The content on this page has been converted from PDF to HTML format using an artificial intelligence (AI) tool as part of our ongoing efforts to improve accessibility and usability of our publications. Note:

No human verification has been conducted of the converted content.
While we strive for accuracy errors or omissions may exist.
This content is provided for informational purposes only and should not be relied upon as a definitive or authoritative source.
For the official and verified version of the publication, refer to the original PDF document.

If you identify any inaccuracies or have concerns about the content, please contact us at [email protected].

Public Report on the 2011/12 inspection of KPMG LLP and KPMG Audit PLC

This report is issued by the FRC's Audit Inspection Unit. It has been approved for publication on behalf of the Professional Oversight Board.

1. Background information and key messages

1.1 Introduction

This report sets out the principal findings arising from the inspection of KPMG LLP and KPMG Audit Plc (“KPMG" or "the firm") carried out by the Audit Inspection Unit ("the AIU") of the Financial Reporting Council (“the FRC"), in respect of the year to 31 March 2012 ("the 2011/12 inspection"). Our inspection was conducted in the period from April 2011 to January 2012 (referred to as “the time of our inspection"). The objectives of our work are set out in Appendix A.

Our inspection comprised reviews of individual audit engagements and a review of the firm's policies and procedures supporting audit quality.

We reviewed 14 audit engagements undertaken by the firm in our 2011/12 inspection. These related to FTSE 100, FTSE 250, other listed and other major public interest entities, with financial year ends between June 2010 and April 2011. Our reviews were selected on a risk basis, utilising a risk model; each review covered only selected aspects of the relevant audit.

Each year we select a number of areas of particular focus. For 2011/12, these were: group audit considerations; the valuation of assets held at fair value; the impairment of assets (including goodwill and other intangibles); the assessment of going concern; revenue recognition; related parties and the quality of reporting to Audit Committees.

In addition, we undertook a follow-up review to assess the extent to which our prior year findings on that audit had been addressed in the following year's audit.

Our review of the firm's policies and procedures supporting audit quality covered the following areas:

Tone at the top and internal communications
Transparency report
Independence and ethics
Performance evaluation and other human resource matters
Audit methodology, training and guidance
Client risk assessment and acceptance/continuance
Consultation and review
Audit quality monitoring
Other firm-wide matters

The AIU exercises judgment in determining those findings which it is appropriate to include in its public report on each inspection, taking into account their relative significance in relation to audit quality, both in the context of the individual inspection and in relation to areas of particular focus in the AIU's overall inspection programme for the relevant year. In relation to reviews of individual audits, we have generally reported our findings by reference to important matters arising. Where appropriate, we have commented on themes arising or issues of a similar nature identified across a number of audits.

Further information on the scope of our work and the basis on which we report is set out in Appendix A.

All findings requiring action set out in this report, together with the firm's proposed action plan to address them, have been discussed with the firm. Appropriate action may have already been taken by the date of this report. The adequacy of the actions taken and planned will be reviewed during our next inspection.

The firm was invited to provide a response to this report for publication. The firm's response is set out in Appendix B.

The AIU acknowledges the co-operation and assistance received from the partners and staff of KPMG in the conduct of the 2011/12 inspection.

1.2 Background information on the firm

The UK firms of KPMG are owned by KPMG Europe LLP (“ELLP”) which is a limited liability partnership created through a merger of the UK and German member firms of KPMG International in October 2007. It has since been enlarged to include a number of other KPMG member firms. The management of ELLP and its operating subsidiaries lies primarily with the Board of ELLP. The KPMG office in Northern Ireland is part of the Irish member firm which is not part of ELLP.

The UK firm has 22 offices and is organised into three lines of service, being audit, advisory and taxation. All statutory audit work is performed within audit, which is divided into industry and geographical business units for operational purposes.

For the year ended 30 September 2011, the firm's turnover was £1,707 million, of which £456 million related to audit work and directly related services. There was a total of 593 partners, of whom 147 were authorised to sign audit reports, and 110 employees who were authorised to sign audit reports. ¹

The AIU estimates that the firm audited 415 UK entities within the scope of independent inspection by the AIU as at 28 February 2011. Of these entities, AIU records show that 168 had securities listed on the main market of the London Stock Exchange, including 21 FTSE 100 companies and 49 FTSE 250 companies.

Audits of entities incorporated in Jersey, Guernsey or the Isle of Man whose securities are traded on a regulated market in the European Economic Area are subject to inspection by the AIU under separate arrangements agreed with the relevant regulatory bodies and the principal findings of any such reviews undertaken in the year are included in this report. Our records show that the firm has six such audits, including one FTSE 250 company.

1.3 Overview

We focus in this report on matters where we believe improvements are required to safeguard and enhance audit quality. We set out our key messages to the firm in this regard in section 1.4. While this report is not intended to provide a balanced scorecard, we highlight certain matters which we believe contribute to audit quality, including the actions taken by the firm to address findings arising from our prior year inspection.

The firm places considerable emphasis on its overall systems of quality control and, in most areas, has appropriate policies and procedures in place for its size and the nature of its client base. Nevertheless, we have identified certain areas where improvements are required to those procedures, which are set out in this report.

Our file review findings, as set out in Section 2, largely relate to the application of the firm's procedures by audit partners and staff, whose work and judgments ultimately determine the quality of individual audits.

1.4 Key messages

The firm should pay particular attention to the following areas in order to enhance audit quality:

Provide further guidance and training to audit teams regarding the assessment of the impairment of goodwill and other assets, especially in relation to key assumptions and related disclosure requirements.
Ensure there is effective communication with component auditors throughout the audit and that the group audit team review and assess the adequacy of the work performed by component auditors for group audit purposes.
Continue to ensure audit teams sufficiently challenge management on the appropriateness of collective provisioning for loan losses.
Ensure that more emphasis is placed on obtaining direct confirmation of the existence and accuracy of assets and liabilities from third parties.
Ensure that, in the second year of using the firm's new eAudIT software tool, the firm is able to demonstrate that, in all cases, the evidence to support the conclusions reached had been obtained and reviewed before the firm's audit report was signed.
Improve communications with Audit Committees, especially the reporting of independence threats and safeguards in connection with the provision of non-audit services.

2. Principal findings

The comments below are based on our reviews of individual audits and the firm's policies and procedures supporting audit quality.

2.1 Review of audit engagements

Follow-up of audits reviewed in the prior year

We undertook a follow-up review of one audit we reviewed in the prior year. With the exception of the matter referred to below, the issues arising from our prior year review had either been satisfactorily addressed or were considered to be of limited significance to the audit for the following year.

Allowance for losses on loans – Specific provisions

Our prior year review raised issues in relation to three material loans where no provision had been raised. On the largest of these loans, we concluded last year that it was not clear why further evidence was not sought to support the valuation of assets held as security and why the audit team had not sufficiently challenged management on the need for a provision. Full provision against this loan was made in the current year. Further audit work should have been performed to establish the full circumstances leading to the provision, including any impact on the valuation of the security held at the prior year-end.

Audits reviewed in the current year

We reviewed selected aspects of 14 audits and assessed the quality of those aspects of the audit. Six of the audits we reviewed (2010/11: 10) were performed to a good standard with limited improvements required; seven (2010/11: two) were performed to an acceptable overall standard with improvements required; and one audit (2010/11: two) required significant improvement, particularly in relation to the audit team's assessment of the potential impairment of goodwill as set out below.

An audit is assessed as requiring significant improvement if the AIU had significant concerns in relation to the sufficiency or quality of audit evidence or the appropriateness of audit judgments in one or more key audit area or the implications of concerns relating to other areas are considered to be individually or collectively significant. This assessment does not necessarily imply that an inappropriate audit opinion was issued.

The bar chart below shows the number and percentage of the audits we reviewed in 2011/12 by AIU grade with comparatives for 2010/11 and 2009/10.

Bar chart showing the number and percentage of audits reviewed in 2011/12 by AIU grade with comparatives for 2010/11 and 2009/10.

The chart displays three categories of audit performance:

Good with limited improvements required: 6 (2011/12), 10 (2010/11), 10 (2009/10)
Acceptable overall with improvements required: 7 (2011/12), 3 (2010/11), 2 (2009/10)
Significant improvements required: 1 (2011/12), 2 (2010/11), 2 (2009/10)

Changes to the proportion of file reviews falling within each grade from year to year reflect a wide range of factors, which may include the size, complexity and risk of the individual audits selected for review, changes to the AIU's areas of particular focus and the scope of the individual reviews. For this reason and because of the small size of the samples involved, changes in gradings from one year to the next are not necessarily indicative of any overall change in audit quality at the firm.

Findings in relation to audit evidence and judgments

The focus of our reviews was on the audit evidence and related judgments for material areas of the financial statements and areas of significant risk.

We draw attention to the following findings which the firm should ensure are adequately addressed in future audits:

Impairment of goodwill and other assets On three audits we had concerns relating to the adequacy of audit work in connection with the carrying value of goodwill. This included insufficient consideration of the reasonableness of the growth rates and other assumptions, source data and methodologies used by management in considering the potential for impairment of goodwill and other assets. Additional sensitivity analysis should have been considered in some of these cases and a greater level of scepticism applied to the growth rate assumptions used.

On two audits there was insufficient challenge of the revenue forecasts used to value intangible assets; and on one of these audits, of the continued appropriateness of the useful lives of those assets.

Group audit considerations Auditing Standards applicable from December 2010 year-ends introduced more specific requirements on the conduct of a group audit. We reviewed group audit considerations on nine audits, including seven FTSE 350 groups.

On six audits we identified issues in connection with certain aspects of the risk assessment procedures performed by the group audit team. On two of these audits there was insufficient evidence of appropriate two-way communication with component auditors. On four of these audits the group engagement team had visited material locations and met with component auditors but the specific objectives and the outcomes of certain of these visits were not clear.

On six audits we identified weaknesses in audit procedures performed relating to the group audit team's interaction with the component auditors. These included a lack of evidence of the work performed by component auditors on certain consolidation returns, insufficient review by the group auditors of work performed by the component auditors and a lack of evidence in respect of certain aspects of the work performed by the group auditors on the consolidation.

External confirmations On six audits, insufficient audit work in relation to external confirmation of material balances was performed or evidenced. On two of these audits, external confirmations were either not sought for material balance or were sought only for a sample of material balances. On three audits, confirmations were either received after the date of the auditor's report (although alternative procedures had been performed) or there was no evidence they were received directly by the auditors. In one case the auditors had not established the authenticity of confirmations which they received by e-mail.
Related parties Accounting Standards require the existence of related parties and transactions with such parties to be disclosed in the financial statements. On four audits we identified deficiencies relating to the audit of the disclosures regarding related party relationships and transactions.

Recurring findings from one year to the next

In response to our prior year findings, the firm has taken steps to achieve improvements. However, recurring findings arose in relation to the following matters.

Collective provisioning for loan losses We identified concerns with the methodology used in relation to collective provisioning for loan losses on three audits that we reviewed. In two of these cases, there was insufficient challenge by the audit team of the appropriateness of the exclusion of certain loans from the model used to calculate the collective provision.
Revenue recognition On two audits, improvement was required in relation to the sufficiency of audit evidence, challenge and corroboration for revenue and profit recognition. On the first of these audits, more extensive corroboration of management's explanations in relation to the contracts selected for review should have been obtained in order to confirm the appropriateness of the revenues recognised. On the other audit, there was insufficient evidence of consideration of potential loss-making contracts and the audit team did not review the continued appropriateness of the detailed revenue recognition policies for long-term contracts.
Other matters Whilst we have seen some improvement in relation to the matters noted below, following action taken by the firm, continued effort is required to achieve further improvements:
Although audit work relating to the going concern assessment was generally performed to a good or acceptable standard, we identified specific aspects of the work relating to going concern on three audits where improvements were required.
On four audits there was inadequate evidence of the timely involvement of either the audit engagement partner or the engagement quality control reviewer (EQCR).
On two audits, there was insufficient consideration of whether safeguards were required to reduce possible threats to independence arising from the long involvement in the audit of senior managers.

Other findings in the current year

Transition to eAudIT

All the audits we reviewed used the firm's new 'eAudIT system' for the first time this year. On the majority of audits, a significant number of working papers were prepared outside of eAudIT and added to the system at a later date. This resulted in working papers being dated as having been prepared and reviewed after the date that the firm's audit report was signed. As a result, it was not possible to determine whether all necessary audit work had been performed and reviewed on or before this date.

The firm's systems and working practices must enable it to demonstrate that sufficient appropriate audit evidence has been obtained and reviewed before the date that the firm's audit report is signed.

Use of experts and specialists

On three audits, there were insufficient procedures performed in connection with the use of external experts and, on two audits, in connection with the use of internal specialists.

On one of these audits, the files referred to discussions with the firm's technical specialists in the prior year in relation to the unusual accounting treatment adopted by management for certain swap transactions. Similar transactions occurred in the current year. There was insufficient challenge by the audit team of the appropriateness of this accounting treatment and whether further disclosures in this area were needed. We were informed by the audit team that further consultation was held with the firm's internal specialists in the current year but there was no evidence of this.

Risk considerations

In the majority of the audits we reviewed, we identified issues regarding assessing and responding to significant risks. Issues included insufficient linkage to the evaluation of the design and implementation of controls over significant risks, a lack of evidence of fraud risk discussions and significant risks not being properly identified or evidenced.

Communicating with Audit Committees

On the majority of audits we found that independence threats and identified safeguards adopted, particularly in regard to the provision of non-audit services, were not adequately reported to Audit Committees in the formal Audit Committee memorandum.

On two audits, we identified deficiencies in the information reported to the Audit Committee regarding the scope of the work to be performed on material components. On three audits, issues arising from the audit were not adequately reported to the Audit Committee and on six audits there were inconsistencies and omissions in the reporting of significant risks to the Audit Committee.

Consideration of independence threats and safeguards

On seven audits, there was insufficient evidence that the audit team had given appropriate consideration to the specific independence threats arising from the provision of non-audit services and the related safeguards required.

2.2 Review of the firm's policies and procedures

The firm's policies and procedures are largely developed either globally or at a European (ELLP) level and the UK firm puts significant resources into the global, ELLP and its own central support functions, such as quality and risk management, audit and accounting technical, independence compliance and human resources.

During the year we have noted enhancements and improvements to the firm's policies and procedures or their application in practice. In particular, the firm has introduced a new requirement for all planned substantive analytical review procedures to be approved by the engagement leader. We identified weaknesses in the substantive analytical review procedures performed on four audits which were undertaken prior to the new policy taking effect. We will monitor the effectiveness of this change during future inspections.

The firm took a number of initiatives in the year to reinforce the importance of professional scepticism. These included the roll out of KPMG's Professional Judgement Framework to all staff and a number of workshops and presentations highlighting the importance of professional scepticism. The firm should continue to implement initiatives that will help to further embed the concept of professional scepticism into the culture of the audit practice.

The firm has also made a number of other improvements to its procedures or their application in practice in response to our prior year findings. In particular:

Our review of staff appraisals did not identify any instances where staff had referred to the selling of non-audit services to audited entities.
Our review of the firm's policy and related guidance covering the provision of certain tax services to audited entities did not identify any inconsistencies with the Ethical Standards.

Findings in the current year

Appraisal process

A new appraisal process is being developed and an interim system was used in the current year. The existing system does not ensure the specific consideration or assessment of audit quality as an objective against which staff should be appraised. Whilst the supporting guidance stresses that audit quality should be considered, in our view it should be specifically stated as an objective and then specifically assessed in the appraisals of all audit staff.

Audit quality monitoring

The firm requires a further file review to be performed in the same year for individuals authorised to sign audit reports who receive a less than satisfactory grade in the internal Quality Performance Review for the audit of a public interest entity. Three of the four planned follow-up file reviews were not completed on a timely basis in the current year.

Risk grades

The firm's client and engagement acceptance/continuance system automatically generates a minimum risk grade which can be manually increased by the engagement team when they deem this to be appropriate. The firm's guidance requires engagement teams to describe the services to be provided, risks identified and how those risks are to be mitigated. We did not consider the information provided by the engagement team to support the risk grade to be in line with the firm's guidance in five of the acceptance/continuance forms that we reviewed.

Non-audit services

The firm has a system in place for identifying independence threats or conflicts of interest arising from the provision of non-audit services, and any related safeguards proposed, and to obtain any additional approvals and clearances required. On three of the five “non-audit services requests" which we reviewed, however, there was insufficient assessment of the relevant independence threats and identification of appropriate safeguards.

Pre-issuance technical reviews of financial statements

The firm requires pre-issuance technical reviews of the financial statements to be performed by specialist partners and managers prior to the issue of the audit opinion for larger listed entities. However, we believe that there should also be a requirement for the reviewer to confirm the satisfactory clearance of any significant matters raised by them prior to the audit report being signed.

Other matters

Off-shoring

During the year, the firm continued to develop its off-shoring capability in India using a "department extension" model. Audit work performed by these centres is forecast to increase significantly in the future. The firm will need to ensure that the work performed offshore continues to be controlled appropriately and is performed by those with an appropriate working knowledge of the audited entity.

Andrew Jones Director of Audit Quality Audit Inspection Unit FRC Conduct Division 15 June 2012

Appendix A – Objectives, scope and basis of reporting

Scope and objectives

The overall objective of our work is to monitor and promote improvements in the quality of auditing. As part of our work, we monitor compliance with the regulatory framework for auditing, including the Auditing Standards, Ethical Standards and Quality Control Standards for auditors issued by the FRC's Auditing Practices Board and other requirements under the Audit Regulations issued by the relevant professional bodies. The standards referred to in this report are those effective at the time of our inspection or, in relation to our reviews of individual audits, those effective at the time the relevant audit was undertaken.

Our reviews of individual audit engagements and the firm's policies and procedures cover, but are not restricted to, the firm's compliance with the requirements of relevant standards and other aspects of the regulatory framework. Our reviews of individual audit engagements place emphasis on the appropriateness of key audit judgments made in reaching the audit opinion together with the sufficiency and appropriateness of the audit evidence obtained.

We seek to identify areas where improvements are, in our view, needed in order to safeguard audit quality and/or comply with regulatory requirements and to agree an action plan with the firm designed to achieve these improvements. Accordingly, our reports place greater emphasis on weaknesses identified which require action by the firm than areas of strength and are not intended to be a balanced scorecard or rating tool. We also assess the extent to which the firm has addressed the findings arising from its previous AIU inspection.

Our inspection was not designed to identify all weaknesses which may exist in the design and/or implementation of the firm's policies and procedures supporting audit quality or in relation to the performance of the individual audit engagements selected by us for review and cannot be relied upon for this purpose.

The monitoring units of the professional accountancy bodies in the UK which register firms to conduct audit work are responsible for monitoring the quality of audit engagements falling outside the scope of independent inspection but within the scope of audit regulation in the UK. Their work, which is overseen by the FRC, covers audits of UK incorporated companies and certain other entities which do not have any securities listed on the main market of the London Stock Exchange and whose financial condition is not otherwise considered to be of major public interest. All matters raised in this report are based solely on work carried out by the AIU.

Basis of reporting

This report is based on the AIU's more detailed private report on its inspection of the firm to the Audit Registration Committee ("the ARC") of the Institute of Chartered Accountants in England and Wales (“the ICAEW") with which the firm is registered for audit purposes. The AIU currently inspects the largest audit firms including KPMG annually. The ARC considers whether audit registration should be continued for the firm following each inspection undertaken. The AIU's report to the ARC, which was finalised in April 2012, recommended that the firm's registration to conduct audit work should be continued.

While the AIU's public reports seek to provide useful information for interested parties, they do not provide a comprehensive basis for assessing the comparative merits of individual firms. The findings reported for each firm in any one year reflect a wide range of factors, including the number, size and complexity of the individual audits selected for review by the AIU which, in turn, reflects the firm's client base. An issue reported in relation to a particular firm may therefore apply equally to other firms without having arisen in the course of the AIU's inspection fieldwork at those other firms in the relevant year. Also, only a small sample of audits are selected for review at each firm and the findings may therefore not be representative of the overall quality of each firm's audit work.

The fieldwork at each firm is completed at different times during the year and comprehensive quality control procedures are applied before the AIU's private and public reports are finalised. As a result, there may be a significant period of elapsed time between completion of the AIU's inspection fieldwork at a firm and the publication of a report on the inspection findings.

The AIU also issues confidential reports on individual audits reviewed during an inspection which are addressed to the relevant audit engagement partner or director. Firms are expected to provide copies of these reports to the directors or equivalent of the relevant audited entities.

Purpose of this report

This report has been prepared for general information only. The information in this report does not constitute professional advice and should not be acted upon without obtaining specific professional advice.

To the full extent permitted by law, the FRC and its employees and agents accept no liability and disclaim all responsibility for the consequences of anyone acting or refraining from acting in reliance on the information contained in this report or for any decision based on it.

Appendix B – Firm's response

KPMG LLP 15 Canada Square Canary Wharf London E14 5GL United Kingdom

Tel +44 (0) 20 7311 1000 Fax +44 (0) 20 7311 3311 DX 157460 Canary Wharf 5

Private & confidential Audit Inspection Unit Aldwych House 71-91 Aldwych LONDON WC2 4HN

7 June 2012

Dear Sirs

AIU Public Report 2011/12

We welcome the recommendations made in the report which will contribute to our continuous improvement process, and have already taken appropriate action to address the specific matters raised. Whilst we may not always have the same view as the AIU on the significance of individual matters, we share the objective of wishing to continue to improve the quality of auditing and are always keen to take on board any suggestions with this aim.

We note your observation on pre-issuance technical reviews of financial statements. We have a culture of consultation at KPMG and engagement teams consult with our technical department on matters raised as necessary. In addition, the resolution of these points is reviewed by the Engagement Quality Control Reviewer. However, we do not require formal sign-off by our technical department as we believe it is a fundamental principle that the engagement partner, who has the best understanding of the overall context, retains responsibility for all such matters. This principle is underlined by ISAs and company law.

We would like to take this opportunity to thank the AIU for the open and professional manner in which the review was conducted.

Yours faithfully

Handwritten signature of an individual.

Tony Cates Head of Audit

KPMG LLP, a UK limited liability partnership, is a subsidiary of KPMG Europe LLP and a member firm of the KPMG network of independent member firms affiliated with KPMG International Cooperative, a Swiss entity. Registered in England No OC301540 Registered office: 15 Canada Square, London, E14 5GL

FINANCIAL Reporting COUNCIL 5TH FLOOR ALDWYCH HOUSE 71-91 ALDWYCH LONDON WC2B 4HN TEL: +44 (0)20 7492 2300 FAX: +44 (0)20 7492 2301 WEBSITE: www.frc.org.uk

The Financial Reporting Council Limited 2012

The Financial Reporting Council Limited is a company limited by guarantee. Registered in England number 2486368. Registered Office: 5th Floor, Aldwych House, 71-91 Aldwych, London WC2B 4HN.