Warning

The content on this page has been converted from PDF to HTML format using an artificial intelligence (AI) tool as part of our ongoing efforts to improve accessibility and usability of our publications. Note:

  • No human verification has been conducted of the converted content.
  • While we strive for accuracy errors or omissions may exist.
  • This content is provided for informational purposes only and should not be relied upon as a definitive or authoritative source.
  • For the official and verified version of the publication, refer to the original PDF document.

If you identify any inaccuracies or have concerns about the content, please contact us at [email protected].

Statement of Protocol between the FRC and the PCAOB

STATEMENT OF PROTOCOL BETWEEN THE PUBLIC COMPANY ACCOUNTING OVERSIGHT BOARD OF THE UNITED STATES AND THE FINANCIAL REPORTING COUNCIL OF THE UNITED KINGDOM ON COOPERATION AND THE EXCHANGE OF INFORMATION RELATED TO THE OVERSIGHT OF AUDITORS

The Public Company Accounting Oversight Board in the United States ("PCAOB"), based on its obligations and authority under the Sarbanes-Oxley Act of 2002, as amended, ("the Sarbanes-Oxley Act"),

and

the Financial Reporting Council in the United Kingdom ("FRC"), based on its obligations and authority under the Companies Act 2006, as amended, and related regulations and the determination by the European Commission pursuant to Article 47 paragraph 1(c) of the Directive 2006/43/EC in respect of the United States of America (the "Adequacy Determination"),

have agreed as follows:

Article I. PURPOSE

1The PCAOB in the United States and the FRC in the United Kingdom each seek to improve the accuracy and reliability of audit reports so as to protect investors and to help promote public trust in the audit process and investor confidence in their respective capital markets. Given the global nature of capital markets, the PCAOB and the FRC recognize the need for cooperation in matters related to the oversight of the auditors subject to the regulatory jurisdictions of both the PCAOB and the FRC.

2The purpose of this Statement of Protocol ("Statement") is to facilitate cooperation between the Parties to the extent permitted by their respective national laws in the exercise of their quality assurance, including inspections, investigations, disciplinary/enforcement activities or public oversight functions of auditors and audit firms subject to the regulatory jurisdictions of both the PCAOB and the FRC. The PCAOB and the FRC believe that it is in their common interest to cooperate in the oversight, including inspections and investigations, of auditors or audit firms that fall within the regulatory jurisdiction of all Parties to the extent that such cooperation is compatible with the Parties' respective laws and/or regulations, their important Interests and their reasonably available resources. Cooperation is intended to permit the Parties to meet their respective statutory oversight mandates. Cooperation, including by joint inspections, also is intended to assist the Parties in determining the degree to which one Party may rely in the future on the other Party's oversight activities with regard to auditors or audit firms that fall within the regulatory jurisdiction of the Parties.

3This Statement does not create any binding legal obligations or supersede domestic laws. This Statement does not give rise to a legal right on the part of the PCAOB, the FRC or any other governmental or non-governmental entity or any private person to challenge, directly or indirectly, the degree or manner of cooperation by the PCAOB or the FRC.

4This Statement does not prohibit the PCAOB or the FRC from taking measures with regard to the oversight of auditors or audit firms that are different from or in addition to the measures set forth in this Statement.

Article II. DEFINITIONS

For the purpose of this Statement,

"Auditor" means (a) a public accounting firm or a person associated with a public accounting firm or (b) a statutory audit firm or a statutory auditor as defined in the Companies Act 2006, as amended.

"Party" or "Parties" means the PCAOB and/or the FRC.

"Information" means public and non-public information which includes but is not limited to (1) reports on the outcome of inspections, including the results of firm-wide quality control reviews and engagement reviews, provided that the reports relate to auditors or audit firms that are subject to the regulatory jurisdictions of both the PCAOB and the FRC; and (2) Audit Working Papers or other documents held by auditors or audit firms, provided that the documents relate to matters that are subject to the regulatory jurisdictions of both the PCAOB and the FRC; and (3) Audit Investigation Reports provided that the reports relate to auditors or audit firms that are subject to regulatory jurisdictions of both the PCAOB and the FRC. "Audit Working Papers" and "Audit Investigation Reports" means any documents which are or have been held by a statutory auditor within the regulatory jurisdiction of the PCAOB and the FRC, which are related to the conduct of an audit conducted by that auditor, any report of an inspection of the conduct of an audit by a statutory auditor within the regulatory jurisdiction of the PCAOB and the FRC; or any report of an investigation into the conduct of a statutory auditor within the regulatory jurisdiction of the PCAOB and the FRC.

"Inspections" refers to reviews of auditors or audit firms to assess the degree of compliance of each firm and associated persons of that firm with applicable laws, rules and professional standards in connection with its performance of audits, the issuance of audit reports and related matters, pursuant to the Companies Act 2006, as amended, and related regulations in the United Kingdom, and the Sarbanes-Oxley Act.

"Investigations" refers to investigations undertaken by a Party of any act or practice, or omission to act, by a firm or associated person of such firm, that may violate applicable laws, rules or professional standards.

"SEC" means the United States Securities and Exchange Commission, a United States government agency, with authority for, among other things, oversight of the PCAOB.

Article III. COOPERATION

A. Scope of Cooperation

1Cooperation may include one Party sharing with the other Party information including information relating to auditors or audit firms that fall within the regulatory jurisdiction of both the PCAOB and the FRC. Any information provided shall be used by the requesting Party as permitted or required by their respective authorizing statutes—which include the Sarbanes-Oxley Act in the United States and the Companies Act 2006 in the United Kingdom, as amended—and any rules or regulations promulgated thereunder.

2Cooperation may include one Party assisting the other Party in an inspection1 or an investigation by performing activities that may include but are not limited to facilitating access to information and/or, if requested, reviewing audit work papers and other documents, interviewing firm personnel, reviewing a firm's quality control system and/or performing other testing of the audit, supervisory and quality control procedures of a firm on behalf of the other Party. In carrying out joint inspections, neither Party delegates its responsibilities on quality assurance to the other. Before joint inspections may begin each year, the Parties must agree on the specific approach to working together during the inspection.2

3Cooperation in the context of an inspection or investigation does not cover a request for assistance or information to the extent that it involves a Party obtaining on behalf of the other Party information which the requesting Party is not entitled to under its own laws or regulations.

4The scope of cooperation may vary over time and with each inspection or investigation.

5Cooperation in the context of an inspection also may include the exchange of each Party's respective inspection guides.

6The Parties may at the request of either Party consult on issues related to the matters covered by this Statement, and otherwise exchange views and share experiences and knowledge gained in the discharge of their respective duties to the extent consistent with their respective laws and regulations.

B. Request for Information

1Each Party may provide the other Party with information upon request.

2Requests shall be made in writing (including e-mail) and addressed to an appropriate contact person of the requested Party.

3The requesting Party shall specify the following, to the extent appropriate:

  1. The information requested;
  2. The reasons why the information is needed and, if applicable, the relevant provisions that may have been violated;
  3. The purposes for which the information will be used3;

4Other than routine requests such as for payment of annual fees and in connection with registration and annual or special reporting requirements, and barring exceptional circumstances, requests for non-public information from a firm in the other Party's jurisdiction shall be sent to the other Party, which will pass on the request (in the form provided by the requesting Party) to the firm.

5If a Party denies a request in part or in full or withholds any requested information the requested Party shall inform the requesting Party of the nature of the information being withheld and the reasons for its denial. In the event a Party or a firm is unable or unwilling to provide requested information, the Parties will consult to determine if there are alternative ways to meet the requirements of the requesting Party.4

The FRC has informed the PCAOB that in accordance with section 1253E of the Companies Act 2006, as amended, it may refuse to act on a request from the PCAOB, or direct that a firm refuse to act on such a request where:

  1. it concludes that the provision of information would adversely affect the sovereignty, security or public order of the European Union or of the United Kingdom;
  2. legal proceedings have been brought in the United Kingdom (whether continuing or not) in relation to the persons or matters to which the request relates; or
  3. the protection of the commercial interests of any audited person, including its industrial and intellectual property is undermined.

6In cases where the information requested may be maintained by, or available to, another authority within the country of the requested Party, the requested Party shall consider whether it can obtain and provide to the other Party the information requested, to the extent possible in light of available resources and as permitted by law or regulations in their respective countries.

7While the Parties may transfer information received in the course of cooperation to other entities in accordance with Article IV (6 to 7) below, the Parties themselves may use such information only as permitted or required by their respective authorizing statutes i.e., for the purposes of inspection, investigation, and oversight of auditors and audit firms.. If any Party intends to use information received in the course of cooperating for any purpose other than that stated in the original request under Article III.B.3(c), it must obtain the prior written consent of the requested Party. If the requested Party consents to the use of information for any other purpose, it may subject it to conditions.

8Any document or other material provided in response to a request under this Statement and any copies thereof shall be returned on request to the extent permitted by applicable laws, rules and regulations.

9A Party may take copies of information held by a firm in the other Party's jurisdiction and provided to it in accordance with this Statement, as needed to comply with its documentation requirements. The Party may transfer from the other Party's jurisdiction to its own jurisdiction these copies in order to support its quality assurance, including inspections, investigations, disciplinary/enforcement activities or public oversight functions. The Party will identify the information copied for the other Party before transferring them. The arrangements established between the Parties with respect to the transfer of personal data in accordance with Article V must be observed.

Article IV. CONFIDENTIALITY

With respect to any non-public information, and all personal data, professional secrets, industrial property, intellectual property and sensitive commercial information provided to another Party in connection with an inspection or investigation, the Parties agree that:

1The requesting Party has established and will maintain such safeguards as are necessary and appropriate to protect the confidentiality of the information, including storing the information in a secure location when not in use.

2The requesting Party has provided to the other Party a description of its applicable information systems and controls and a description of the laws and regulations of the government of the requesting Party that establish appropriate limits on access to non-public information.

3The requesting Party will inform the other Party if the safeguards, information systems, controls, laws or regulations referenced in paragraphs (1) and (2) above change in a way that would weaken the protection for the information and/or documents provided by the other Party.

4Except as set out below, each Party shall keep confidential all non-public information received in the course of cooperating, to the extent consistent with its laws and/or regulations. The obligation of confidentiality shall apply to all persons who are or have been employed by the Parties, involved in the governance of the Parties or otherwise associated with the Parties. In addition, only individuals and entities that are independent of the auditing profession will have access to the non-public information and/or documents provided. "Independent of the auditing profession" means that the individual or entity is not a practising auditor or affiliated to an audit firm.

5A Party may issue public inspection reports as permitted or required by the law of that Party's jurisdiction, including reports that identify the firm inspected and the inspection results. A Party may also publicly announce sanctions imposed upon auditors or audit firms as permitted or required by the law of that Party's jurisdiction. Before publicly announcing any sanctions imposed on an auditor or audit firm that is located in the other Party's jurisdiction and subject to the other Party's authority, the Party shall give advance notice of the publication to the other Party.

6The PCAOB may share with the SEC5, non-public information that the PCAOB has obtained from the FRC or with the approval of the FRC in the course of cooperating under this Statement as follows:

  1. Upon the PCAOB's own initiative, any information obtained in connection with the PCAOB's audit regulatory functions, i.e., auditor oversight, quality assurance (including inspections), and investigations and discipline or enforcement activity in relation to auditors and audit firms, that it considers relevant to (i) the SEC's oversight of auditors or audit firms, or (ii) the SEC's oversight over the PCAOB.
  2. Upon request by the SEC, information shared for the purposes of: (i) the SEC's oversight of auditors or audit firms or (ii) the SEC's oversight over the PCAOB; and
  3. For information not available to the SEC under (a) or (b) above, the PCAOB shall follow the procedures set forth in paragraph 7 of this Article IV below.

7Except as set out in paragraph 6 (a) and (b) of this Article IV above, a Party that intends to transfer to a third party any non-public information received in the course of cooperation shall request the prior written consent of the Party which provided the information.

  1. The Party that intends to transfer this information shall indicate the reasons and the purposes for which the information is to be transferred.
  2. The PCAOB may share such Information only with those entities identified in section 105(b)(5) of the Sarbanes-Oxley Act, which states that these entities shall maintain such information as confidential and privileged.
  3. The FRC may share such information only with certain UK law enforcement entities or UK regulatory authorities as permitted by the Companies Act 2006, as amended, as long as the intended recipient is legally obligated or has agreed to maintain such information as confidential.
  4. A Party shall respond within ten days upon receiving notice from the other Party that it seeks to transfer information to a third party. The Party receiving such notice shall endeavour to provide its consent in response to requests to the transfer of information to this party, if its applicable law does not preclude it from providing consent. Where the Party receiving notice concludes that it cannot give consent, it shall set out its reasons to the other Party. The Party seeking to transfer information shall consider the other Party's objections carefully and will consult further with the other Party before deciding whether the transfer is required by law or otherwise necessary to accomplish the purposes of the law in the relevant jurisdiction, or is necessary in connection with legal proceedings, in which case, it shall use best endeavours to inform the other Party without delay and where reasonably possible at least five days in advance of transferring the information.

Article V. THE TRANSFER OF PERSONAL DATA

The transfer of personal data pursuant to this Statement of Protocol is subject to the establishment of appropriate arrangements on the transfer of personal data.

Article VI. ENTRY INTO EFFECT, EXPIRATION AND TERMINATION

1This Statement comes into force from the 24th of April, 2017. It will have effect only during the period that the Adequacy Determination of the European Commission is also in force.

2The Parties may consult and revise the terms of this Statement in the event of a substantial change in the laws, regulations, or practices affecting the operation of this Statement.

3This Statement may be terminated by either Party at any time. After termination of this Statement, the Parties shall continue to maintain as confidential, consistent with Article IV, any information provided under this Statement.

James R. Doty Chairman Public Company Accounting Oversight Board

Date: 4.34.17

M McLare Melanie McLaren Executive Director Audit and Actuarial Regulation Division Financial Reporting Council

Date: 25 April 2017

The PCAOB has informed the FRC that under Section 105(b)(5)(B) of the Sarbanes-Oxley Act, the PCAOB may share information transferred to it with the SEC upon request or upon its initiative. In the Board's discretion, the Board also may share information with certain other federal and state regulatory authorities as identified in the Act if the Board determines that sharing information with those authorities is necessary to accomplish the purposes of the Act or to protect investors.

Footnotes

  • the request relates to the audit of a Company that has listed securities in the United States or forms part of a group issuing structured consolidated accounts in the United States;
  • investigations have been initiated by the requesting Party;
  • the transfer does not conflict with the obligations with which auditors are required to comply in relation to the transfer of audit working papers and other documents to their home competent authority; and
  • the requesting Party informs in advance the other Party of each direct request for information, indicating the reasons thereof.

    1. The FRC has informed the PCAOB that section 1253DE of the Companies Act 2006, as amended, requires that (i) the FRC participates in an inspection of a UK firm, which the PCAOB wishes to inspect; and (ii) the inspection of a UK firm must be under the leadership of the FRC, unless the FRC otherwise permits. The FRC will not use its leadership role to prevent the PCAOB from taking necessary steps to meet its inspection objectives. 

    2. The FRC has informed the PCAOB that, in accordance with Section 1253E of the Companies Act 2006, as amended, it is only permissible for the FRC to request, transfer, or agree to the transfer of, information in connection with (i) external quality assurance of auditors or audit firms; (ii) the investigation/discipline/enforcement activity in relation to auditors and audit firms; and (iii) public oversight of auditors or audit firms. 

    3. The FRC has informed the PCAOB that sections 1253DA, 1253DB and 1253DC and paragraph 16AB of Schedule 10 of the Companies Act 2006, as amended, require that audit working papers and other documents requested by the PCAOB can only be transferred to the PCAOB (i) by the FRC; (ii) by the firm with the clear agreement of the FRC; or (iii) in exceptional cases, directly to the PCAOB by the firm, provided that:

         

      1. The PCAOB has informed the FRC that, if the information or documents are not provided, and it determines that it cannot satisfy its regulatory obligations without the requested information or documents, it may take certain actions as allowed by its domestic laws, rules and regulations against the relevant firm(s) for refusing to provide the requested information. 

      2. By Commission Implementing Decision (EU) 2016/1156 of 14 July 2016, the European Commission has declared the SEC adequate for the purpose of Article 47(1) of the Audit Directive. 

    File

    Name Statement of Protocol between the FRC and the PCAOB
    Publication date 27 September 2023
    Type Statement
    Format PDF, 1.7 MB
    Download original
    Back to top