The content on this page has been converted from PDF to HTML format using an artificial intelligence (AI) tool as part of our ongoing efforts to improve accessibility and usability of our publications. Note:

No human verification has been conducted of the converted content.
While we strive for accuracy errors or omissions may exist.
This content is provided for informational purposes only and should not be relied upon as a definitive or authoritative source.
For the official and verified version of the publication, refer to the original PDF document.

If you identify any inaccuracies or have concerns about the content, please contact us at [email protected].

Audit Quality Inspection Report May 2016: Ernst & Young LLP

The FRC is responsible for promoting high quality corporate governance and reporting to foster investment. We set the UK Corporate Governance and Stewardship Codes as well as UK standards for accounting, auditing and actuarial work. We represent UK interests in international standard-setting. We also monitor and take action to promote the quality of corporate reporting and auditing. We operate independent disciplinary arrangements for accountants and actuaries, and oversee the regulatory activities of the accountancy and actuarial professional bodies.

The FRC does not accept any liability to any party for any loss, damage or costs howsoever arising, whether directly or indirectly, whether in contract, tort or otherwise from any action or decision taken (or not taken) as a result of any person relying on or otherwise using this document or arising from any omission from it.

The Financial Reporting Council Limited 2016 The Financial Reporting Council Limited is a company limited by guarantee. Registered in England number 2486368. Registered Office: 8th Floor, 125 London Wall, London EC2Y 5AS

Text box stating the AQR's objective to monitor and promote improvements in the quality of auditing.

About the FRC's Audit Quality Review team

Our objective

The FRC's mission is to promote high quality corporate governance and reporting to foster investment. The Audit Quality Review team (AQR) contributes to this objective by monitoring and promoting improvements in the quality.

What we do

AQR assesses the quality of the audits of listed and other major public interest UK entities and the policies and procedures supporting audit quality at the major audit firms in the UK. We also review audits of entities incorporated in Jersey, Guernsey or the Isle of Man whose securities are traded on a regulated market in the European Economic Area. We adopt a risk-based approach to our work and focus our reviews of individual audits on key areas specific to each review.

Our team

AQR consists of approximately 35 professional and support staff. Our inspection teams have extensive expertise with an average of 19 years post-qualification experience. Our audit quality review work is subject to rigorous internal quality control reviews. Independent non-executives oversee our work.

Working with Audit Committees (or equivalent bodies)

Audit Committees play an essential role in reviewing and monitoring the effectiveness of the audit process. We are committed to engaging with Audit Committees to improve the overall effectiveness of our reviews and to support our common objective of promoting audit quality. We speak with Audit Committee Chairs during the year as part of our work. We also send our reports on each individual audit reviewed to the Chair of the relevant Audit Committee (or equivalent body).

Priority sectors and areas of focus

Our priority sectors for inspection in 2015/16 were insurance; food, drink and consumer goods manufacturers and retailers; companies servicing the extractive industries; and business services. We reviewed a number of audits from these sectors at the firms, together with a number of first year audits which were identified as an area of focus given the extent of changes in auditors following increased audit tendering. We also paid particular attention to the audit of revenue recognition and complex supplier arrangements.

Thematic reviews

In addition to our annual programme of audit reviews, we undertake one or more thematic reviews each year. We review firms' policies and procedures in respect of a specific aspect of auditing, and their application in practice, enabling us to make comparisons between firms with a view to identifying both good practice and areas for improvement.

This year we have published reports on “Firms' audit quality monitoring” (January 2016) and "Engagement Quality Control Reviews” (February 2016). We expect all firms to take appropriate action to address the findings from our thematic reviews which apply to them.

Developments in Audit Quality 2015/16

In addition to reports on each of the major firms we have reviewed, the FRC intends to issue later in 2016 (and annually thereafter) a report on the quality of audit in the UK. This will include a report on the overall findings of our AQR activity.

The AQR assesses the quality of audits and policies and procedures supporting audit quality at major firms

1. Overview

This report sets out the principal findings arising from the 2015/16 inspection of Ernst & Young LLP ("EY" or "the firm") carried out by the Audit Quality Review team of the Financial Reporting Council ("the FRC"). We conducted this inspection in the period from February 2015 to January 2016 ("the time of our inspection"). We inspect EY, and report publicly on our findings, annually.

Our report focuses on the key areas requiring action by the firm to safeguard and enhance audit quality. It does not seek to provide a balanced scorecard of the quality of the firm's audit work. Our findings cover matters arising from our reviews of both individual audits and the firm's policies and procedures which support and promote audit quality.

Section 2 sets out our key findings requiring action and the firm's responses to these findings.

Section 3 sets out our overall assessment of the quality of the audits we reviewed in our 2015/16 inspection and how it compares with our assessments for the previous four years.

Appendix A sets out our objectives, scope and basis of reporting.

Appendix B explains how we assess audit quality and explains the basis of our categories of audit quality.

We acknowledge the co-operation and assistance received from the partners and staff of the firm in the conduct of our 2015/16 inspection.

Scope of our 2015/16 inspection

Our inspection comprised a review of the firm's policies and procedures supporting audit quality and reviews of selected aspects of individual audits.

The areas covered by our review of the firm's policies and procedures included:

Tone at the top;
Independence and ethics;
Audit methodology, training and guidance; and
The firm's own audit quality monitoring.

We reviewed selected aspects of 20 individual audits in 2015/16. In selecting which aspects of an audit to inspect, we take account of those areas identified to be of higher risk by the auditors and Audit Committees, our knowledge and experience of audits of similar entities and the significance of an area in the context of the audited financial statements.

Key findings

In response to the findings of our last inspection, the firm has implemented the agreed actions and has enhanced its procedures, including the following:

Audit Quality Programme: an expanded team now has a long-term focus on ten different work streams including an Audit Quality Support Team for quality assurance and ongoing coaching to teams, partner and staff engagement, resourcing, innovation and recognition.
Auditor's reports: the firm increased its quality control procedures and issued further guidance relating to the accuracy of descriptions of audit procedures performed and group scoping.
Significant risks including Management Override: new templates have been developed and implemented to record audit strategy, work performed, results and conclusions.
Independence: the independence team has been restructured and received increased resources, to improve the firm's independence monitoring procedures, communications and training.

Our key findings in the current year requiring action by the firm, which are elaborated further in section 2 together with the firm's actions to address them, are that the firm should:

Improve the extent of challenge of management in relation to areas of judgment, in particular impairment reviews and provisions.
Improve the quality of written communications with Audit Committees in relation to key judgments and estimates.
Make further improvements to the audit of revenue, embedding key messages from the firm's training and changes in the firm's methodology.
Ensure more effective audit procedures are performed to test IT controls and system generated reports which are relied upon.
Continue to strengthen the firm's monitoring of compliance with its independence policies and procedures.

The following chart shows our assessment of the quality of the firm's audits which we reviewed in 2015/16 with comparative information for 2014/15. Further details are provided in section 3.

Assessment of Quality of Audits Reviewed

The chart shows an overall improvement in our assessment of the quality of the specific audits we reviewed in 2015/16 compared with our assessment for those audits we reviewed in 2014/15. In particular, no audits were assessed as requiring significant improvement in 2015/16.

Section 3 sets out examples of good practice which contributed to audits being assessed as requiring no more than limited improvements. It also sets out the principal issues resulting in audits being assessed as requiring more than limited improvements.

We expect all the firms we inspect to make continuous improvements such that, by 2019, at least 90% of FTSE 350 audits reviewed will be assessed as requiring no more than limited improvements¹.

Root cause analysis

Thorough and robust root cause analysis is necessary to enable firms to develop effective action plans which are likely to result in improvements in audit quality being achieved. At our request, the firm has performed root cause analysis in respect of our key findings in this report.

Firm's overall response and actions:

We are pleased with the continued improvement in the quality of audit engagements inspected by the FRC since 2014. We established our Audit Quality Programme in 2014 with a long term focus on improving and sustaining audit quality through ten work streams and this included a root cause analysis process to provide inputs to the programme.

The programme includes the work of our Audit Quality Support Team (AQST). The AQST perform hot reviews of a sample of FTSE 350 and other major audits, providing direct feedback and coaching to audit teams and sharing their observations with the wider audit practice.

During 2015, we issued guidance and provided training to address feedback from the AQST and the FRC's key findings as matters were identified. On completion of our root cause analysis on the results of the FRC's inspection, we were pleased that the primary focus areas arising were already incorporated into our Audit Quality Programme; however the output of the analysis has provided further insights which we will incorporate into the programme.

Our root cause analysis indicates that the improvement in the quality of the audits inspected by the FRC this year has been underpinned by a focus on the importance of audit quality, reflecting a consistent message from the firm's leadership and driven by earlier detailed partner involvement in audit planning, which, in turn, enabled more effective audit execution. We will continue this focus.

In our responses to the FRC's key findings in Section 2, we have explained the actions that we took during the period of the FRC's inspection, together with, where relevant, the further actions we plan to take in light of our root cause analysis. These include:

Focused coaching on areas such as the audit of estimates and revenue.
Extended sharing of examples of best practice
A renewed focus on early effective audit planning

We share the FRC's audit quality ambition and are determined to achieve the target it has set. We have found the insights and challenges of the FRC extremely valuable as we have developed our Audit Quality Programme and we thank it for its work and the independent perspective it brings.

2. Key findings requiring action and the firm's response

We set out below the key areas where we believe improvements are required to safeguard and enhance audit quality and safeguard auditor independence. The firm was asked to provide a response setting out the actions it has taken or will be taking in each of these areas.

Improve the extent of challenge of management in relation to areas of judgment, in particular impairment reviews and provisions

An appropriate level of challenge of management is important in ensuring a high quality audit of areas of judgment, in particular valuations and estimates. Effective audit teams will consider management's assumptions and compare these to available audit evidence and, where appropriate, challenge management in relation to the basis of those assumptions. The robustness of the auditor's challenge can also affect the effectiveness of the Audit Committee's consideration of these areas.

Given the level of audit risk and the potential impact on the financial statements, we reviewed the audit of valuations and estimates on nearly all the audits that we inspected. The audit of this area was a contributing factor for all three audits where we assessed that more than limited improvements were required to the quality of the audit work.

The main findings related to:

The extent to which certain key assumptions in impairment reviews had been adequately considered and challenged. On one audit there was insufficient challenge of the entity's forecast improvement in its profitability, which was the basis for not impairing its non-current assets. In addition, there was insufficient evidence that the audit team had adequately considered the potential problems that could have had an effect on the forecasts.
The audit of certain provisions, where the audit team had not sufficiently assessed and challenged management's judgments in cases where there was estimation uncertainty. On one audit the audit team did not adequately consider or challenge the method management had used to estimate a provision and did not adequately involve the firm's internal experts to assess the reasonableness of the provision. In addition, the audit team had not sufficiently considered whether the related disclosures were adequate. On another audit, the audit team did not sufficiently test the data management had used to support the assumptions applied to calculate the provision.

Firm's actions:

In 2015, our AQST directed their attention to audit areas of significant risk, including the audit of valuations and estimates. This focus by our AQST will continue during 2016. During 2015 we provided additional training for our teams, with a particular emphasis on the application and evidencing of professional scepticism in areas of judgement and the involvement of experts in the audit. Our 2016 training programme will reinforce this focus on the application of professional scepticism. Our root cause analysis of findings on audits inspected this year indicates that teams will benefit from coaching to ensure the audit files clearly capture the audit team's considerations in relation to the key audit procedures and evidence. This will be driven by the Audit Quality Programme.

Improve the quality of the written communications with Audit Committees in relation to key judgments and estimates.

Timely and robust communications with Audit Committees are important in assisting them to fulfil their responsibilities in relation to the financial statements. These communications also assist the auditors and Audit Committees in understanding matters relevant to the audit and in considering areas of risk and judgment that may affect the financial statements.

We reviewed communications with Audit Committees on all audits we inspected. Our main findings in this area related to insufficient evidence of reporting to Audit Committees of the audit findings in areas involving key judgments or estimates, including how the audit team had concluded that management's key judgments and estimates were considered appropriate.

For example, in three audits the reporting to the Audit Committee did not adequately explain the auditor's conclusions on methodologies and key assumptions used to estimate certain liabilities. On another audit, the reporting to the Audit Committee did not sufficiently explain how the audit team concluded that management's valuations of certain investments were appropriate.

Firm's actions:

In 2015 we guided our audit teams to consider the detail of their written communications with Audit Committees, in particular to consider providing greater detail, where applicable, on our acceptable ranges for estimates and where management's estimates sit within that range. We will provide further guidance in 2016. We will ask our teams to consider discussing with Audit Committees the form and content of our reporting as an input into decisions on the balance between our written and oral communication.

Make further improvements to the audit of revenue, embedding key messages from the firm's training and changes in the firm's methodology

Revenue is an important driver of an entity's operating results and auditors need to evaluate and address fraud risks in relation to revenue recognition. A failure to perform sufficient audit work in this area increases the risk that a material misstatement of revenue in the financial statements will not be identified.

Our findings mainly related to:

Sufficiency of testing of controls: on one audit the controls testing did not cover all types of transactions and on another audit the suitability of the nature and extent of the approach to testing individual controls was not explained. On a third audit there was insufficient evidence that the design and implementation of controls for a significant risk had been evaluated.
Adequacy of the substantive analytical review: on the audits reviewed, the audit teams often used analytical procedures to predict the expected amounts and compare them to the actual revenue. In two audits the expected amounts had not been determined appropriately and therefore were not a suitable basis for comparison to actual revenue. We also identified instances where the differences between actual and expected amounts were not adequately investigated or corroborated.
Justification of the sample sizes used in testing: on some audits, there was insufficient justification for the sample sizes used and insufficient supporting evidence for the sample of items selected for testing revenue.

Although the firm made changes to its methodology for the audit of revenue and focused on this area in training in 2015, these occurred after most of the audits we inspected had been completed.

Firm's actions:

In 2015, we revised our requirements and we provided relevant training, including case studies. We also issued further guidance on sample sizes relevant to the audit of income statement balances. The audit of revenue was a focus area for our AQST in 2015 and this will continue in 2016.

Our root cause analysis indicates that teams would benefit from coaching on the design of the revenue audit programme, with a focus on simplification and on demonstrating how the identified risks have been addressed. This will be driven by the Audit Quality Programme.

Ensure more effective audit procedures are performed to test IT controls and system generated reports which are relied upon

Testing the operational effectiveness of controls is necessary to provide the auditor with a proper basis on which to place reliance on them. This includes testing controls over IT systems including general IT controls, which relate to the IT environment such as the integrity and security of data, and application controls, which relate to the processing of transactions.

Our findings concerned the adequacy of testing and evidence of the work in relation to:

Application controls: the testing of certain controls in one audit was limited to a sample of one which did not cover each different type of transaction that the controls were designed to address.
Reliance placed on others to test IT general controls: there was insufficient evidence on one audit that the scope and extent of work performed by internal audit and outsourced providers was sufficient.
Reliance on reports generated from IT systems: on one audit there was insufficient evidence that the completeness of revenue reports had been adequately tested.

Firm's actions:

In 2015, we have focused on improving consistency in the audit of IT controls and system generated reports. We have provided training to our audit and IT audit professionals and, as part of our investment in developing our new audit tool, we have amended our IT audit guidance to drive improvements. We will continue this focus in 2016.

Our root cause analysis indicates that in limited cases the depth of IT experience included on the audit team may have contributed to the issues identified by the FRC. Within our Audit Quality Programme the "Working with Specialists” workstream is addressing how to further integrate our IT audit professionals with our core audit teams.

Continue to strengthen the firm's monitoring of compliance with its independence policies and procedures

Firms are required to have policies and procedures in place to maintain auditor objectivity and independence. Insufficient monitoring of compliance with the firm's policies and procedures could compromise the firm's objectivity and independence.

A need for improvements to the firm's monitoring of its independence policies and procedures was identified in the following areas:

Monitoring of holdings in prohibited financial interests: the firm was not monitoring on a timely basis prohibited financial interests held by partners and staff in audited entities. It is now doing so on a daily basis to ensure the prompt disposal of such holdings.
Delays by the Independence team in notifying the relevant audit partner of independence breaches: the firm identified cases where holdings of prohibited financial interests in audited entities by other partners were not notified to the relevant audit engagement partners on a timely basis and, consequently, there were also delays in notifying Audit Committees. New procedures were implemented in the year.
Monitoring of partners leaving the firm: until recently, the firm did not have adequate procedures in place to monitor roles subsequently taken on by partners who leave the firm, such as joining audited entities.
Monitoring of completion of independence training: the firm's procedures to ensure that mandatory training was completed by the required deadline were not sufficiently timely and robust at the time of our review. New monitoring and follow up procedures were subsequently implemented for the 2015 mandatory training.

We also identified independence issues on certain audits:

The firm provided non-audit services to an entity without adequately assessing whether the safeguards in place to reduce or eliminate potential threats to independence were likely to be effective.
Audit teams for two investment trust entities did not adequately consider whether entities within the same group of companies were connected parties, and the implications for the independence of the firm.

Firm's actions:

As the FRC have noted we have made significant investment in increasing the resources of our independence team. We have formalised our processes and put in place more rigorous review and approval processes. We will continue to monitor the sufficiency of the actions we have taken in the light of any independence issues arising in the current year, including evaluating the underlying cause of such issues and making further changes to our processes as necessary.

3. Assessment of the quality of audits reviewed

We reviewed selected aspects of 20 individual audits in 2015/16. Of these, one was a first year engagement.

The bar chart below shows the results of our assessment of the quality of the audits we reviewed in 2015/16, with comparatives for the previous four years². The number of audits within each category in each year is shown at the top of each bar.

Assessment of Quality of Audits Reviewed - 2011-2016

We identified the following examples of good practice in 2015/16 which contributed to audits being assessed as requiring no more than limited improvements:

The scoping of, and involvement in, group audits.
The evaluation of IT controls deficiencies and procedures to address these.
The quality of the testing of journals.

The principal issues resulting in three audits being assessed as requiring more than limited improvements in 2015/16 included the following (further details of which are set out in section 2):

The extent of challenge of management in relation to impairment reviews and provisions; and
Deficiencies in the audit of revenue.

Audits inspected in 2015/16

We estimate that the firm audited 327 UK entities within the scope of independent inspection as at 31 December 2014. Of these entities, our records show that 136 had securities listed on the main market of the London Stock Exchange, including 10 FTSE 100 companies and 38 FTSE 250 companies.

The following chart provides a breakdown of the audits inspected in 2015/16 by type of entity³:

Audits reviewed by type of entity

Audit Quality Indicators

The firm's transparency report for the year ended 30 June 2015 includes certain Audit Quality Indicators (AQIs) which the six largest audit firms are using. We believe that such AQIs provide useful additional information to those wishing to understand firms' approaches to monitoring and improving audit quality.

We are pleased that firms have made a good start in identifying and monitoring AQIs. We would, however, encourage them to gather the relevant data on a more consistent basis and follow-up the results more effectively.

Audit Quality Review FRC Audit Division May 2016

Appendix A – Objectives, scope and basis of reporting

| Matter | Explanation ## Financial About the FRC's Audit Quality Review team

Our objective

The FRC's mission is to promote high quality corporate governance and reporting to foster investment. The Audit Quality Review team (AQR) contributes to this objective by monitoring and promoting improvements in the quality.

What we do

AQR assesses the quality of the audits of listed and other major public interest UK entities and the policies and procedures supporting audit quality at the major audit firms in the UK. We also review audits of entities incorporated in Jersey, Guernsey or the Isle of Man whose securities are traded on a regulated market in the European Economic Area. We adopt a risk-based approach to our work and focus our reviews of individual audits on key areas specific to each review.

Our team

AQR consists of approximately 35 professional and support staff. Our inspection teams have extensive expertise with an average of 19 years post-qualification experience. Our audit quality review work is subject to rigorous internal quality control reviews. Independent non-executives oversee our work.

Working with Audit Committees (or equivalent bodies)

Audit Committees play an essential role in reviewing and monitoring the effectiveness of the audit process. We are committed to engaging with Audit Committees to improve the overall effectiveness of our reviews and to support our common objective of promoting audit quality. We speak with Audit Committee Chairs during the year as part of our work. We also send our reports on each individual audit reviewed to the Chair of the relevant Audit Committee (or equivalent body).

Priority sectors and areas of focus

Our priority sectors for inspection in 2015/16 were insurance; food, drink and consumer goods manufacturers and retailers; companies servicing the extractive industries; and business services. We reviewed a number of audits from these sectors at the firms, together with a number of first year audits which were identified as an area of focus given the extent of changes in auditors following increased audit tendering. We also paid particular attention to the audit of revenue recognition and complex supplier arrangements.

Thematic reviews

In addition to our annual programme of audit reviews, we undertake one or more thematic reviews each year. We review firms' policies and procedures in respect of a specific aspect of auditing, and their application in practice, enabling us to make comparisons between firms with a view to identifying both good practice and areas for improvement.

This year we have published reports on “Firms' audit quality monitoring” (January 2016) and "Engagement Quality Control Reviews” (February 2016). We expect all firms to take appropriate action to address the findings from our thematic reviews which apply to them.

Developments in Audit Quality 2015/16

In addition to reports on each of the major firms we have reviewed, the FRC intends to issue later in 2016 (and annually thereafter) a report on the quality of audit in the UK. This will include a report on the overall findings of our AQR activity.

1. Overview

This report sets out the principal findings arising from the 2015/16 inspection of Ernst & Young LLP ("EY" or "the firm") carried out by the Audit Quality Review team of the Financial Reporting Council ("the FRC"). We conducted this inspection in the period from February 2015 to January 2016 ("the time of our inspection"). We inspect EY, and report publicly on our findings, annually.

Our report focuses on the key areas requiring action by the firm to safeguard and enhance audit quality. It does not seek to provide a balanced scorecard of the quality of the firm's audit work. Our findings cover matters arising from our reviews of both individual audits and the firm's policies and procedures which support and promote audit quality.

Section 2 sets out our key findings requiring action and the firm's responses to these findings.

Section 3 sets out our overall assessment of the quality of the audits we reviewed in our 2015/16 inspection and how it compares with our assessments for the previous four years.

Appendix A sets out our objectives, scope and basis of reporting.

Appendix B explains how we assess audit quality and explains the basis of our categories of audit quality.

We acknowledge the co-operation and assistance received from the partners and staff of the firm in the conduct of our 2015/16 inspection.

Scope of our 2015/16 inspection

Our inspection comprised a review of the firm's policies and procedures supporting audit quality and reviews of selected aspects of individual audits.

The areas covered by our review of the firm's policies and procedures included:

Tone at the top;
Independence and ethics;
Audit methodology, training and guidance; and
The firm's own audit quality monitoring.

We reviewed selected aspects of 20 individual audits in 2015/16. In selecting which aspects of an audit to inspect, we take account of those areas identified to be of higher risk by the auditors and Audit Committees, our knowledge and experience of audits of similar entities and the significance of an area in the context of the audited financial statements.

Key findings

In response to the findings of our last inspection, the firm has implemented the agreed actions and has enhanced its procedures, including the following:

Audit Quality Programme: an expanded team now has a long-term focus on ten different work streams including an Audit Quality Support Team for quality assurance and ongoing coaching to teams, partner and staff engagement, resourcing, innovation and recognition.
Auditor's reports: the firm increased its quality control procedures and issued further guidance relating to the accuracy of descriptions of audit procedures performed and group scoping.
Significant risks including Management Override: new templates have been developed and implemented to record audit strategy, work performed, results and conclusions.
Independence: the independence team has been restructured and received increased resources, to improve the firm's independence monitoring procedures, communications and training.

Our key findings in the current year requiring action by the firm, which are elaborated further in section 2 together with the firm's actions to address them, are that the firm should:

Improve the extent of challenge of management in relation to areas of judgment, in particular impairment reviews and provisions.
Improve the quality of written communications with Audit Committees in relation to key judgments and estimates.
Make further improvements to the audit of revenue, embedding key messages from the firm's training and changes in the firm's methodology.
Ensure more effective audit procedures are performed to test IT controls and system generated reports which are relied upon.
Continue to strengthen the firm's monitoring of compliance with its independence policies and procedures.

The following chart shows our assessment of the quality of the firm's audits which we reviewed in 2015/16 with comparative information for 2014/15. Further details are provided in section 3.

Assessment of Quality of Audits Reviewed

The chart shows an overall improvement in our assessment of the quality of the specific audits we reviewed in 2015/16 compared with our assessment for those audits we reviewed in 2014/15. In particular, no audits were assessed as requiring significant improvement in 2015/16.

Section 3 sets out examples of good practice which contributed to audits being assessed as requiring no more than limited improvements. It also sets out the principal issues resulting in audits being assessed as requiring more than limited improvements.

We expect all the firms we inspect to make continuous improvements such that, by 2019, at least 90% of FTSE 350 audits reviewed will be assessed as requiring no more than limited improvements¹.

Root cause analysis

Thorough and robust root cause analysis is necessary to enable firms to develop effective action plans which are likely to result in improvements in audit quality being achieved. At our request, the firm has performed root cause analysis in respect of our key findings in this report.

Firm's overall response and actions:

We are pleased with the continued improvement in the quality of audit engagements inspected by the FRC since 2014. We established our Audit Quality Programme in 2014 with a long term focus on improving and sustaining audit quality through ten work streams and this included a root cause analysis process to provide inputs to the programme.

The programme includes the work of our Audit Quality Support Team (AQST). The AQST perform hot reviews of a sample of FTSE 350 and other major audits, providing direct feedback and coaching to audit teams and sharing their observations with the wider audit practice.

During 2015, we issued guidance and provided training to address feedback from the AQST and the FRC's key findings as matters were identified. On completion of our root cause analysis on the results of the FRC's inspection, we were pleased that the primary focus areas arising were already incorporated into our Audit Quality Programme; however the output of the analysis has provided further insights which we will incorporate into the programme.

Our root cause analysis indicates that the improvement in the quality of the audits inspected by the FRC this year has been underpinned by a focus on the importance of audit quality, reflecting a consistent message from the firm's leadership and driven by earlier detailed partner involvement in audit planning, which, in turn, enabled more effective audit execution. We will continue this focus.

In our responses to the FRC's key findings in Section 2, we have explained the actions that we took during the period of the FRC's inspection, together with, where relevant, the further actions we plan to take in light of our root cause analysis. These include:

Focused coaching on areas such as the audit of estimates and revenue.
Extended sharing of examples of best practice
A renewed focus on early effective audit planning

We share the FRC's audit quality ambition and are determined to achieve the target it has set. We have found the insights and challenges of the FRC extremely valuable as we have developed our Audit Quality Programme and we thank it for its work and the independent perspective it brings.

2. Key findings requiring action and the firm's response

We set out below the key areas where we believe improvements are required to safeguard and enhance audit quality and safeguard auditor independence. The firm was asked to provide a response setting out the actions it has taken or will be taking in each of these areas.

Improve the extent of challenge of management in relation to areas of judgment, in particular impairment reviews and provisions

An appropriate level of challenge of management is important in ensuring a high quality audit of areas of judgment, in particular valuations and estimates. Effective audit teams will consider management's assumptions and compare these to available audit evidence and, where appropriate, challenge management in relation to the basis of those assumptions. The robustness of the auditor's challenge can also affect the effectiveness of the Audit Committee's consideration of these areas.

Given the level of audit risk and the potential impact on the financial statements, we reviewed the audit of valuations and estimates on nearly all the audits that we inspected. The audit of this area was a contributing factor for all three audits where we assessed that more than limited improvements were required to the quality of the audit work.

The main findings related to:

The extent to which certain key assumptions in impairment reviews had been adequately considered and challenged. On one audit there was insufficient challenge of the entity's forecast improvement in its profitability, which was the basis for not impairing its non-current assets. In addition, there was insufficient evidence that the audit team had adequately considered the potential problems that could have had an effect on the forecasts.
The audit of certain provisions, where the audit team had not sufficiently assessed and challenged management's judgments in cases where there was estimation uncertainty. On one audit the audit team did not adequately consider or challenge the method management had used to estimate a provision and did not adequately involve the firm's internal experts to assess the reasonableness of the provision. In addition, the audit team had not sufficiently considered whether the related disclosures were adequate. On another audit, the audit team did not sufficiently test the data management had used to support the assumptions applied to calculate the provision.

Firm's actions:

In 2015, our AQST directed their attention to audit areas of significant risk, including the audit of valuations and estimates. This focus by our AQST will continue during 2016. During 2015 we provided additional training for our teams, with a particular emphasis on the application and evidencing of professional scepticism in areas of judgement and the involvement of experts in the audit. Our 2016 training programme will reinforce this focus on the application of professional scepticism. Our root cause analysis of findings on audits inspected this year indicates that teams will benefit from coaching to ensure the audit files clearly capture the audit team's considerations in relation to the key audit procedures and evidence. This will be driven by the Audit Quality Programme.

Improve the quality of the written communications with Audit Committees in relation to key judgments and estimates.

Timely and robust communications with Audit Committees are important in assisting them to fulfil their responsibilities in relation to the financial statements. These communications also assist the auditors and Audit Committees in understanding matters relevant to the audit and in considering areas of risk and judgment that may affect the financial statements.

We reviewed communications with Audit Committees on all audits we inspected. Our main findings in this area related to insufficient evidence of reporting to Audit Committees of the audit findings in areas involving key judgments or estimates, including how the audit team had concluded that management's key judgments and estimates were considered appropriate.

For example, in three audits the reporting to the Audit Committee did not adequately explain the auditor's conclusions on methodologies and key assumptions used to estimate certain liabilities. On another audit, the reporting to the Audit Committee did not sufficiently explain how the audit team concluded that management's valuations of certain investments were appropriate.

Firm's actions:

In 2015 we guided our audit teams to consider the detail of their written communications with Audit Committees, in particular to consider providing greater detail, where applicable, on our acceptable ranges for estimates and where management's estimates sit within that range. We will provide further guidance in 2016. We will ask our teams to consider discussing with Audit Committees the form and content of our reporting as an input into decisions on the balance between our written and oral communication.

Make further improvements to the audit of revenue, embedding key messages from the firm's training and changes in the firm's methodology

Revenue is an important driver of an entity's operating results and auditors need to evaluate and address fraud risks in relation to revenue recognition. A failure to perform sufficient audit work in this area increases the risk that a material misstatement of revenue in the financial statements will not be identified.

Our findings mainly related to:

Sufficiency of testing of controls: on one audit the controls testing did not cover all types of transactions and on another audit the suitability of the nature and extent of the approach to testing individual controls was not explained. On a third audit there was insufficient evidence that the design and implementation of controls for a significant risk had been evaluated.
Adequacy of the substantive analytical review: on the audits reviewed, the audit teams often used analytical procedures to predict the expected amounts and compare them to the actual revenue. In two audits the expected amounts had not been determined appropriately and therefore were not a suitable basis for comparison to actual revenue. We also identified instances where the differences between actual and expected amounts were not adequately investigated or corroborated.
Justification of the sample sizes used in testing: on some audits, there was insufficient justification for the sample sizes used and insufficient supporting evidence for the sample of items selected for testing revenue.

Although the firm made changes to its methodology for the audit of revenue and focused on this area in training in 2015, these occurred after most of the audits we inspected had been completed.

Firm's actions:

In 2015, we revised our requirements and we provided relevant training, including case studies. We also issued further guidance on sample sizes relevant to the audit of income statement balances. The audit of revenue was a focus area for our AQST in 2015 and this will continue in 2016.

Our root cause analysis indicates that teams would benefit from coaching on the design of the revenue audit programme, with a focus on simplification and on demonstrating how the identified risks have been addressed. This will be driven by the Audit Quality Programme.

Ensure more effective audit procedures are performed to test IT controls and system generated reports which are relied upon

Testing the operational effectiveness of controls is necessary to provide the auditor with a proper basis on which to place reliance on them. This includes testing controls over IT systems including general IT controls, which relate to the IT environment such as the integrity and security of data, and application controls, which relate to the processing of transactions.

Our findings concerned the adequacy of testing and evidence of the work in relation to:

Application controls: the testing of certain controls in one audit was limited to a sample of one which did not cover each different type of transaction that the controls were designed to address.
Reliance placed on others to test IT general controls: there was insufficient evidence on one audit that the scope and extent of work performed by internal audit and outsourced providers was sufficient.
Reliance on reports generated from IT systems: on one audit there was insufficient evidence that the completeness of revenue reports had been adequately tested.

Firm's actions:

In 2015, we have focused on improving consistency in the audit of IT controls and system generated reports. We have provided training to our audit and IT audit professionals and, as part of our investment in developing our new audit tool, we have amended our IT audit guidance to drive improvements. We will continue this focus in 2016.

Our root cause analysis indicates that in limited cases the depth of IT experience included on the audit team may have contributed to the issues identified by the FRC. Within our Audit Quality Programme the "Working with Specialists” workstream is addressing how to further integrate our IT audit professionals with our core audit teams.

Continue to strengthen the firm's monitoring of compliance with its independence policies and procedures

Firms are required to have policies and procedures in place to maintain auditor objectivity and independence. Insufficient monitoring of compliance with the firm's policies and procedures could compromise the firm's objectivity and independence.

A need for improvements to the firm's monitoring of its independence policies and procedures was identified in the following areas:

Monitoring of holdings in prohibited financial interests: the firm was not monitoring on a timely basis prohibited financial interests held by partners and staff in audited entities. It is now doing so on a daily basis to ensure the prompt disposal of such holdings.
Delays by the Independence team in notifying the relevant audit partner of independence breaches: the firm identified cases where holdings of prohibited financial interests in audited entities by other partners were not notified to the relevant audit engagement partners on a timely basis and, consequently, there were also delays in notifying Audit Committees. New procedures were implemented in the year.
Monitoring of partners leaving the firm: until recently, the firm did not have adequate procedures in place to monitor roles subsequently taken on by partners who leave the firm, such as joining audited entities.
Monitoring of completion of independence training: the firm's procedures to ensure that mandatory training was completed by the required deadline were not sufficiently timely and robust at the time of our review. New monitoring and follow up procedures were subsequently implemented for the 2015 mandatory training.

We also identified independence issues on certain audits:

The firm provided non-audit services to an entity without adequately assessing whether the safeguards in place to reduce or eliminate potential threats to independence were likely to be effective.
Audit teams for two investment trust entities did not adequately consider whether entities within the same group of companies were connected parties, and the implications for the independence of the firm.

Firm's actions:

As the FRC have noted we have made significant investment in increasing the resources of our independence team. We have formalised our processes and put in place more rigorous review and approval processes. We will continue to monitor the sufficiency of the actions we have taken in the light of any independence issues arising in the current year, including evaluating the underlying cause of such issues and making further changes to our processes as necessary.

3. Assessment of the quality of audits reviewed

We reviewed selected aspects of 20 individual audits in 2015/16. Of these, one was a first year engagement.

The bar chart below shows the results of our assessment of the quality of the audits we reviewed in 2015/16, with comparatives for the previous four years². The number of audits within each category in each year is shown at the top of each bar.

Assessment of Quality of Audits Reviewed - 2011-2016

We identified the following examples of good practice in 2015/16 which contributed to audits being assessed as requiring no more than limited improvements:

The scoping of, and involvement in, group audits.
The evaluation of IT controls deficiencies and procedures to address these.
The quality of the testing of journals.

The principal issues resulting in three audits being assessed as requiring more than limited improvements in 2015/16 included the following (further details of which are set out in section 2):

The extent of challenge of management in relation to impairment reviews and provisions; and
Deficiencies in the audit of revenue.

Audits inspected in 2015/16

We estimate that the firm audited 327 UK entities within the scope of independent inspection as at 31 December 2014. Of these entities, our records show that 136 had securities listed on the main market of the London Stock Exchange, including 10 FTSE 100 companies and 38 FTSE 250 companies.

The following chart provides a breakdown of the audits inspected in 2015/16 by type of entity³:

Audits reviewed by type of entity

Audit Quality Indicators

The firm's transparency report for the year ended 30 June 2015 includes certain Audit Quality Indicators (AQIs) which the six largest audit firms are using. We believe that such AQIs provide useful additional information to those wishing to understand firms' approaches to monitoring and improving audit quality.

We are pleased that firms have made a good start in identifying and monitoring AQIs. We would, however, encourage them to gather the relevant data on a more consistent basis and follow-up the results more effectively.

Audit Quality Review FRC Audit Division May 2016

Appendix A – Objectives, scope and basis of reporting

| Matter | Explanation |----------|----------| | 1. Overview |----------|----------| | 1. Overview | This report sets out the principal findings arising from the 2015/16 inspection of Ernst & Young LLP ("EY" or "the firm") carried out by the Audit Quality Review team of the Financial Reporting Council ("the FRC"). We conducted this inspection in the period from February 2015 to January 2016 ("the time of our inspection"). We inspect EY, and report publicly on our findings, annually. | | Audits in the scope of our inspection | In addition to the UK audits in scope, as stated in section 3 of our report, the UK firm audits a number of entities incorporated in Jersey, Guernsey or the Isle of Man whose securities are traded on a regulated market in the European Economic Area. These audits are inspected by us under separate arrangements agreed with the relevant regulatory bodies in those jurisdictions. The results of these reviews are included in this report. Our records show that, at the time of our inspection, the firm had 37 such audits, with no FTSE 100 companies. |----------|----------| | Objectives of our inspection | The overall objective of our work is to monitor and promote improvements in the quality of auditing. As part of our work, we monitor compliance with the regulatory framework for auditing, including the Auditing Standards, Ethical Standards and Quality Control Standards for auditors issued by the FRC and other requirements under the Audit Regulations issued by the relevant professional bodies. The standards referred to in this report are those effective at the time of our inspection, or, in relation to our reviews of individual audits, those effective at the time the relevant audit was undertaken. |----------|----------| | Objectives of our inspection | The overall objective of our work is to monitor and promote improvements in the quality of auditing. As part of our work, we monitor compliance with the regulatory framework for auditing, including the Auditing Standards, Ethical Standards and Quality Control Standards for auditors issued by the FRC and other requirements under the Audit Regulations issued by the relevant professional bodies. The standards referred to in this report are those effective at the time of our inspection, or, in relation to our reviews of individual audits, those effective at the time the relevant audit was undertaken. | | Audits in the scope of our inspection | In addition to the UK audits in scope, as stated in section 3 of our report, the UK firm audits a number of entities incorporated in Jersey, Guernsey or the Isle of Man whose securities are traded on a regulated market in the European Economic Area. These audits are inspected by us under separate arrangements agreed with the relevant regulatory bodies in those jurisdictions. The results of these reviews are included in this report. Our records show that, at the time of our inspection, the firm had 37 such audits, with no FTSE 100 companies. EY also supplies audit services to local authorities and the NHS (Local Public Audits - LPAs). Whilst we review LPAs undertaken by firms, this is done under separate arrangements agreed with the Public Sector Audit Appointments Limited (PSAA), previously the Audit Commission. The results of these reviews are not included in this report because the LPA inspections fulfil a different purpose to those considered in this report. These reviews of LPAs form part of the PSAA's assessment of the quality of contracted-out audits. The PSAA publishes its assessment both in overall terms and individually by firm. The most recent reports can be found on its website. | | Impact of our risk-based inspection approach | Our inspection was not designed to identify all weaknesses which may exist in the design and/or implementation of the firm's policies and procedures supporting audit quality or in relation to the performance of the individual audit engagements selected for review and cannot be relied upon for this purpose. | | Key audit areas inspected | In selecting which aspects of an audit to inspect, we take account of those areas considered to be higher risk by the auditors and Audit Committees, our knowledge and experience of audits of similar entities and the significance of an area in the context of the audited financial statements. The rationale for including each area of audit work (or excluding any area of focus listed in the auditors' report) is documented as part of the planning process for each audit inspected. | | Our reports on individual audits | We issue a report on each individual audit reviewed during an inspection to the relevant audit engagement partner or director and the chair of the relevant entity's Audit Committee (or equivalent body). | | Our emphasis on improvements to audit quality | We seek to identify areas where improvements are, in our view, needed in order to safeguard audit quality and/or comply with regulatory requirements and to agree an action plan with the firm designed to achieve these improvements. Accordingly, our reports place greater emphasis on weaknesses identified which require action by the firm than areas of strength and are not intended to be a balanced scorecard or rating tool. | | Basis of our public reporting | While our public reports seek to provide useful information for interested parties, they do not provide a comprehensive basis for assessing the comparative merits of individual firms. The findings reported for each firm in any one year reflect a wide range of factors, including the number, size and complexity of the individual audits selected for review which, in turn, reflects the firm's client base. An issue reported in relation to a particular firm may therefore apply equally to other firms without having arisen in the course of our inspection fieldwork at those other firms in the relevant year. Also, only a small sample of audits is selected for review at each firm and the findings may therefore not be representative of the overall quality of each firm's audit work. | | Purpose of this report | This report has been prepared for general information only. The information in this report does not constitute professional advice and should not be acted upon without obtaining specific professional advice. To the full extent permitted by law, the FRC and its employees and agents accept no liability and disclaim all responsibility for the consequences of anyone acting or refraining from acting in reliance on the information contained in this report or for any decision based on it. | | Inspection findings included in our public report | We exercise judgment in determining those findings to include in our public report on each inspection, taking into account their relative significance in relation to audit quality, in the context of both the individual inspection and any areas of particular focus in our overall inspection programme for the year. Where appropriate, we have commented on themes arising or issues of a similar nature identified across more than one audit. | | Inspection of audits outside our scope | The professional accountancy bodies in the UK register firms to conduct audit work. Their monitoring units are responsible for monitoring the quality of audit engagements falling outside the scope of our work but within the scope of audit regulation in the UK. Their work, which is overseen by the FRC, covers audits of UK incorporated companies and certain other entities which do not have any securities listed on the main market of the London Stock Exchange and are not otherwise defined as being within the scope of our work. |

All matters raised in this report are based solely on the work which we carried out for the purposes of our inspection.

Appendix B – How we assess audit quality

We assess the quality of the audit work we inspect using the following four categories:

Good (category 1);
Limited improvements required (category 2A);
Improvements required (category 2B); and
Significant improvements required (category 3).

The assessments of the quality of the audits we reviewed in our public reports on individual firms combine audits assessed as falling within categories 1 and 2A.

These four categories have been used consistently since 2008, although there have been some minor refinements to the category descriptions over the years. They reflect our assessment of the overall significance of the areas requiring improvement that we have reported to the Audit Committee and the auditor. We expect the auditor to make appropriate changes to its audit approach for subsequent years to address all issues raised.

An audit is assessed as good where we identified no areas for improvement of sufficient significance to include in our formal report. Category 2A indicates that we had only limited concerns to report. Category 2B indicates that more substantive improvements were needed in relation to one or more issues reported.

An audit is assessed as requiring significant improvements (category 3) if we have significant concerns in relation to the sufficiency or quality of audit evidence, the appropriateness of key audit judgments or other matters identified. In such circumstances we may request some remedial action by the firm to address our concerns and to confirm that the audit opinion remains appropriate. We will generally review a subsequent year's audit to confirm that appropriate action has been taken.

We exercise judgment in assessing the significance of issues identified and reported. Relevant factors in assessing significance include the materiality of the area or matter concerned, the extent of concerns regarding the sufficiency or quality of audit evidence, whether appropriate professional scepticism appears to have been exercised, and the extent of non-compliance with Standards or a firm's methodology.

Our inspections focus on how selected aspects of a particular audit were performed. They are not designed to assess whether the information being audited was correctly reported. An assessment that an audit required significant improvements, therefore, does not necessarily mean that an inappropriate audit opinion was issued, the financial statements failed to show a true and fair view or that any elements of the financial statements were not properly prepared.

Equally, where we have assessed an audit as requiring significant improvements, this does not necessarily imply potential misconduct on the part of an individual or audit firm which may warrant investigation and/or enforcement action by the FRC.

Financial Reporting Council 8th Floor 125 London Wall London EC2Y 5AS

+44 (0)20 7492 2300 www.frc.org.uk

FRC Plan and Budget 2016/17 ↩↩
Changes to the proportion of audits falling within each category from year to year reflect a wide range of factors, which may include the size, complexity and risk of the individual audits selected for review and the scope of the individual reviews. For this reason, and given the sample sizes involved, changes from one year to the next are not necessarily indicative of any overall change in audit quality at the firm. ↩↩
The listed entities whose audits we reviewed include six investment trusts or similar entities. ↩↩

Audit Quality Inspection Report May 2016: Ernst & Young LLP

File

Is this page useful?