The content on this page has been converted from PDF to HTML format using an artificial intelligence (AI) tool as part of our ongoing efforts to improve accessibility and usability of our publications. Note:
- No human verification has been conducted of the converted content.
- While we strive for accuracy errors or omissions may exist.
- This content is provided for informational purposes only and should not be relied upon as a definitive or authoritative source.
- For the official and verified version of the publication, refer to the original PDF document.
If you identify any inaccuracies or have concerns about the content, please contact us at [email protected].
FRC response to NAO consultation on the draft Code of Audit Practice
Future of Local Audit Team National Audit Office Yellow 5 157-197 Buckingham Palace Road Victoria London SW1W 9SP
27 October 2014
Dear Sir
Consultation Document – Code of Audit Practice (Draft)
The Financial Reporting Council (FRC) welcomes the opportunity to respond to the consultation on the draft Code of Audit Practice. We currently undertake inspections of auditors of local authority and health bodies on a contractual basis for the Audit Commission, covering both the financial statement and value-for-money audits. Under the Local Authority and Accountability Act 2014 we will be required to inspect those auditors that undertake the largest of these audits.
We support the proposal to produce a single Code of Audit Practice for the audit of the different types of local public bodies covered by the responsibilities of the Comptroller and Auditor General. The principles of audit should be consistent for all the types of audited body that need to be covered. To the extent that statutory requirements may lead to different specific auditor reporting, or other, responsibilities, it should be possible to address these in the related detailed guidance to auditors.
We agree that, as currently, the Code should be struck at a principles based level. We consider it important that, as proposed, the draft Code maintains the existing requirements that auditors should comply with the ethical standards issued by the FRC and, for the purpose of the audit of annual accounts, the auditing standards and any other relevant guidance issued by the FRC. However, given that the Code is struck at a fairly high principles based level, we note that the NAO expects that the auditor's application of the contents of the Code will be influenced by their professional judgement of what is reasonable and appropriate, reflecting the circumstances at individual local public bodies. For those activities for which FRC has not produced standards (e.g. the auditor's work on value-for-money arrangements and smaller authority assurance engagements), we believe the detailed guidance to be provided by the NAO will be important as a basis for driving consistent high quality work.
We are generally supportive of the principles set out in the draft Code. We attach some comments on specific matters relating to chapters 1, 2, 4 and the Glossary.
Yours faithfully
Nick Land Director of the FRC and Chairman of the FRC’s Audit & Assurance Council
8th Floor, 125 London Wall, London EC2Y 5AS Tel: +44 (0)20 7492 2300 Fax: +44 (0)20 7492 2399 www.frc.org.uk The Financial Reporting Council Limited is a company limited by guarantee. Registered in England number 2486368. Registered office: as above. (Please note our new address)
Enquiries in relation to this letter should be directed to Marek Grabowski, Director of Audit Policy. DDI: 020 7492 2325 Email: [email protected]
About the FRC
The Financial Reporting Council is the UK's independent regulator responsible for promoting high quality corporate governance and reporting to foster investment. We promote high standards of corporate governance through the UK Corporate Governance Code. We set standards for corporate reporting and actuarial practice and monitor and enforce accounting and auditing standards. We also oversee the regulatory activities of the actuarial profession and the professional accountancy bodies and operate independent disciplinary arrangements for public interest cases involving accountants and actuaries.
Attachment
Comments on specific aspects of the draft Code of Audit Practice
Chapter 1 - Status of the Code, application and general principles
Integrity, objectivity and independence
The first sentence for paragraph 1.8 should be amended to be clearer as to the current structure of the ethical framework (the professional bodies do not set ethical 'standards'). We suggest:
"The auditor should in accordance with the ethical framework applicable to auditors, including the ethical standards for auditors set by the Financial Reporting Council and any additional requirements set out by the auditor's recognised supervisory body ...."
Professionalism and proportionality
In paragraphs 1.10 and 1.11, the words “where appropriate” should be replaced with “where applicable" to avoid giving the impression a judgement based decision can be made when actually there is a requirement.
In paragraph 1.10, we recommend that the second sentence is clarified by amending it to;
"The auditor's work should be risk-based and proportionate: designed to meet the auditor's statutory responsibilities but tailored applying the auditor's professional judgment to tailor their work to the circumstances in place at the audited body and the audit risks to which, in the professional judgement of the auditor, they give rise.
In paragraph 1.11, we recommend that the word “appropriate” should be inserted between "sufficient” and “evidence” to be consistent with auditing standards.
Paragraph 1.12, indicates that the NAO may determine that aspects of the Code may be inappropriate to the audit of certain bodies. However, it needs to be clear that applicable requirements in any applicable standards do need to be complied with. For example, in an audit of financial statements in accordance with ISAs (UK and Ireland), all requirements in the standards need to be complied with unless either the entire standard is not applicable (e.g. the standard relating to using the work of internal audit when there will not be such use) or the requirement is not relevant because it is conditional and the condition does not exist.
Coordination and integration
A key principle related to the audit of annual accounts, in compliance with the auditing standards issued by the FRC, is that the appointed auditor has sole responsibility for the report and opinion on the annual accounts. Our view is that the third sentence of paragraph 1.14, which we believe is intended to address this, needs to be clearer. Currently that sentence states “The auditor is not required to carry out procedures to assess the quality of, or re-perform, the work of other scrutiny bodies, except where it would be unreasonable not to do so, for example, to provide assurance in accordance with auditing standards issued by the Financial Reporting Council in support of the audit opinion on the annual accounts.” We suggest rewording this along the lines of:
"For an audit of financial statements conducted in compliance with auditing standards issued by the Financial Reporting Council (e.g. the audit of annual accounts) the auditor has sole responsibility for the report and opinion on the financial statements. Accordingly, the auditor complies with the requirements of those standards regarding the use, if any, of the work other auditors and other parties such as an auditor's expert. For other assurance engagements, the principle that the auditor has sole responsibility for the auditor's report and opinion also applies unless applicable standards, laws or regulation specify otherwise. In circumstances where the auditor does not have sole responsibility, and is not required to carry out procedures to assess the quality of, or re-perform, the work of other scrutiny bodies, this should be made clear in the auditor's report."
Other comments
We believe it would be helpful to add two further general principles in this chapter, covering audit quality and documentation. These are covered in the ISAs (UK and Ireland) for audits of financial statements, but may not be clearly established elsewhere for other audit work to which the Code applies.
Quality Control
International Standard on Quality Control (ISQC) (UK and Ireland) 1, Quality control for firms that perform audits and reviews of financial statements and other assurance and related services engagements, issued by the FRC, is intended to apply to "firms that perform audits of financial statements, report in connection with investment circulars and provide other assurance services where they relate to activities that are reported in the public domain and are therefore in the public interest. The objective of the audit firm, as stated in that standard is:
"to establish and maintain a system of quality control to provide it with reasonable assurance that:
- The firm and its personnel comply with professional standards and applicable legal and regulatory requirements; and
- Reports issued by the firm or engagement partners are appropriate in the circumstances."
This objective is also reflected, for application at the engagement level, in ISA (UK and Ireland) 220, Quality control for an audit of financial statements.
We recommend that the Code embodies these objectives and also requires audit firms to comply with ISQC (UK and Ireland 1).
Documentation
Quality of audit documentation is often an issue identified by audit inspections. We recommend that the Code embodies an adaptation of the objective of ISA (UK and Ireland) 230, Audit documentation, as a general principle for all engagements covered by the Code:
"The objective of the auditor is to prepare documentation that provides:
- A sufficient and appropriate record of the basis for the auditor's report; and
- Evidence that the audit was planned and performed in accordance with [the Code of Audit Practice, applicable standards] and applicable legal and regulatory requirements, [with appropriate regard to any supplementary detailed guidance to auditors]."
Chapter 2 – Audit of the annual accounts
Paragraph 2.5 indicates that the auditor's report should include an opinion on “whether other information included in a document containing the audited annual accounts is consistent with the annual accounts themselves". For an audit of financial statements in accordance with ISAS (UK and Ireland), the auditor is required to “read the other information to identify any information that is apparently materially incorrect based on, or materially inconsistent with, the knowledge acquired by the auditor in the course of performing the audit". If the auditor believes that the other information contains a material misstatement of fact, is materially inconsistent with the financial statements, or is otherwise misleading, and the auditor is unable to resolve the matter with management and those charged with governance, the auditor considers the implications for the auditor's report and what further actions may be appropriate. In light of this we recommend that the first sentence of paragraph 2.6 (see below) is moved up to paragraph 2.5.
The first sentence of paragraph 2.6 states "The auditor will report to the audited body if, in the auditor's opinion, other information included in a document containing the audited annual accounts does not reflect compliance with relevant requirements or is misleading or inconsistent with information the auditor is aware of from their work on the audited body.” The condition of “aware of from their work on the audited body" is not clearly related to the opinion on "compliance with relevant requirements”. As drafted, it could be interpreted to require the auditor to provide full assurance on the compliance of the 'other information' with requirements governing its content and presentation. It is not clear whether this was intended and, if it was not, we recommend that the words "based on the work undertaken in the course of the audit," are inserted between "... auditor's opinion,” and “other information included ...". If it was intended, reflecting specific legal or regulatory requirements, that should be made clearer.
The International Auditing and Assurance Standards Board (IAASB), whose standards provide the basis for the FRC's auditing standards, is currently revising the standard in this area (ISA 720) and potentially expanding the scope of what is ‘other information'. Under current thinking, ‘other information' would be defined as information (other than financial statements and the auditor's report thereon) included in an entity's 'annual report'. An 'annual report' could include a document or combination of documents, and may contain the financial statements or accompany them. The revision of this standard has not yet been finalised; however, unless established in legislation, we suggest that this Code provision is amended along the lines of “whether other information included in the annual report of the public body is consistent with the annual accounts themselves". If necessary for clarity, the information that comprises the 'annual report' could be described.
Chapter 4 – Reporting the results of the auditor's work
Paragraph 4.2 indicates that “the auditor should discuss their risk assessment and planned approach as set out in the audit planning report with management and those charged with governance." It is important to be clear that the auditor retains sole responsibility for the audit. We suggest it would be helpful to include wording based on that in paragraph A15 of ISA (UK and Ireland) 260, Communication with those charged with governance: “While communication with those charged with governance may assist the auditor to plan the scope and timing of the audit, it does not change the auditor's sole responsibility to establish the overall audit strategy and the audit plan, including the nature, timing and extent of procedures necessary to obtain sufficient appropriate audit evidence."
In paragraph 4.2, with respect to the various reports and statements etc., to be given at the conclusion of the audit, it would be helpful to indicate who they should be addressed to. Similarly, in paragraph 4.3, it would be helpful to indicate who the communications that may be made during the audit should be addressed to, in particular reports in the public interest so as to bring them to the attention of the public.
Glossary
In the definition of 'auditing standards' the reference to 'basic principles and essential procedures' is now outdated. As we believe the intention is to specify which standards are required to be complied with, we recommend that the definition is shortened to "The auditing standards issued by the Financial Reporting Council which auditors are required to comply with when conducting an audit of annual accounts."
Similarly, the definition of 'ethical standards' could be clarified by amending it to "The ethical standards for auditors issued by the Financial reporting Council."