewer (EQCR). The audit partner is responsible for the overall quality of the audit, including direction, supervision and review of the audit work performed by the audit team. The EQCR is a suitably qualified person, with sufficient and appropriate experience and authority to evaluate objectively the significant judgements made and the conclusions reached in formulating the auditor's report. Deficiencies in audit evidence should be detected by these quality control procedures, so that they can be remedied before the audit report is signed.

In the previous two inspection cycles, we identified issues with aspects of the firm's quality control procedures as there were instances of key findings that we identified indicating that the audit partner and EQCR's quality control and review procedures were not effective in ensuring that the audit work was sufficient or fully supported the conclusions reached.

Key findings

This year, we continued to identify deficiencies in audit quality control on four audits, of which three were assessed as requiring improvement or significant improvement.

We continue to identify deficiencies in audit quality control on four audits, of which three were assessed as requiring improvements or significant improvements.

The firm must take robust action to ensure that its quality control and engagement quality control procedures are effective in providing robust internal quality challenge and detecting any instances where the conclusion is not supported by the audit procedures or a lack of scepticism or challenge. The firm must also ensure that audit teams demonstrate sufficient evidence of the EQCR's involvement and challenge of the audit team and their conclusions.

Good practice

We identified examples of good practice in the audits we reviewed, including the following:

Risk assessment and planning

The risk assessment and planning phase of an audit is important to ensure a timely and appropriate risk assessment, enabling the audit team to tailor an effective audit approach responding to those risks.

Fraud risk assessment: On three audits, the audit team involved its forensic specialists as part of its fraud risk assessment; this provided additional insights into potential fraud risk factors and supported the audit team's planning process and audit strategy for those areas impacted by fraud risks.
Revenue recognition planning procedures: On two audits, the audit team obtained a good understanding over the revenue transaction process, revenue streams or revenue contracts enabling the team to set a detailed revenue audit strategy with appropriate procedures.

Execution

The execution of an audit plan needs to be individually tailored to the facts and circumstances of the audit.

Challenge of management: We observed several examples of well-evidenced and robust challenges of management across the audits inspected. These included, across four audits, the areas of defined benefit pension obligations, payment and settlement process on a financial services audit, impairment assessment of non-financial assets and fair value adjustments in acquisition accounting.
Going concern – climate change assessment: On one audit, the audit team performed a robust analysis of the potential impact of climate change on the financial statements. This included analysing physical threats and obtaining corroborative independent evidence for the risk of climate change disrupting the supply chain in the next ten years.
Use of specialists and consultations: We saw effective involvement of audit team specialists on one audit, in relation to impairment and acquisition accounting which supported good challenge of management's valuation experts. On another audit we observed the audit team consulting with the firm's internal technical team over the accounting treatment of surplus pension assets which supported robust challenge of the accounting treatment adopted.
Group oversight: On one audit, there was good engagement between the group audit team and component auditors and on another audit, the audit team performed additional procedures over certain balances audited by component auditors, including investment properties and bank accounts.

Completion and reporting

The completion and reporting phase of an audit is an opportunity to stand back and assess the level of work performed against the audit plan and ensure that the reporting of the outcome of the audit is appropriate and timely.

Communication with the Audit Committee: On one audit, the Audit Committee reporting clearly demonstrated the challenges faced by the audit team across various areas and how they were addressed

Good practice examples included fraud risk assessment and robust challenge of management.

Monitoring review by the Quality Assurance Department of ICAEW

The firm is subject to independent monitoring by ICAEW. ICAEW undertakes its reviews under delegation from the FRC as the Competent Authority. ICAEW reviews audits outside the FRC's population of retained audits, and accordingly its work covers private companies, smaller AIM listed companies, charities and pension schemes. ICAEW does not undertake work on the firm's firm-wide controls as it places reliance on the work performed by the FRC, except for review of continuing professional development (CPD) records for a sample of the firm's staff involved in audit work within ICAEW remit.

ICAEW reviews are designed to form an overall view of the quality of the audit. ICAEW assesses these audits as 'good', 'generally acceptable', 'improvement required' or 'significant improvement required'. Files are selected to cover a broad cross-section of entities audited by the firm and the selection is focused towards higher risk and potentially complex audits within the scope of ICAEW review.

ICAEW has completed its 2022 monitoring review and the report summarising the audit file review findings and any follow up action proposed by the firm will be considered by ICAEW's Audit Registration Committee in July 2023.

Summary

Overall, the audit work continues to be of a generally good standard. Of ICAEW's standard engagement reviews, nine files were graded good or generally acceptable, and one file required improvement. The grading profile is similar to the previous visit, when ICAEW graded eight files good or generally acceptable and two files required improvement.

In the file that required improvement, more evidence was needed to test aspects of contract accounting.

As part of routine ICAEW focused follow-up of more significant matters arising at the previous visit, the actions taken in relation to one audit were not wholly effective. Despite some progress this audit still required improvement.

Results

Results of ICAEW's reviews for the last three years are set out below.

90% of the ICAEW reviews were assessed as either good or generally acceptable.

Bar chart showing ICAEW audit review outcomes from 2020 to

For 2020, 8 audits were 'Good / generally acceptable' and 2 were 'Improvement required'. For 2021, there were no findings. For 2022, 9 audits were 'Good / generally acceptable' and 1 was 'Improvement required'.

graph TD
    A[ICAEW] --&gt; B(2020)
    A --&gt; C(2021)
    A --&gt; D(2022)

    B -- Good / generally acceptable (8) --&gt; BG
    B -- Improvement required (2) --&gt; BI

    C -- No findings --&gt; CG

    D -- Good / generally acceptable (9) --&gt; DG
    D -- Improvement required (1) --&gt; DI

    classDef default fill:#fff,stroke:#333,stroke-width:2px;
    classDef good fill:#aaddaa;
    classDef improvement fill:#ffffaa;
    classDef significant fill:#ffaaaa;

Given the sample size, changes from one year to the next in the proportion of audits falling within each category cannot be relied upon to provide a complete picture of a firm's performance or overall change in audit quality.

Good practice

ICAEW identified good practice across all but one of the files reviewed. These included:

The approach to risk assessment and consideration of fraud, including evaluation of IT controls work and testing of manual journal entries.
Good documentation of the team's ISA 600 procedures on a group audit, including clear scoping of the audit and review of the component auditors' work papers.
Clearly documented consideration of market data when evaluating estimations made by management's experts relating to investment properties.

This bar chart illustrates audit quality ratings for 2020 and 2022.

In 2020: - Significant improvement required: 2 (approx. 20%) - Good / generally acceptable: 8 (approx. 80%)

In 2021: (No data bars displayed, implying no audits reviewed or no rating provided for this year)

In 2022: - Improvement required: 1 (approx. 10%) - Good / generally acceptable: 9 (approx. 90%)

Good practice

ICAEW identified good practice across all but one of the files reviewed. These included:

The approach to risk assessment and consideration of fraud, including evaluation of IT controls work and testing of manual journal entries.
Good documentation of the team's ISA 600 procedures on a group audit, including clear scoping of the audit and review of the component auditors' work papers.
Clearly documented consideration of market data when evaluating estimations made by management's experts relating to investment properties.

3. Review of firm-wide procedures

We reviewed firm-wide procedures, based on those areas set out in ISQC (UK) 1, on an annual basis in certain areas, and on a three-year rotational basis in others.

In this section, we set out the key findings and good practice we identified in our review of the four areas of the firm's quality control procedures, which we reviewed this year under our three-year rotational testing. We performed the majority of our review based on the policies and procedures the firm had in place on 31 March 2022.

Matters arising from our review of the quality control procedures assessed on an annual basis are included, where applicable, in section 4.

The table below sets out the areas that we have covered this year and in the previous two years:

| Annual | Current year 2022/23

Annual	Current year 2022/23	Previous year 2021/22	Year before 2020/21
All Firms
Systems of quality management / Quality control procedures (ISQM (UK) 1 & ISQC 1)	x	x	x
Firm governance and leadership	x	x	x
Ethical requirements	x	x	x
Client acceptance and continuance	x	x	x
Engagement performance – direction, supervision, and review	x	x	x
Monitoring and remediation	x	x	x
Resources (including human resources)	x	x	x
Rotation of areas reviewed over three years
Risk assessment (ISQM (UK) 1 and ISA (UK) 315)	x
Group audits (ISA (UK) 600)		x
Related parties (ISA (UK) 550)			x
Use of internal audit (ISA (UK) 610)			x
Materiality (ISA (UK) 320)		x
Specialist advice		x
Reporting (ISA (UK) 700 / 701)	x
Engagement quality control review (ISQM (UK) 2)	x

Emerging themes: The lack of RI and EQCR involvement caused by the competing demands across a portfolio of work can impact positive quality outcomes. Similarly, RIs being too drawn into the detail of the audit, to compensate for experience gaps, can impair the RIs ability to perform an effective review and appropriately challenge the team which can also impact positive quality outcomes. This is a difficult balance, and the firm must give due attention to ensuring their RIs and EQCRs have the support to deliver against the firm’s expectation of their role.

We will continue to assess the firm’s RCA process as a crucial part of the feedback loop within ISQM (UK) 1 as well as part of our holding the firm to account. We encourage all firms to develop their RCA techniques further as well as focus on measuring the effectiveness of the actions taken as a result through the SQP.

PIE auditor registration

Background

The FRC is now responsible for the registration of all firms which carry out statutory audit work on public interest entities (PIEs). This registration is in addition to the ongoing requirement for firms and Responsible Individuals (RIs) ⁸ to register with their Recognised Supervisory Body (RSB). The FRC’s PIE auditor registration remit covers all firms and relevant RIs which audit one or more PIEs which includes: UK-incorporated entities listed on the London Stock Exchange (or on another UK-regulated market); a UK registered bank, building society or other credit institution (but not credit unions or friendly societies); or are a UK insurance entity which is required to comply with the Solvency II regulations.

All firms and RIs carrying out statutory audit work on PIEs were required to register with the FRC by 5 December 2022 under a set of transitional provisions. Thereafter, any firm that plans to take on a PIE audit, or remain auditor to an entity that is to become a PIE (for example, if it obtains a listing on the London Stock Exchange), together with relevant RIs, must register with the FRC before undertaking any PIE audit work.

Where appropriate, firms and / or RIs can be held to account through conditions, undertakings and suspension or involuntary removal of registration, adding to our activities focused on holding firms to account. Measures used through the PIE auditor registration process are not always published.

Observations

On 5 December 2022, BDO LLP’s transitional application for registration as a PIE auditor was approved and, as at 31 March 2023, 71 RIs at the firm had been approved. The following diagram shows the number of PIE and non-PIE RIs as a percentage of the total RIs at BDO.

BDO LLP

A pie chart showing the distribution of PIE and non-PIE RIs at BDO. 56% are "PIE and non PIE" and 44% are "non PIE".

Other activities focused on holding firms to account

Background

Our forward-looking supervisory approach includes a number of other activities designed to hold firms to account. We have carried out certain procedures during the year to consider tone at the top, the contents of the Transparency Report and the firm's responsiveness to feedback and where relevant to constructive engagement and non-financial sanctions.

During the year we undertook increased supervisory activities on this firm including increasing the number of audits inspected, challenging and reviewing action plans, ongoing monitoring of the development of central infrastructure functions, and assessing the effectiveness of oversight of audit quality.

Observations

We assessed the following:

Constructive engagement and other follow up actions: Where we have engaged on constructive engagement cases throughout the period, the firm has taken the additional actions to strengthen policies, procedures, and training (aimed at preventing future recurrence of findings) where steps were not already being taken under their audit quality transformation programme.
Controlling audit risk at a portfolio level: We continue to challenge the firm on the measures it has taken to control the risk in its audit portfolio. In our assessment there is now better alignment with resourcing, sector specialisms, and there is ongoing consideration of complexity and portfolio fit.
Oversight of audit quality: The firm has developed an Audit Quality Reporting Pack which provides a comprehensive and critical view across a broad range of audit quality measures. Relevant content and improved information flows have enabled the Audit Board to provide well-informed challenge and discharge its remit. It is essential that those charged with governance continue to receive appropriate timely information flows.
Financial services: The firm has plans in place to enhance its financial services related methodologies adding policy guidance on areas not previously covered and supplementary content, and to bring this together on a single platform. The firm must deliver on this in 2023 and ensure that the content is up-to-date, accessible, and used by the audit teams.
IQM: The firm has sought to strengthen its IQM function and IQM process in response to last year's Public Report. In particular, BDO has sought to build reviewer experience, add more challenge, and better capture the breadth of its thinking and findings on significant risks. The firm must continue to apply this rigour alongside the more risk-based focus of the selection process it implemented in the previous year. We note that the results of BDO's IQM this year are more aligned to the FRC's own assessments. It is important that in the next period that there is evidence that the depth and challenge of IQM reviews are positively impacting continuous improvement.

Culture and conduct

Background

The firm's culture has a significant impact on audit quality and the speed at which audit quality is improved. Firms that have more advanced cultural programmes, where desired audit specific behaviours are promoted through their wider policies and procedures (in particular training and coaching, performance management and reward and recognition), typically have better or improving audit quality. Reported instances of integrity issues or misconduct matters have a significant impact on trust and confidence in the profession. Ethical conduct must therefore be an intrinsic part of all firms’ cultural programmes and the profession must strive to maintain a culture of integrity in which the highest standards of ethical values and professional behaviour are upheld.

Observations

We assessed the following:

Audit culture: The firm has recognised the important role culture plays in delivering challenge and audit quality in line with the public interest purpose and are adopting a framework and behaviours to drive this forward. The firm has a range of planned initiatives and communication to support the implementation and must roll these out over the coming months. Given these initiatives are in their early stages, the firm must continually monitor the effectiveness to ensure that they drive the necessary outcomes.
Ethical conduct: We have seen examples of misconduct including exam cheating and breaches of integrity at certain firms that impact the reputation of the profession as a whole. All firms need to ensure that their culture promotes individuals to operate to the highest ethical standards in order to maintain public confidence and trust.

Initiatives to ensure compliance with the FRC's Revised Ethical Standard

Background

During 2022, we held biannual meetings with the Ethics Partner, undertook compliance testing and reviewed the firm's biannual reporting of identified breaches. The specific findings from this work are detailed in section

However, we have the following, additional observations on the steps being taken to comply with the FRC's Revised Ethical Standard going forward.

Observations

We assessed the following:

Assessment of threats and safeguards: The firm has made improvements to its assessments of threats and safeguards, including revisions to the independence workbooks used. The firm has recognised that further enhancements could prove beneficial and therefore is undertaking a thematic review of completed independence workbooks in 2023 to inform future improvements to its procedures.

Appendix

Firm's internal quality monitoring

This appendix sets out information prepared by the firm relating to its internal quality monitoring for individual audit engagements. We consider that publication of these results provides a fuller understanding of quality monitoring in addition to our regulatory inspections, but we have not verified the accuracy or appropriateness of these results.

The appendix should be read in conjunction with the firm’s Transparency Report for 2022 and the firm’s report to be published in 2023 which provide further detail of the firm’s internal quality monitoring approach and results, and the firm’s wider system of quality control.

Due to differences in how inspections are performed and rated, the results of the firm’s internal quality monitoring may differ from those of external regulatory inspections and should not be treated as being directly comparable to the results of other firms.

Results of internal quality monitoring

The results of the firm’s most recent Audit Quality Assurance Review (AQAR), which comprised internal inspections of 96 individual completed audits are set out below, along with the results for the previous two years. Of these audits, 24 were for periods ending between 31 August 2020 and 31 December 2020, 67 for periods ending up to 31 December 2021 and 5 for periods ending up to 30 June 2022. For the 2021 AQAR and subsequent periods, the grading system was updated to a 1-4 grading from a 1-3 grading to reflect the regulator grading systems. This meant that the previous grade 1 (good with limited improvements required) was split into grade 1 (good) and grade 2 (acceptable, with limited improvements required), grade 2 (improvements required) became grade 3 and grade 3 (significant improvement required) became grade

For consistency, grade 1 and grade 2 continue to be combined in the graph below.

A bar chart showing the breakdown of audit grading categories for 2020, 2021, and 2022.

2020: * Good and Acceptable with limited improvements: 69% * Improvements required: 19% * Significant improvements required: 12%

2021: * Good and Acceptable with limited improvements: 72% * Improvements required: 16% * Significant improvements required: 12%

2022: * Good and Acceptable with limited improvements: 67% * Improvements required: 16% * Significant improvements required: 17%

The grading categories used in the graph above are as follows:

1 – Good: This grade covers audits where there are no identified key findings and other findings are limited in number.
2 - Acceptable, with limited improvements required: This grade covers audits where any key findings are limited both in significance and in number.
3 – Improvements required: Generally, an audit is graded 3 where there are a number of key findings relating to a flawed audit approach leading to weaknesses in the audit evidence obtained, there are omissions/errors in the documentation of the audit evidence and/or the significant judgments reached in significant risk areas, or where there are some concerns in relation to the appropriateness of one or more significant audit judgements, the impact of which is unlikely to be material.
4 – Significant improvements required: Audits are graded 4 where the audit procedures planned or audit evidence obtained did not provide reasonable assurance that no undetected material misstatements, individually or collectively, in the financial statements were present; or there are significant concerns in relation to the appropriateness of one or more significant audit judgements, the impact of which is likely to be material.

Firm's approach to internal quality monitoring

The firm’s internal inspection programme considers the full population of audits performed.

The AQAR covers each Responsible Individual (RI) at least once every two years ensuring that an average of 60% of RIs are reviewed in any one year. The sample of audits selected for review is weighted to ensure that an appropriate number of public interest entities are included. The AQAR reviews of FRC in-scope audits are designed around the FRC focus areas, are completed by the firm’s central AQAR team and are overseen by the AQAR partner and, from 2022, were additionally moderated by the Head of Audit Quality Improvement. Audits that are not within the FRC’s remit (Non-FRC in-scope) are peer reviewed by individuals in the audit stream under the guidance of a review team leader (an audit partner) and are moderated by the AQAR partner. The central AQAR team provide all review team members with training and guidance for performing the AQAR reviews. During 2022 all AQAR reviews continued to be performed remotely.

Audit teams are required to put in place an action plan to respond to all AQAR key findings raised. For all audits graded 4, and for FRC in-scope audits receiving a grade 3, a follow up review of those actions is performed. All RIs receiving a grade 4 are required to put in place a personal action plan which is agreed with the firm’s Head of Audit Quality & Risk.

The firm has set up a new Root Cause Analysis (RCA) team that has developed a new RCA programme that includes RCA at an engagement level and at a System of Quality Management level. This programme is being implemented in stages to ensure that it is appropriately embedded. Based on this new framework and once it is fully embedded, the firm will perform RCA at an engagement level on all audits graded 4 by AQAR, several audits graded 3 by AQAR, and some with no or minimal findings (1 and 2 graded).

As a result of RCA findings, remedial actions for systemic findings are developed at either the engagement and/or the Audit Stream level. Once actions have been designed, an owner identified and a deadline to complete the action agreed, these are added to the Single Quality Plan.

Internal quality monitoring themes arising

During 2022 the focus of AQAR reviews continued to be aligned to the most significant audit quality risk areas we had identified in the firm’s AQP; the audit of revenue, going concern, challenge of management and fraud. In comparison to 2021 there was a reduction in the number of findings in all four areas. The firm continued to see key themes where there were unidentified errors and omissions in financial statements, some of which have required prior year adjustments, and weaknesses in the documentation of the audit approach taken, the evidence obtained and/or the conclusions reached. New themes this year have included matters related to the audit of tax, the audit of inventory and group audits.

Financial Reporting Council 8th Floor 125 London Wall London EC2Y 5AS

+44 (0)20 7492 2300 www.frc.org.uk

Public Interest Entity: in the UK, PIEs are defined in Section 494A of the Companies Act 2006 and in Regulation 2 of The Statutory Auditors and Third Country Auditors Regulations 2016. ↩
The seven Tier 1 firms in 2022/23 were: BDO LLP, Deloitte LLP, Ernst & Young LLP, Grant Thornton UK LLP, KPMG LLP, Mazars LLP, PricewaterhouseCoopers LLP. We have published a separate report for each of these seven firms along with a cross-firm overview report. ↩
Source – the ICAEW's 2023 QAD report on the firm. ↩
Source – the FRC's analysis of the firm's PIE audits and other audits included within AQR scope as of 31 December 2022. ↩
Source – the FRC's 2021, 2022 and 2023 editions of Key Facts and Trends in the Accountancy Profession. ↩
Excludes the inspection of local audits. ↩
The FRC's inspections of Major Local Audits are published in a separate annual report. The October 2022 report can be found here. ↩
Defined as a natural person who is a Principal or employee (but not a subcontractor or a consultant) of a Statutory Audit Firm and is registered with an RSB as a Statutory Auditor. ↩

BDO LLP Audit Quality Inspection and Supervision Report 2023

File

Is this page useful?