The content on this page has been converted from PDF to HTML format using an artificial intelligence (AI) tool as part of our ongoing efforts to improve accessibility and usability of our publications. Note:

No human verification has been conducted of the converted content.
While we strive for accuracy errors or omissions may exist.
This content is provided for informational purposes only and should not be relied upon as a definitive or authoritative source.
For the official and verified version of the publication, refer to the original PDF document.

If you identify any inaccuracies or have concerns about the content, please contact us at [email protected].

Annual Enforcement Review 2024

The FRC does not accept any liability to any party for any loss, damage or costs however arising, whether directly or indirectly, whether in contract, tort or otherwise from action or decision taken (or not taken) as a result of any person relying on or otherwise using this document or arising from any omission from it.

The Financial Reporting Council Limited 2024 The Financial Reporting Council Limited is a company limited by guarantee. Registered in England number 2486368. Registered Office: 8th Floor, 125 London Wall, London EC2Y 5AS

1 Overview by Executive Counsel

Confidence in financial reporting, underpinned by high quality independent audit focused on the public interest, encourages investment, and drives growth for the benefit of society as a whole. Proportionate, risk focused enforcement action upholds such confidence through holding to account those who have fallen short to a serious or significant extent and through deterring similar behaviour.

As importantly, however, the outcomes of enforcement activity, whether through targeted non-financial sanctions designed to prevent recurrence of breaches, or publication of breaches identifying their causes, have a key role in supporting and informing the vast majority of individuals and firms whose objective it is to deliver high quality. In these ways, enforcement outcomes contribute to the FRC's work as an improvement regulator enhancing the quality of financial reporting and audit.

Building on the above, this year, our thematic chapters address themes and lessons from concluded cases and highlight how proportionality is embedded throughout our approach to investigatory and enforcement work. An example of this is the careful choice of resolution mechanism, which this year resulted in three times as many cases identified for constructive engagement than were referred for investigation.

The past year was notable for the conclusion of several high-profile cases, most significantly the conclusion of the major Carillion audit investigations and the investigations into various audits of London Capital & Finance – learnings from which are included in this year's Review. Unusually, we had no Tribunal hearings.

Addressing matters within our control to improve timeliness continued to be a priority. Against stable headcount, continuing good progress was made in resolving legacy cases whilst in parallel achieving our timeliness KPIs for current cases.

Last year's themes chapter set out our co-operation expectations and gave examples of ways in which through exceptional co-operation subjects can benefit by helping to resolve investigations more promptly and by obtaining public credit and settlement discounts. Encouragingly, this year has seen further good examples of exceptional co-operation by firms and individuals during current investigations evidencing an ongoing commitment to self-improvement.

On that positive note I end by thanking everyone who has participated in or supported our enforcement activity this year, most particularly the members of the Division whose focus remains the delivery of fair, robust and proportionate outcomes.

Headshot of an older woman with blonde hair, wearing a black top and pearl necklaces and earrings.

FRC Executive Counsel Elizabeth Barrett

2 The year¹ at a glance

35 current investigations
6 investigations opened into auditors and accountants² in the year
13 cases resolved through Constructive Engagement
8 cases resolved through settlement
Financial sanctions of £48.2 million (before settlement discount)
1 case closed with no further action
53% of cases met the 2-year 50% key performance indicator³
88% of cases met the 3-year 80% key performance indicator⁴
This was achieved against a backdrop of modest headcount growth in team size to 70
Recurring themes in current audit investigations: objectivity and integrity, lack of scepticism, insufficient audit evidence, audit planning, going concern, revenue recognition, disclosures, risk of fraud and audit documentation

3 Concluded cases: themes and lessons

Introduction

This chapter identifies some of the themes and lessons emerging from Enforcement cases summarised in the 2023 and 2024 Annual Enforcement Reviews (AER). The themes are set out by reference to certain ISAs⁵ and topics which regularly occur in audits. Appendix A provides a summary of cases concluded and published with sanctions in FY2023/24, such as the major Carillion investigations, and includes points to note, facts, issues and outcomes.

Whilst this section identifies certain themes and lessons, in our concluded enforcement cases we continue to see ongoing failures in relation to obtaining sufficient appropriate audit evidence and documentation. The design and performance of audit procedures that are appropriate in the circumstances for the purpose of obtaining sufficient appropriate audit evidence is an essential process enabling an auditor to meet the objective of being able to draw reasonable conclusions on which to base their opinion. The adequacy of the documentation of the audit procedures performed and audit evidence obtained is critical to providing a sufficient and appropriate record of the basis for an auditor's report and establishing that the audit was planned and performed in accordance with all applicable requirements. These requirements are the basic foundation of any audit and are fundamental to its effectiveness, yet numerous failures in these areas persist.

Ongoing failures in relation to obtaining sufficient appropriate audit evidence and documentation

Understanding the entity

ISA (UK) 315 makes clear that an auditor's ability to identify and assess the risks of material misstatement affecting an entity is interdependent with an auditor's understanding of the entity which is being audited. An effective understanding of the entity forms an essential part of the basis for designing and implementing responses to the assessed risks of material misstatement (as required by ISA (UK) 330).
In recent Enforcement cases, there are several examples of auditors failing to adequately understand the entity being audited. This, in turn, has led to a failure to adequately identify and assess the risks of material misstatement, and consequential failures in the design and implementation of audit procedures to address those risks.
In circumstances where an auditor does not adequately understand the entity, there is an increased risk that audit procedures are not capable of effectively responding to the actual risks of material misstatement.

London Capital & Finance plc (LCF) was audited by three different audit firms (Oliver Clive & Co, PwC and EY) over three audit periods. Across the three audit periods investigated, each firm failed, in different ways, to gain an adequate understanding of the entity or to identify and assess the risks associated with its business. This led, in turn, to further failures in the performance of the audit. For example:

In the case of Oliver Clive & Co, the auditors failed to identify the most prominent risks associated with the audit, and inappropriately concluded that the audit was low risk, as a result. LCF had only one asset of any value (its single loan debtor), and any significant impairment of that asset would have resulted in LCF being unable to repay its bondholders. The auditors should have designed specific audit procedures to assess the recoverability of the loan, and hence determine whether the carrying value of the asset was accurate, but this was not done.
In the case of PwC, the auditors failed to gain an adequate understanding of the nature of LCF's business, including the nature of its loan debtors and, in particular, whether the borrowers had accepted the high costs of lending imposed on them. This was relevant to the risk of material misstatement of the financial statements and had implications for the assessment of LCF's ability to continue as a going concern. When the auditors went on to audit LCF's revenue, the audit procedures conducted in respect of the loans did not provide assurance that the borrowers had agreed to accept these costs (which were not quantified in the loan agreements), that the interest charged was consistent with the outstanding loan balance, or that the amounts received related to the interest. The audit procedures did not, therefore, provide sufficient appropriate audit evidence that the cost of funds element of LCF's revenue was not materially misstated.
In the case of EY, the auditors again failed to gain an adequate understanding of the nature of LCF's business, but in this instance a significant issue was the failure to adequately understand the extent of the match between the maturity of loans made and bonds issued. This resulted in limited work being undertaken to address how LCF managed its cashflow to address the mismatch. The audit team never fully worked through the issues pertaining to the matching of bonds to loans, and the impact on LCF's liquidity and ability to continue as a going concern.

An auditor is required to identify and assess the risks of material misstatement through understanding the entity and by performing risk assessment procedures to determine which risks are significant.

In another case,⁷ it was the first year that the auditors had audited the entity. They were aware, from an early stage, that the previous audit firm had resigned, in part, due to difficulties arising from the audit of certain property transactions. The accounting for property and consultancy revenue was an important judgement and had a significant impact on the financial performance of the entity.

However, at the audit planning stage, the auditors did not identify revenue recognition on the property transactions as a significant risk of material misstatement which required special audit consideration. Had they done so, more extensive audit procedures and consultation would have been required.

Further, there were several failures in the performance of the audit work including:

A failure to initiate a formal consultation on the technical aspects of accounting for the property transactions.
A failure to challenge the selection of management's accounting policy.
A failure to obtain sufficient evidence in relation to the commercial substance of the transactions.

This case is a further demonstration of the importance of understanding the entity when effectively classifying the risk of material misstatement and the design and implementation of audit procedures to address the risk.

In MacIntyre Hudson LLP (MHA)/MRG Finance UK plc (MRG UK),⁸ the auditors failed to obtain an adequate understanding of the regulatory framework applicable to the entity. In two consecutive audit years, the audit team failed to ultimately identify that MRG UK was a Public Interest Entity.

This led to several consequential breaches of Relevant Requirements:

The audit firm prepared the financial statements of MRG UK and so provided MRG UK with 'prohibited non-audit services' between the beginning of the period audited and the issuing of the Auditor's Report. This was contrary to the provisions of the Ethical Standard, which is designed to address circumstances where there is a risk that an audit firm's independence may be compromised.
No Engagement Quality Control Reviewer was appointed and so no Engagement Quality Control Review was performed before the Auditor's Report was signed. This is an important quality control role which is key to safeguarding audit quality.
The Auditor's Report in each year did not comply with the requirements of ISA (UK) 700 and ISA (UK) 701, including that such Reports did not explain to what extent the audit was considered capable of detecting irregularities (including fraud) or include a description of the most significant assessed risks of material misstatement (whether or not due to fraud). This information is designed to assist the users of accounts to understand critical aspects of the audit.

These impacts all flowed directly from the auditors' fundamental failure to obtain an adequate understanding of the entity and concerned breaches of standards which are designed to ensure a greater level of reassurance that the financial statements of a Public Interest Entity are fair and accurate.

Professional scepticism: being alert to conditions which may indicate possible misstatement due to error or fraud

Insufficient professional scepticism continues to be a feature of enforcement cases. As ISA (UK) 200 makes clear in its definition, the exercise of professional scepticism is an attitude that includes a questioning mind and the critical assessment of audit evidence. An auditor is required to be alert to conditions

which may indicate possible misstatement due to fraud or error.⁹ Failures in this specific regard arose in several enforcement cases this year, where the context and circumstances of the audit evidence amounted to red flags indicating possible misstatement.

In EY/LCF, Director A had, in effect, sole control of LCF. They had the ability to authorise loans to entities, but the ability of those entities to repay the loans, and the uses to which the loaned funds were put were not subject to any further scrutiny. This gave rise to a clear risk of management override of controls which, in turn, is a condition which may increase the risk of material misstatement. However, the audit team failed to exercise professional scepticism, and placed undue weight on information provided by Director A, regarding aspects of the audit where he was able to override existing controls.

In Oliver Clive & Co/LCF, when auditing related parties, the auditors failed to apply sufficient professional scepticism when reviewing a loan to Company A, even though the circumstances of the loan heightened the risk of material misstatement and warranted the application of careful scepticism. These included that the terms of the loan were, on the face of it, not commercial and the figures in the confirmation letters provided in relation to the loan had not been independently arrived at by Company A.

In PwC/LCF there were particular characteristics of LCF's loan debtors which required but did not receive appropriate professional scepticism. These included the fact that all but one of LCF's loan debtors were related parties or had links to a Director of LCF, the loans appeared to have been made on uncommercial terms, and the relevant director was unwilling to send requests for external confirmations to debtors.

In KPMG/Carillion,¹⁰ in 2013 Carillion plc (Carillion) entered into transactions that involved changing its provider of outsourced IT and business process services. At the same time as entering into a contract for those services with the new provider, Carillion concluded other agreements, with the same counterparty, involving the assignment of certain intellectual property (IP) rights for a significant sum, as well as receiving a further sum as a contribution to 'exit fees' payable to the former outsourcing provider. Each of these transactions was treated in Carillion's financial statements as being independent of each other and this treatment resulted in a significant increase in Carillion's reported profit for 2013.

In 2016 Carillion extended the outsourcing contract and similarly entered into other agreements with the same counterparty, involving the assignment of different IP rights, and a contribution to 'mobilisation costs' incurred by Carillion. Again, the transactions were treated in Carillion's financial statements as being independent of each other and this treatment resulted in a significant increase in Carillion's reported profit.

In each case there was an obvious question as to whether the IP transactions were linked to the outsourcing contract and were not at fair value. The fact that the contracts were entered into at the same time and with the same

counterparty meant the auditors should have been sceptical as to whether the transactions were linked and should have been accounted for accordingly.

However, in each case, the auditors failed to perform audit procedures that would have provided sufficient appropriate audit evidence to enable them to conclude on the appropriate accounting treatment of the transactions.

In KPMG/M&C Saatchi plc (M&C Saatchi),¹¹ the auditors failed to exercise adequate professional scepticism when considering certain journal entries, notwithstanding that there were features of those journal entries which increased the risk of misstatement. These included that the adjustments being made in the journals were inherently risky: they increased revenue and profit, and they bypassed the controls for booking entries into M&C Saatchi's accounts.

As these varied examples demonstrate, when gathering and analysing information and evidence, an appropriate auditor mindset which is alive to possible red flags and engages in critical assessment of the evidence is essential to an effective audit.

Subjective judgements and estimates concerning forecast total revenue and costs need careful scrutiny

Accounting for long-term contracts

Long-term contracts are contracts where the performance of the relevant obligations extends across a number of accounting periods. Accounting for such contracts still in progress at the end of each period invariably requires management to forecast total revenue and costs to determine the amount of revenue and profit to be recognised in the period, and whether or not a contract should be treated as loss-making overall. There is often significant uncertainty regarding both revenue and costs, whether arising from the terms of the contracts themselves, or from events that occur during the performance of the contract that result in additional costs being incurred that may be recovered either from the customer or another party. Judgements and estimates made relating to these amounts are inevitably subjective and present a heightened risk of misstatement from management bias, particularly where the amounts involved are substantial. The auditing of accounting for long-term contracts is an issue that arose in KPMG/Carillion and a number of cases reported last year. ¹², ¹³, ¹⁴

A significant part of the business of each of the audited entities consisted of long-term contracts, including certain contracts where, due to their size and complexity, the amounts recognised in each of the periods investigated were material to the overall performance of the business as reported in the financial statements. In each case serious failings were identified in the audits of certain of these contracts.

As a starting point it is necessary for auditors to examine carefully the terms of the relevant contracts and obtain a proper understanding of provisions that addressed, for example, whether the contract price is fixed or allowed expressly for variations, whether a particular level of profit is apparently

guaranteed, and any consequences of delays in the performance of the contract and cost overruns. In each of these cases there were significant contracts where the auditors failed to perform this exercise properly and consequently did not sufficiently scrutinise management's judgements relating to the likely final outcome.

In all of the cases, management forecasts depended on significant increases in revenue, from variations to the original contract and and in all save one¹⁵ case from claims against both the customers and a range of third parties. The auditors failed to challenge sufficiently these forecasts and failed to obtain sufficient evidence to conclude that they were reasonable. In particular, the auditors did not consider adequately whether the variations had been agreed by the customer or negotiations had reached the point where it could be concluded that they would be agreed.

In two ¹⁶, ¹⁷ cases the reported results for certain contracts depended on the business achieving significant cost savings in completing the contracts, as compared to initial estimates at the inception of the contracts and/or previous forecasts. The auditors failed to challenge the achievability of the savings, in light of the level of historical costs incurred and indicators that making the specific savings appeared unlikely, and failed to obtain sufficient evidence to conclude that the forecasts were reasonable.

In two cases¹⁸, ¹⁹ the auditors did not properly understand and test the internal processes of the businesses that produced the estimates relied on for financial reporting. In the Carillion case the auditor relied on controls both at the individual contract level and ‘higher' levels but in neither case obtained evidence supporting the conclusion that the controls operated effectively to mitigate the risks identified. In the other case, the audit team did not adequately document or test the controls over measurement of contract revenue, costs, receivables and payables, or controls over estimating, tendering and monitoring of contracts.

Finally, in all the cases the audits were characterised by a failure to approach the issues with an appropriate level of professional scepticism, notwithstanding the significance of the judgements involved and the obvious risk of bias. Too often the auditors did not challenge management thoroughly and perform rigorous procedures, ultimately relying instead on documents and representations produced by management.

Proper understanding and testing of internal processes and controls used to arrive at management's estimates is key

Going concern

Several concluded cases have identified failures to follow proper audit procedures in relation to management's assessment of an entity's ability to continue as a going concern, and a failure to consider adequately management's use of the going concern assumption.

In KPMG/Carillion, the auditors failed to properly evaluate and challenge management's assessment of going concern, specifically they failed to

properly evaluate the assessment and ensure it included all relevant information. They also failed to identify and/or respond to events or conditions that collectively might have cast significant doubt over Carillion's ability to continue as a going concern, including a risk that Carillion's borrowing requirements might exceed its facilities, indicators that Carillion was not generating sufficient cash to reduce its borrowing, and indicators that Carillion might have difficulties in meeting its short-term financial commitments. In particular they did not consider Carillion's significant and growing use of supply chain finance arrangements, which had the potential to both obscure the true level of its ongoing debt and limit its access to further borrowing facilities. However, the auditors failed to identify any of these matters and failed to properly assess their cumulative effect on the going concern assumption and whether there was any material uncertainty about Carillion's ability to continue as a going concern.

In EY/LCF, the auditors failed to consider adequately the appropriateness of management's use of the going concern assumption. The auditors initially understood, wrongly, that the terms of LCF's bonds allowed the company to defer repayment to bondholders. While the audit team later appreciated the true position on this important point, they did not record this. Moreover, the audit team relied, wrongly, on assessments of the collateral supporting loans to borrowers when the key issue was whether borrowers could service their interest and repayment obligations without defaulting on their debts. Those issues, properly considered, would have cast significant doubt on LCF's ability to continue as a going concern.

In Oliver Clive & Co/LCF, only cursory attention was paid to the going concern assumption in discussions with management and the key issue of liquidity was overlooked. The audit team should have considered whether LCF would be able to pay its debts (i.e., to repay bondholders) when they became due (i.e., when bonds matured). The audit team had identified that LCF was reliant on only one borrower to be able to meet its obligations to pay capital and interest payments to bond holders. The audit team also identified that, post year end, Company B took over the loan to Company A. However, the Respondents did not consider the terms of the loan, and in particular whether the loan would provide sufficient funds to meet bond redemptions when they fell due. Moreover, LCF did not produce a cash flow forecast at the time of the 2015 audit. In the absence of such a forecast, it was not possible to assess the appropriateness of the going concern assumption.

In PwC/LCF, the auditors recorded several inaccurate statements relating to LCF's trading history and performance in the notes of their consideration of the going concern assumption. Further, the basis for their conclusion that there were no material uncertainties about the ability of LCF to continue as a going concern was undermined by a number of points, including LCF's relatively low level of net assets, the fact that LCF had failed to carry out due diligence on its borrowers (all but one of whom had current or previous related party relationships with a director of LCF) and the absence of financial forecasts to support the going concern assumption. The auditors failed to address the main factors affecting the going concern assumption, which were the mismatch in

maturity profiles between LCF's borrowing and its lending, the liquidity of LCF's borrowers (who were engaged primarily in property development), and the recoverability of the loans that LCF had made.

In MHA/MRG UK, in two consecutive audit years, the auditors failed adequately to consider whether events or conditions existed that may cast significant doubt on MRG UK's ability to continue as a going concern. The appropriateness of the going concern assumption in each of the Audits depended on whether an inter-company loan was impaired. In FP2018, there was no record indicating that any discussion took place with management regarding the going concern assumption, or a record of a conclusion as to whether a material uncertainty existed related to events or conditions that may cast significant doubt on MRG UK's ability to continue as a going concern, or reviewing future plans for MRG UK. Moreover, the auditors ought to have considered whether there were indicators that the intercompany loan was impaired. In FY2019, there was no documentary evidence on the Audit file recording that management provided the FY2019 audit team with an assessment of the going concern assumption. There was also no documentary evidence that the FY2019 audit team made any enquiries in relation to such an assessment (or about the ultimate repayment of the intercompany loan).

Failings in relation to going concern also featured in a case concluded in FY2022/23,²⁰ where the auditors failed to obtain sufficient appropriate audit evidence to support their conclusion as to the appropriateness of the entity's use of the going concern basis of accounting in preparing the FY2018 financial statements and/or whether a material uncertainty existed about the entity's ability to continue as a going concern. For example, there was no evidence on the FY2018 audit file that the auditors had given adequate consideration to the effect of foreign exchange volatility for the audit of the going concern assessment. The auditors also failed to maintain sufficient professional scepticism by failing to challenge or investigate adequately, or at all, the assumptions underlying the entity's working capital forecast.

4 Proportionality in Enforcement cases

Introduction

As set out in 'Our Approach to Regulation'²¹, the FRC embodies the Regulators' Code (the Code)²² in our objectives, values, and behaviours. Our investigation and enforcement process is led by the principles of good regulation and compliance with the Code.

Proportionality and consistency are embedded in our enforcement work. Examples of processes, mechanisms and safeguards in place which support this include:

A filtering process undertaken by the Case Assessment team to ensure that the approach adopted is proportionate to the issues identified. In the last three years this has resulted in fewer than 23% of cases considered by the Case Examiner being referred to the Conduct Committee for potential investigation.
A robust and independent function performed by the Conduct Committee when deciding whether to open an investigation or to direct that issues identified should be addressed through other means such as Constructive Engagement.
A targeted focus on key issues during the investigation process to ensure that our approach is proportionate.
A robust process for deciding whether enforcement action should be taken following investigation.
A professional and considerate approach which incorporates opportunities for subjects to participate, to provide their comments and perspectives and to co-operate, and which aims appropriately to mitigate the potential impact of regulatory activity on those subject to investigation.
A proportionate approach to sanctioning which takes into account such matters as the individual's or firm's size/financial strength when determining both the appropriate level of financial sanctions and the nature of any non-financial sanctions.

Fewer than 23% of cases considered by the Case Examiner are referred to the Conduct Committee

Our regulatory scope: who can be investigated?

The FRC has three main enforcement regimes: the Audit Enforcement Procedure (AEP),²³ the Accountancy Scheme²⁴ and the Actuarial Scheme (together, the Schemes). ²⁵ ²⁶ ²⁷

AEP

The AEP is the regime for audit-related investigation and enforcement matters. It came into force in 2016 at the same time as, and in consequence of the Statutory Auditors and Third Country Auditors Regulations 2016 (SATCAR).²⁸ SATCAR established the FRC as the Competent Authority for Statutory Audit with powers to investigate and sanction contraventions of Relevant Requirements. The AEP applies to Statutory Audit Firms and Statutory Auditors. Statutory Auditors are auditors registered with their Recognised Supervisory Bodies (RSBs)²⁹ as Responsible Individuals (RIs) for signing audits. RIs are likely to be at a senior level of the profession, typically a partner in the audit firm or at least a director. It follows that junior members of audit teams do not come within the scope of the AEP and cannot be investigated by us under the AEP.

The Accountancy and Actuarial Schemes

The Accountancy and Actuarial Schemes are the regimes used for non-audit matters. They are contractual arrangements between the FRC and the accountancy and actuarial professional bodies and provide for the investigation of misconduct in matters which raise important issues affecting the public interest.³⁰ Whilst the professional bodies conduct their own investigations and enforcement proceedings into accountants and actuaries, they refer the most serious such public interest cases to the FRC to be considered under the Schemes.³¹ The threshold tests for opening an investigation and for commencing enforcement action are higher under the Schemes than under the AEP. Enforcement investigations under the Schemes therefore focus on matters of high seriousness such as breaches of the fundamental principles of the accountancy professional bodies' 'Codes of Ethics', for example, integrity, objectivity and professional conduct.

As junior individuals are not within the scope of the AEP, and investigations under the Scheme arise where there is a question of serious breaches, in cases which give rise to significant public interest, it follows that it is rare for individuals other than those in senior positions to be subjects of our investigations.

It is rare for individuals other than those in senior positions to be subjects of our investigations

How are decisions to open investigations made? How do we ensure proportionality?

While all decisions to open investigations are the responsibility of the FRC Board, in practice they are delegated to the Conduct Committee.³² Referrals to the Conduct Committee are made by the FRC's Case Examiner.

The Case Examiner

The Case Examiner heads the Case Assessment (CA) team. The team conducts a filtering process to assist in ensuring that any action taken is proportionate to the concerns identified and that appropriate cases are referred to the Conduct Committee.³³

The CA team gathers information and assesses which of the following actions is the most appropriate in the circumstances namely, that the matter:

should be closed with no further action;
should be more appropriately referred to an RSB or professional body, or another regulator or agency;
can be dealt with by Constructive Engagement (in audit cases); or
should be referred to the Conduct Committee for consideration.

In assessing the most appropriate course of action the Case Examiner will consider the significance of the issue, including the significance of the entity or parties involved and the potential impact of any breaches, together with the wider public interest in the matter.

As can be seen from the table below, only a small and declining percentage of the matters considered by the Case Examiner have been referred to the Conduct Committee for potential investigation over the past three years with a larger proportion of cases over the relevant period being dealt with by Constructive Engagement or closed with no further action. As explained on page 30, where appropriate, Constructive Engagement is an alternative to investigation. It is focused on ensuring that less serious breaches have been rectified and the risk of repetition has been adequately addressed, and places a lesser regulatory burden on audit firms whilst enabling the FRC to focus resources on addressing priority risks.³⁴

Similarly, potential Schemes matters, such as those which come to the attention of the Case Examiner via horizon scanning, can be referred by the Case Examiner to RSBs if the evidential or public interest threshold tests under the Schemes for opening an investigation are unlikely to be met.³⁵

This Case Assessment process thereby operates as a filter for cases considered to be unnecessary or disproportionate to investigate.³⁶

The Case Assessment process operates as a filter for cases considered for investigation

The CA team gathers information and assesses which of the following actions is the most appropriate in the circumstances namely, that the matter:

should be closed with no further action;
should be more appropriately referred to an RSB or professional body, or another regulator or agency;
can be dealt with by Constructive Engagement (in audit cases); or
should be referred to the Conduct Committee for consideration.

The Case Assessment process operates as a filter for cases considered for investigation

This Case Assessment process thereby operates as a filter for cases considered to be unnecessary or disproportionate to investigate.³⁶

No. of matters considered by the Case Examiner	Matters referred for Constructive Engagement	Matters referred to the Conduct Committee for potential investigation
	No.	% of matters considered
2023/24	60	28
2022/23	57	16
2021/22	62	24

The Conduct Committee decision to open an investigation.

The Conduct Committee³⁷ currently comprises three board members and is supported by three Senior Advisors. The Committee considers papers presented by the Case Examiner and makes its decision following robust scrutiny and discussion. The Committee can defer a decision to a later meeting if further information is required. The General Counsel attends the Committee meetings to ensure that the applicable tests for opening an investigation are applied.

Tests for opening investigations

For AEP cases, two tests need to be met for an investigation to be opened:

whether there is a question about a breach of a Relevant Requirement; and
whether there is good reason to investigate.

The first test is a low threshold and therefore the Committee's consideration is usually focused on whether there is a good reason to investigate.

For Scheme cases, the tests for opening an investigation are:

whether the matter raises or appears to raise important issues affecting the public interest in the United Kingdom; and
whether there are reasonable grounds to suspect there may have been Misconduct.³⁸

Guidance on the opening of investigations

Under both regimes, the Conduct Committee is assisted by published guidance to ensure proportionate and consistent decisions are made.

The AEP guidance³⁹ provides a non-exhaustive list of reasons capable of amounting to a good reason to investigate or, conversely, where there may not be a good reason.

Examples which may amount to good reason include:

the potential to damage public confidence in the Statutory Audit or the profession;
potential to damage investor confidence in the truth and fairness of the financial reporting of an entity;
it may have contributed directly or indirectly to financial detriment or other harm to those reliant on the Statutory Audit process;
it may suggest a failure in regulatory compliance processes or approach; and/or
it may suggest a failure to adhere to ethical standards.

Conversely, examples where it might be decided there is not a good reason to investigate include:

no potential to damage investor confidence in the truth and fairness of the financial reporting of an entity;
limited or no financial detriment or other harm to those reliant upon the Statutory Audit process;
an isolated incident; and/or
a minor breach of the Relevant Requirements.

Both the Accountancy and Actuarial Scheme Guidance⁴⁰ explain the meaning of public interest and suggest, amongst other things, that the Conduct Committee is likely to take into account:

whether a significant number of people in the United Kingdom (such as investors, customers, employees, pensioners or creditors) were adversely affected;
whether the alleged Misconduct:
- involved or caused the loss of a significant sums of money, or
- could undermine confidence in the financial reporting or corporate governance in the United Kingdom.

Statistics

	Referred to the Conduct Committee	Returned for Constructive Engagement or no further action	Investigations opened under the AEP or Schemes
2023/24	9	3	6
2022/23	16	6	10
2021/22	16	1	15

As can be seen from the varying outcomes shown in the table above, the Conduct Committee exercises a robust and independent decision-making function in relation to decisions to open investigations. In 10 cases over the last three years (almost 25% of cases) the Committee has either returned the matter for Constructive Engagement or decided no further action should be taken.

It will be noted that the number of opened investigations has declined over the past three years against a background where:

there has been overall growth and success of the Constructive Engagement model, in place since 2016; and
The FRC's Supervisory approach and tools have been extended.

When the number of investigations opened annually is compared with the number of Statutory Audits conducted by Big Four audit firms in a year (approximately 2,600), it can be seen that investigations are opened in a very small number of cases.

Investigations are opened in only a very small number of Statutory audits conducted in a year

The investigation. Our approach to individuals

Our case teams adopt a professional and considerate approach to mitigate the potential impact of regulatory activity on individuals subject to investigation. This includes opportunities for individuals and their lawyers to meet the case team, taking account of individuals' timing needs for responding to our requests or preparing for an interview, providing opportunities for individuals to explain their actions, providing an opportunity to review and comment on potential adverse findings in advance of a final decision, and giving notice of and an opportunity to comment on any announcement of the investigation or its outcome.

The investigation. How do we ensure the focus is proportionate?

The scope of each investigation, in terms of the accounting/audit year, is set by the Conduct Committee. Investigations do not seek to re-perform the audit or analyse everything within that scope. The objective is to focus on identifying whether there are potentially serious or significant breaches (individually or collectively). If the case is opened following an AQR inspection, the initial focus will likely be on the areas where key findings⁴¹ were made, with that focus expanded only if the investigatory work identifies other significant concerns.

Our objective is to identify whether there are breaches which are serious or significant (individually or collectively)

Shortly after an investigation is opened, subjects (and their legal representatives) are invited to a scoping meeting, where the case team will explain the focus, as well as the processes, the likely timeline, and what can be expected from the investigation.⁴²

The areas of focus are not set in stone. Whilst our objective is to narrow and refine the focus of the case as the investigation progresses, there may be a reason to widen the focus to other issues, if indicators of breaches have been identified and it would be in the public interest to investigate. However, investigations can only be extended to cover different periods or to add additional subjects following a formal extension of scope by the Conduct Committee.

How do we gather evidence? How do we ensure a proportionate approach is taken?

Notices

Throughout the investigation, the team will typically send formal notices to subjects of the investigation requiring the production of relevant material.

In audit investigations, apart from the audit files and working papers, requests will usually be made for categories of material including, by way of example: contemporaneous audit material not saved on the file; presentations to audit committees; communications with firms' management and technical departments; details of non-audit work carried out; and firms' manuals and guidance.

In investigations into accountants and actuaries, requests will be made for information and company documents in the possession of the subjects, both hard copy and soft copy.

In most cases, targeted requests are made for emails and other electronic communications, such as text and WhatsApp messages and material from other messaging platforms used by subjects of investigations.

Prior to requesting emails, it is our usual practice to ask subjects or their lawyers to conduct some preliminary analysis and provide number counts of emails falling into certain categories. We use this iterative process to narrow the size of the production as far as possible so that requests are proportionate. It also allows us to prioritise the order that batches are produced with a view to making the process more manageable (especially if emails need to be reviewed for privilege) for all parties. Our forensic accounting team are experienced in using sophisticated search tools to interrogate the data.

We will take into account the size and resources of those under investigation when making requests for evidence

Throughout the investigation we will take into account the size and resources of those under investigation when making requests and set timescales for responding to our notices accordingly.

Conducting interviews

We usually conduct interviews with subjects of our investigation. This is to ensure that we obtain relevant evidence and provide subjects with an opportunity to give their account of matters under investigation. The interviews are arranged well in advance. Within reason, we will seek to accommodate the availability of subjects and their legal representatives. Save in exceptional circumstances, bundles of documents are provided to subjects at least two weeks prior to the interviews. By these means, subjects should have sufficient time to prepare.

How do we decide that investigations should proceed to enforcement action? How do we ensure the decisions are proportionate?

We have a number of processes and safeguards to ensure that case decisions are appropriate and proportionate including:

All key case decisions are taken by Executive Counsel or Deputy Executive Counsel;
Investigations are overseen by either a Deputy Executive Counsel or a Casework Supervisor, who are outside the case team, and who provide scrutiny, support and strategic challenge to the case team, including regularly reviewing if the focus of the case remains appropriate;
Members of the FRC Advisory Panel and/or Senior Advisors, who provide specialist expertise in certain accounting, audit, or actuarial areas are available for the case team to consult with;
We also consult with colleagues in other parts of the FRC, for example Regulatory Standards, or our Corporate Reporting team, who have particular relevant experience or expertise;
In the majority of our investigations, independent experts are instructed, who will provide an objective assessment as to whether there are breaches of Relevant Requirements (in AEP cases) or there has been a significant falling short of the standards reasonably to be expected (in Schemes cases);
We instruct independent external legal Counsel to advise on whether the evidential tests are met in our cases. In many investigations Counsel will also draft the documents which advance allegations and, where appropriate, set out findings. We will also instruct Counsel to represent Executive Counsel in any contested Tribunal proceedings; and
Under all three regimes, we provide the draft investigation findings and proposed allegations to subjects in advance of making a final decision whether to take enforcement action. Under the AEP, subjects are served with the Investigation Report (IR) and under the Schemes a Proposed Formal Complaint (PFC) is provided. The subjects are invited to provide written representations,⁴³ which are carefully considered by case teams (and our independent expert and Counsel), before a decision is made whether to progress the case further. This is an important aspect of ensuring procedural fairness and affords subjects an opportunity to see our proposed case and to provide any further information and explanation relevant to the case advanced. It enables us to take into account all relevant matters before deciding whether to proceed with enforcement action.

In the majority of our investigations, independent experts are instructed

Can investigations be closed at an early stage?

Under each of our regimes, investigations can be closed at any stage if we have reached the view that the applicable tests for enforcement action will not be met, or we have found breaches which would be disproportionate or not in the public interest to pursue.

Investigations are closed where we conclude that the applicable tests for enforcement action will not be met

We close cases when we have concluded that the applicable tests will not be met. In recent years, the decision to close cases has been reached following certain stages such as: subject interviews, where more information or explanation of work conducted has been provided; consultation with an expert, where they do not consider the applicable threshold has been met; or consideration of responses to the IR or PFC provided by the subject(s) of the investigation.

The numbers of cases closed without enforcement action over the past three years are as follows:

Audit investigations closed without enforcement action	Accountancy or Actuarial cases closed without enforcement action
2023/24	1
2022/23	3
2021/22	1

How are financial sanctions determined? How do we ensure they are proportionate?

Both the AEP and the Schemes provide for unlimited financial sanctions. Our published guidance⁴⁴ sets out that, where we consider a financial sanction is appropriate, we should aim to impose a financial sanction that:

is proportionate to the breaches⁴⁵ or Misconduct and all the circumstances of the case;
will act as an effective deterrent to future breaches; and
will promote public confidence in the regulation of statutory audit/the accountancy/actuarial profession and in the way in which breaches/ Misconduct are addressed.

Accordingly, when proposing financial sanctions, we take into account matters such as:

the nature, extent and importance of the breaches/Misconduct;
the seriousness of the breaches/Misconduct; and
the size, financial resources and financial strength of the subject/firm and the impact of the sanction on them.

When deciding the level of financial sanctions to impose on an audit firm, in accordance with paragraph 47 of the Sanctions Policy, we take into account the firm's 'size/financial resources and financial strength, for example as indicated by the total turnover of the Statutory Audit Firm and the effect of a financial sanction on its business' along with other metrics, such as the fees earned in relation to the relevant audit engagement. In relation to individuals, we will consider their financial resources (including income and assets), as well as employment prospects.

Taking all the above points into account can result in a wide variance in the level of financial sanctions imposed, depending on the gravity and seriousness of the failures and the financial strength of the firm/individual.

This year we have seen the largest financial sanction imposed⁴⁶ to date. As discussed more fully in the case summary on page 54 of Appendix A, this investigation concerned extremely serious audit failures by a Big Four firm over a number of years in the audit of a strategically important FTSE 100 company which went into insolvent liquidation.

The range of other sanctions imposed this year (see further discussion in Chapter 7 Sanctions) reflect the spectrum of breaches and the financial standing of the firms.

Who decides what is published and what factors are taken into account?

The Conduct Committee is the decision-maker for announcements about investigations.

There is guidance under each of the regimes to assist the Committee in its publication decisions⁴⁷ and to achieve consistency.⁴⁸ The objective of the guidance is to be fair and proportionate: balancing the public interest in transparency against any potential prejudice caused to those being investigated.⁴⁹ There are also specific requirements set out in SATCAR regarding publication of details of sanctions imposed under the AEP.

The current guidance provides that the opening of an investigation will only be announced if the Committee considers:

that such publication is necessary in all the circumstances; and
any potential prejudice to the subject of an investigation is outweighed by the factors in favour of publication.

In order to determine that an announcement is necessary in all the circumstances, the Conduct Committee must consider that an announcement will:

help to maintain public confidence in Statutory Auditors/the accountancy or actuarial professions;
help to maintain public confidence in the regulation of Statutory Auditors/ accountancy or actuarial professions;
protect users of financial statements;
protect investors;
help to prevent malpractice that is potentially widespread;
contribute to the effectiveness of the investigation itself, for example by bringing forward witnesses;
help to allay concern;
help to contain speculation or rumour; or
otherwise help or contribute to the public interest.

Under the Schemes, the current Publication Policy specifies that there is no presumption in favour of announcing the opening of investigations. The Committee will consider whether it is appropriate in all the circumstances to make such an announcement taking into account the:

level of public interest in relation to the matter under consideration;
likely impact of such announcement on public confidence in the accountancy and/or actuarial professions;
likely impact of such an announcement on public confidence in the accountancy and/or actuarial professions;
legitimate purpose served by such an announcement; and
requirements imposed by legislation including applicable data protection laws, the Freedom of Information Act 2000 and/or the Environmental Information Regulations 2004 to either publish such information or to release such information into the public domain upon request.

Under SATCAR, the FRC is obliged to publish the outcomes of the sanctions imposed under the AEP. The obligation extends to the publication of details of the breaches and the identities of those sanctioned. However, the Committee must have regard to proportionality and in the following circumstances the identity of the individual or firm will not be published:

In the case of an individual, where the FRC considers the publication of personal data would be disproportionate.
Where publication would jeopardise the stability of the financial markets.
Where publication would jeopardise an ongoing criminal investigation.
Where publication would cause disproportionate damage to any institution or individual involved.

Under the Schemes, there is a presumption in favour of publication of the outcome of investigations, approved settlement agreements and Tribunal reports. The Committee may however decide not to publish, or to defer or delay publication, if it considers that to do so is in the public interest. The following are examples listed in the Schemes' Publication Policy which may indicate that publication would not be in the public interest:

Publication could jeopardise the stability of financial markets.
Publication could prejudice criminal or other regulatory investigations or proceedings.
Publication could prejudice the FRC's investigations or any future disciplinary action it may wish to take.
Publication could have an impact on the national, regional or local economy disproportionate to the gravity of the issues under consideration and the overall circumstances.

5 The team and processes

Case Assessment (CA)50 – intelligence gathering, initial enquiries

Who are the members of the FRC Supervision Case Assessment Team?

The team comprises:

Case Examiner: Mark Shennan
4 Case Assessment team members

Who does the Case Assessment team consider?

Accountants, accountancy firms and actuaries under the Accountancy Scheme and Actuarial Scheme
Statutory audit firms and auditors under The Audit Enforcement Procedure (AEP)

Sources

Horizon scanning
Referrals from other FRC teams, regulators, audit firms and professional bodies
Complaints
Whistleblowing disclosures

Outcomes

Referral to the Conduct Committee for decision on opening of investigation
Referral to Conduct Committee for decision on a Referral Case⁵¹
Constructive Engagement (AEP only)
Referral to another FRC team
Referral to a professional accountancy or actuarial body or other regulator
No further action

Case Assessment process 52

A high-level overview of our Case Assessment process is set out in the flow chart below.⁵³

Flowchart: Case Assessment Process

Step 1: Receipt of information Information sources include: horizon scanning, complaints, whistleblowing disclosures, other FRC teams, regulators, audit firms and professional bodies.

Step 2: Determining whether a question arises Make enquiries to determine whether the information raises a question of a breach of a Relevant Requirement or reasonable grounds to suspect Misconduct. The Case Examiner has powers to make enquiries and obtain specialist expert and legal advice. (Close case if the Case Examiner determines there is no question arising).

Decision Branch 1: Refer matter to Conduct Committee

Decision Branch 2: Determine whether the matter is a Referral Case or a Non Referral Case (AEP) - Referral Case:⁵⁴ If the Case Examiner considers that a decision to take no further action or to pursue Constructive Engagement may be contentious, high-profile or may risk undermining confidence in the FRC's (or the wider) regulatory regime. - Non Referral case: If the Case Examiner considers the decision to take no further action or pursue Constructive Engagement is not contentious. May be dealt with by the Case Examiner without proceeding to the Conduct Committee.

Step 3: Conduct Committee decides on the appropriate course of action.

Potential Outcomes from Conduct Committee: 1. Investigation (undertaken by Enforcement Division's lawyers and forensic accountants. The Committee will decide whether the opening of the investigation should be announced.⁵⁵ Independent expert opinion on potential breaches/Misconduct is sought in most cases.) 2. Constructive Engagement (AEP only) (undertaken in AFS. If unable to resolve to the Case Examiner's satisfaction the Conduct Committee will consider Investigation.) 3. No Further Action

Detailed Investigation Process (if chosen): - Proposed allegations: Document served on those under investigation (Respondents) setting out grounds for potential breaches/Misconduct. Opportunity for Respondents to make representations. - Enforcement action: Decision by Executive Counsel to pursue enforcement action where the relevant tests are met, including where parties are unable to agree at this stage. Final allegations served on Respondents. - Determination (AEP): Breaches determined by Executive Counsel can be accepted by the Respondent. - Tribunal: If breaches (AEP) or allegations of Misconduct (Schemes) are not accepted the case will be referred to the Independent Tribunal. The Independent Tribunal will conduct a full public hearing and determine if there are breaches or Misconduct. - Sanctions: Sanctions for breaches/Misconduct imposed. Final Decision Served. Publication decision is made by the Conduct Committee.

Other Process Notes: - Settlement: Settlement is encouraged under the AEP and both the Schemes with significant discounts to financial sanctions typically available to Respondents where early admissions are made. Under all regimes, settlements are reached by agreement between Executive Counsel and the Respondents and are approved by an Independent Reviewer. - Case Closure: Before referral to Tribunal, if at any time the Executive Counsel decides that the tests have not been met, the case is closed.

Further details of the FRC's remit and powers can be found in the Enforcement regimes and Information gathering powers on the FRC's website.

Investigations and Enforcement – conduct of investigations referred by the Conduct Committee

Who are the members of the FRC Enforcement Division?

The Division handles investigations and enforcement action.

Team size from last year is largely unchanged at 70⁵⁶ (2022/23 67)

The team comprises:

Executive Counsel: Elizabeth Barrett
Deputy Executive Counsel: Claudia Mortimore, Jamie Symington
32 lawyers (qualified barristers or solicitors and trainee solicitors)
24 forensic accountants
7 legal assistants
4 operations and administrative staff

Who can the FRC investigate?57

Accountants, accountancy firms and actuaries under the Accountancy Scheme and Actuarial Scheme
Statutory audit firms and auditors under The Audit Enforcement Procedure (AEP)

Outcomes

ΑΕΡ:

Investigation Report (IR)
Decision Notice and proposed sanction
Accepted or Independent Tribunal convened

Scheme:

Proposed Formal Complaint (PFC)/ Formal Complaint (FC)
Settlement or Independent Tribunal convened

At any point, Executive Counsel can close a case should the threshold for taking enforcement action not be met.

Sanctions

Financial:

Unlimited financial sanctions

Non-financial sanctions, for example:

Reprimand
Exclusion as a member of a professional body
Other remedial actions as appropriate

Sanctions are determined by reference to the Sanctions Policy (AEP), Accountancy Sanctions Guidance (Scheme) and Actuarial Sanctions Guidance (Scheme).

6 Review of the year

6.1 Case Assessment (CA)

Since 1 April 2023, the Case Examiner and Case Examination and Enquiries have operated as a separate team within Audit Firm Supervision (AFS) in the Supervision Division and is now known as Case Assessment.

CA is responsible for undertaking enquiries up to the point of a decision to either refer the matter to the Conduct Committee (whether as a Referral Case⁵⁸ or to decide whether an investigation should be opened), to decide that the matter can appropriately be resolved via Constructive Engagement, or to take no further action. Following a decision that Constructive Engagement is suitable, cases are now transferred to the Supervisor team within AFS who conduct and manage the process.

The table below summarises the number of cases opened and closed by the Case Examiner in the current and preceding two years.

Cases	2021/22	2022/23	2023/24
Open at start of the year	20	27	40
Opened in the year	69	70	40
Closed in the year⁵⁹	(62)	(57)	(60)
Open at end of the year	27	40	20

Cases opened in the year 60,⁶¹

Chart: Cases opened (by source)

A pie chart illustrating the source of cases opened: - 1 (Horizon scanning) - 18 (FRC teams) - 21 (Complaints)

Totals by year: - 2023/24 total: 40 - 2022/23 total: 70 - 2021/22 total: 69

Forty cases were opened in the year, compared with 70 in the previous year. The decrease is mainly due to a decline in referrals from other FRC teams, with fewer cases arising from reviews of financial statements by the Corporate Reporting Review (CRR) team and matters identified by other AFS teams.

Horizon scanning is the largest source of CA cases, consistent with the prior year. Referrals from other FRC teams also remain a significant source of CA cases. These mostly arose from Audit Quality Review (AQR) inspections of individual audits.

Only one complaint case has been opened by CA and there have been no whistleblowing disclosures. This is a decrease from the previous year.

Consistent with the prior year, most cases opened were audit-related (85% compared with 79%). Lower numbers of cases concerning accountants in business reflect the higher threshold for opening investigations under the Accountancy and Actuarial Schemes than under the AEP. At 31 March 2024, 20 cases remained open compared with 40 at 31 March

Seven of these had been open for less than one month. The transfer of the conduct of Constructive Engagement to the Supervisor team in AFS⁶² is a key factor in the reduction in open cases within CA.

Outcome of CA cases 63

Chart: Cases closed (by outcome)

A pie chart illustrating the outcome of cases closed: - 26 (Constructive engagement) - 28 (Referred for investigation by the Conduct Committee) - 6 (No further action)

Totals by year: - 2023/24 total: 60 - 2022/23 comparative: 57 - 2021/22 comparative: 62

During the year, 60 cases were closed by CA, an increase of three, or 5%, on the previous year (57 cases closed). The table on page 28 summarises the number of cases opened and closed in the current and preceding two years. Of the cases closed by CA there were:

six (10 in 2022/23) referred by the Conduct Committee to Executive Counsel for investigation;
twenty-eight (16 in 2022/23) following a decision to resolve through Constructive Engagement; and
twenty-six (31 in 2022/23) resulting in no further action by the Case Examiner. Of these 26, four were referred to a professional body (two in 2022/23).

More details of the cases in each closure outcome are set out in the subsections below.

Referrals to the Conduct Committee to consider opening an investigation

The cases referred to the Conduct Committee for potential investigation, and its decisions in the year, are shown below:

	Investigations opened under the AEP or the Schemes	Returned for Constructive Engagement or no further action	Total referred to the Conduct Committee
Audit	4	1	5
Accountancy	2	2	4
Actuarial	0	0	0
Total	6	3	9

In six of these cases, the Conduct Committee decided to open an investigation and referred the case to Enforcement (under the AEP or the Schemes). Further details of the new investigations opened (to the extent that details may be given) are included later in this section.

While the overall number of cases closed by CA during the year has remained largely consistent, the number where an investigation has been opened has decreased from the previous year (six versus 10). The decrease in the number of investigations opened is largely in line with the decrease in the number of cases opened by CA during the year (40 versus 70).

The average time taken to refer a case to the Conduct Committee depends on the specifics of each matter including the availability of material. In the year ended 31 March 2024 the average time taken to refer a matter for potential investigation was just under five months, which was longer than the prior year (just over three months). All cases, except three, were referred within six months of the date the case was opened.⁶⁴

In addition to the cases to consider for investigation noted in the table above, the Conduct Committee also considered 12 Referral Cases in the period where Constructive Engagement (eight) or no further action (four) was the agreed course of action.

Constructive Engagement

During the year, we continued our focus on further developing the Constructive Engagement process for qualifying cases⁶⁵ as an effective and efficient alternative to investigation.

|:----------------|:------------------------------------------------|:--------------------------------------------------------|:----------------------------------------| | Audit | 4 | 1 | 5 | | Accountancy | 2 | 2 | 4 | | Actuarial | 0 | 0 | 0 | | Total | 6 | 3 | 9 |

Constructive Engagement

During the year, we continued our focus on further developing the Constructive Engagement process for qualifying cases⁶⁵ as an effective and efficient alternative to investigation.

Once the decision has been made to resolve a case through Constructive Engagement, the case is transferred to the Supervisor team who conduct the process. Twenty-eight CA cases (47%) were closed in the year with a decision to resolve the matter through Constructive Engagement, which included 10 cases transferred at 1 April 2023 where Constructive Engagement was already in progress. The Constructive Engagement process was concluded in the period for 13 of these cases (16 in 2022/23).

Constructive Engagement cases	2023/24
Transferred at 1 April 2023	10
Transferred for Constructive Engagement in year	18
Concluded in the year	(13)
Constructive Engagement ongoing at 31 March 2024	15

Timely intervention through Constructive Engagement enables remedial action in time for the following year's audit

In respect of the 13 cases where Constructive Engagement was concluded, we engaged with seven separate Statutory Audit firms. Eleven (85%) of the cases involved the six Tier 1 firms.

Most Constructive Engagement cases include potential breaches of auditing standards identified through AQR inspections and horizon scanning.

Timely intervention through Constructive Engagement enables the audit firm to take remedial action in time for the following year's audit and to reduce the risk of recurrence across the firm's audit portfolio through improvements in firmwide procedures.

On average Constructive Engagement was concluded with firms a little over eight months after the decision had been made to resolve the case through Constructive Engagement, and 13 months after the corresponding CA case had been opened. A number of Constructive Engagement cases were kept open until the remedial actions or quality improvements had been sufficiently demonstrated by firms in subsequent audits.

Average time to conclude cases through Constructive Engagement was just over 8 months

Across the 13 cases where Constructive Engagement was concluded, the most common accounting areas were:

Financial instruments and investments (four cases): these cases presented issues such as insufficient audit procedures performed to assess inputs used by a valuations expert, a lack of challenge by the auditors in relation to the sensitivity of valuations to assumptions, and a lack of challenge related to the presentation of financial instruments in the financial statements.
Impairment (three cases): these cases presented issues such as insufficient audit procedures related to IFRS 9 expected credit loss for bad debts, and insufficient evidence of challenge by the auditors on management's impairment models for non-current assets and non-financial assets, including in relation to discount rates and the completeness of impairment indicators considered.

The most common issues were:⁶⁶

Lack of professional scepticism (seven cases): failure to challenge, or document the challenge to, management's accounting treatment, key judgements or methodology. There was a theme of familiarity bias resulting in an overreliance on the prior year audit approach and/or a lack of focus on audit areas perceived to be less complex.
Insufficient audit procedures (seven cases): not performing sufficient procedures over material balances, failing to adequately test in line with audit methodology or inappropriate setting of audit strategy, and a lack of stand-back assessment to ensure that risks have been appropriately and sufficiently addressed.
Insufficient technical knowledge (five cases): failing to demonstrate appropriate knowledge or consult technical experts in complex areas including impairment, financial instruments and classification in the cash flow statement.

The remedial actions undertaken as part of the Constructive Engagement process largely involved amendments to a firm's audit procedures and/or training and guidance to introduce new procedures or reinforce the existing audit methodology and guidance.

Examples of remedial actions included:

Providing training and further guidance on performing sufficient audit procedures on impairment, financial instruments and investments.
Introducing new work programmes and dedicated templates on the audit of impairment, revenue, going concern and valuation of financial instruments.
Expanding guidance and audit procedures for assessing management's cash flow forecasts.
Improvements to a firm's audit policies and procedures requiring audit teams to consult with the firm's technical department prior to issuing modified audit reports.

While each case is considered on its own merits, to illustrate the type of Constructive Engagement activity undertaken, two anonymised examples are set out below.

Case A

We made enquiries of a firm regarding its FY2021 audit of a listed company. Our main concern related to the audit procedures performed in testing revenue.

The audit team failed to perform adequate procedures over the occurrence and accuracy of revenue recognised in the year. In particular, the decision to not test controls should have resulted in a significant increase in detailed substantive testing. The audit approach to revenue was inappropriate and the resultant level of testing performed was insufficient.

The matter was suitable for Constructive Engagement because there was no evidence to suggest that the financial statements were materially misstated and there was no indication of financial harm to stakeholders or damage to public confidence in the audit profession.

The matter was suitable for constructive engagement because there was no evidence to suggest the financial statements were misstated and no indications of financial harm

The Constructive Engagement process resulted in the firm strengthening its procedures on revenue, including the implementation of an enhanced risk assessment process and a revised sampling approach to be adopted by engagement teams. Sector specific audit methodology was also developed, supported by updates to the firm's audit manual and training.

Case B

A listed company had failed to disclose in its FY2020 financial statements that the majority of its revenue was from a related party.

Our enquiries identified a lack of oversight and challenge of the component auditor's workpapers and a lack of professional scepticism in auditing IAS 24 Related Party Disclosures. The audit team had failed to adequately record and respond to the results of the component auditor's work on revenue which led to insufficient disclosures in the financial statements.

The matter was suitable for Constructive Engagement because there was no indication of financial harm to stakeholders or damage to public confidence in the audit profession.

The firm mandated the use of certain templates to document group oversight of component auditors and improved its procedures concerning identification of undisclosed related parties

As part of the Constructive Engagement, the firm mandated the use of certain templates to document group oversight of component auditors and improved its procedures concerning identification of undisclosed related parties. Separately, the firm introduced a new audit platform which embedded these improvements and enables engagement teams to have a more holistic view when auditing and drawing conclusions in relation to related parties.

Certain actions agreed as part of the Constructive Engagement process, which are designed to improve audit quality, are similar to the non-financial sanctions imposed at the conclusion of enforcement action. While Constructive Engagement outcomes do not amount to a sanction, and are not individually published, they can result in significant additional requirements for audit firms.

The Constructive Engagement process requires full and open co-operation by audit firms

The process requires full and open co-operation by audit firms. During the year, we were generally satisfied with the level of co-operation and the timeliness of responses.

The value of Constructive Engagement also depends on the extent to which new measures are appropriately followed by audit teams in practice. This is monitored by a firm's dedicated Audit Firm Supervisor within the AFS team. Where appropriate, the Supervisors work with the FRC's AQR team to conduct follow-up activity. CA also monitors where similar matters are identified in audits conducted by the same firms and recurring issues will be taken into account when deciding whether to refer a matter to the Conduct Committee to consider opening an investigation.

No further action

There were 26 cases closed in the year by the Case Examiner with no further action.

Of these, 17 were cases involving Statutory Auditors which were considered under the AEP. We consider all such cases carefully to identify whether there may be underlying issues relevant to the work conducted by the Statutory Auditors. However, on examination of the information available, we found no basis to support further enquiry into the audit. The reasons for this included one or more of the following:

26 cases were closed with no further action

There was no substantive financial reporting error at the entity.
There was no indication of a breach of auditing standards, or the breach was not considered to be sufficiently significant to warrant further action.
There was already supervisory work ongoing with the firm to address the issue.

The remaining nine cases (all Scheme cases) were closed with no further action because there was insufficient evidence to demonstrate reasonable grounds to suspect Misconduct by the auditors, accountants or actuaries.

Where matters raised were outside of the FRC's remit, we directed complainants to other bodies that may address their complaints. This year, they included the RSBs and the Insolvency Service.

Oversight

For those cases considered to be Referral Cases, the Case Examiner's recommendation of either Constructive Engagement or no further action is subject to additional internal assurance processes, which include referral to the Conduct Committee for a decision.

A statistical summary including the source and number of cases opened, number and outcome of cases closed and open case numbers at the period end is reported to the Conduct Committee on a bi-monthly basis.

6.2 Investigations and Enforcement

Investigations opened

	2021/22	2022/23	2023/24
Investigations opened in the year	15	10	6

The Conduct Committee opened six new investigations in the 12 months to 31 March 2024: four audit investigations under the AEP and two investigations into accountants under the Accountancy Scheme.

AEP investigations

The four audit investigations concern a range of potential issues, including professional scepticism, audit evidence and documentation, revenue and revenue recognition, goodwill, going concern, cash, journal entry testing, investments and financial assets, other fixed asset impairments, reserves, provisions, use of experts, risk of fraud, compliance with the Ethical Standard and compliance with laws and regulations. Two investigations followed referrals to the Case Examiner from the FRC's AQR team, after audit inspections.

In line with the FRC's Publication Policies,⁶⁷ not all investigations are announced at the outset, although if the case leads to enforcement action and the imposition of sanctions, the outcome will be published. The Conduct Committee makes the decision whether or not to announce a new investigation on a case-by-case basis. It will decide to announce if it considers that publication is necessary in all the circumstances and any potential prejudice to the subject of an investigation is outweighed by the factors in favour of publication.

One of the new AEP investigations has been announced.⁶⁸

6 investigations opened in the year

Accountancy Scheme investigations

Two new investigations were opened under the Accountancy Scheme; one investigation was announced.

Actuarial Scheme investigations

No new investigations were opened by the Conduct Committee under the Actuarial Scheme in FY2023/24.

Concluded cases

Outcome of investigations

The table below details cases concluded, including those closed with no further action and those closed with findings of Misconduct/breaches and sanctions, broken down by settlement or independent tribunal.

	Closed with no further action	Settlement	Independent Tribunal	Total
2023/24	1	8	-	9
2022/23	7	11	1	19
2021/22	3	13	1	17

Nine cases were concluded in the 12 months to 31 March 2024, including three legacy⁶⁹ cases opened in or before FY2019/20.⁷⁰ For the third consecutive year, concluded cases exceeded the number opened in the same period, with a resultant decrease in the number of open investigations.

Cases concluded with sanctions

The FRC concluded eight investigations that resulted in sanctions being imposed on audit firms and individuals. The cases are listed below and details of the facts, issues and points of note are set out in Appendix A.

Audit firm	Audited entity	Audit of the financial statements	Date of sanction
Unnamed	Unnamed	Not announced	11 August 2023⁷¹
KPMG	Carillion plc	Years ended 31 December 2014, 2015, and 2016	3 August 2023
KPMG	Carillion plc	Year ended 31 December 2013	3 August 2023
Oliver Clive & Co	London Capital & Finance plc	One month period ended 30 April 2015	9 November 2023
KPMG	M&C Saatchi plc	Year ended 31 December 2018	14 November 2023
MacIntyre Hudson LLP	MRG Finance UK plc	Period ended 31 December 2018 and Year ended 31 December 2019	4 December 2023
PwC	London Capital & Finance plc	Year ended 30 April 2016	9 January 2024
EY	London Capital & Finance plc	Year ended 30 April 2017	9 January 2024

For the third consecutive year more cases were concluded than were opened in the year

These cases included two major outcomes concerning KPMG's audits of Carillion plc and three investigations into the audits of London Capital & Finance plc (LCF) by Oliver Clive & Co, PwC and EY. We published eight Final Settlement Decision Notices (FSDNs) in respect of these investigations (see Appendix A).

The range of cases reflected the wide scope of our enforcement work and the audits that fall within our remit. They included audits of FTSE 100 companies and audits of AIM-listed companies.

Four of the investigations had been opened following earlier inspections by the FRC's AQR team. Three of the investigations had been opened following an entity going into administration with significant amounts owed to individual investors. One investigation was opened following the announcement of a material misstatement leading to a prior year adjustment in the audited financial statements.

Sanctions imposed under the Auditor Regulatory Sanctions Procedure⁷² (ARSP) and the Crown Dependencies' Recognised Auditor Sanctions Procedure⁷³ (CDRASP) are not included in the Review as matters under these procedures are handled by our AQR team.

8 published outcomes of investigations resulting in sanctions

Spotlight on Carillion – Reported Debt

Carillion's core operations focused on long term, complex construction and services contracts, both in the UK and overseas. The performance and final outcome of those contracts determined the financial performance and profitability of the group. As noted in the Concluded Cases: themes and lessons section, although reporting the performance of long-term contracts involved forecasting the final outturn of both costs and revenue, which involved significant judgement and a risk of bias, the audit work on Carillion's most significant contracts was seriously deficient.

However, Carillion's reported level of debt was equally important.

The Work and Pensions Committee and Business, Energy and Industrial Strategy Committee joint⁷⁴ report on the failure of Carillion observed that:

The accumulation of debt, and inability to reduce it, caused concerns among Carillion’s investors. Standard Life Investments began selling its shares in the company from December 2015 onwards, citing a high debt burden that was unlikely to reduce in the near term due to acquisitions and a high dividend pay-out.

…

in early 2015 UBS claimed total debt was higher than Carillion were publicly stating, triggering a big increase in investors short selling, or betting against, Carillion’s shares

Carillion's inability to refinance its debt in the latter part of 2017 ultimately led to it entering into insolvency.

The FRC's Decision Notice⁷⁵ notes that net borrowing at year end featured prominently in Carillion's 2016 annual report. It was presented as 'the most appropriate measure of liquidity', including 'all sources of financing used to fund the Group's operations.'

The KPMG audit partner recognised that 'Cash is a metric that people focus on', and that the 'headline everyone's going to report' was the difference between Carillion's loan facilities and the level of borrowing at the year end.

However, there was a very significant disparity between net borrowing at the year end of £218 million, as reported in the 2016 financial statements, and the amount both in the months immediately before the year end and in the months immediately following, which was in excess of £700 million. These amounts suggested that Carillion expected a net cash inflow of nearly £500 million in the final quarter of 2016, followed by an equivalent net cash outflow in the first quarter of 2017. The KPMG audit partner recognised that the large movements in the figures were highly unlikely to have been from normal operational cash flows and were strongly suggestive of manipulation of borrowing at year end

for example, by delaying payments to creditors. KPMG also identified transactions entered into close to the year end that resulted in significant cash inflows that they described as 'one-offs', an indication that the cash receipts did not arise from Carillion's day-to-day business and were not sustainable. However, KPMG did not consider whether the year end figure could properly be presented as 'the most appropriate measure of liquidity for the group' and consequently whether the presentation of Carillion's net borrowing in the financial statements was true and fair.

There was also a real question as to whether reported debt included 'all sources of financing used to fund the group's operations'. KPMG was aware that Carillion, together with a number of banks, operated the Early Payment Facility (EPF), a reverse factoring (or supply chain finance) facility under which invoices raised by Carillion's suppliers were paid by participating banks, with Carillion repaying the banks at a later date. The total value of invoices on the EPF platform at any one time was substantial and rose from £35 million as at 31 December 2012 to £472 million as at 31 December 2016.

These arrangements gave Carillion additional time to pay its suppliers, representing, in effect, an additional source of working capital but liabilities to banks under the EPF were not included in reported debt. There was no disclosure explaining this treatment and the amounts were not identified as owed to banks. Carillion's internal estimates of the impact on reported debt in 2016 varied widely, from £100 million to over £300 million.

KPMG considered the appropriate treatment in FY2010 and again in FY2012, identifying that a key factor was that Carillion was neither deriving a benefit from, nor paying a cost for, the use of the EPF. This was not considered further in the FY2014, FY2015 and FY2016 audits, notwithstanding the huge growth in the use of the EPF and compelling evidence demonstrating that Carillion both benefited from the arrangements, through the additional time to make payments to suppliers, but also that it was at least contributing to the costs.

Overall, KPMG understood that borrowing was a metric that people focused on and should have considered whether the FY2016 financial statements presented a true and fair view of Carillion's financial position. However, it had evidence suggesting that the reported net borrowing figure at year end did not provide a fair and accurate picture of the group's actual underlying borrowing requirements, which was hundreds of millions of pounds higher. KPMG should have identified that the year end figure could only have been achieved by manipulating cash balances using methods that were unlikely to be sustainable, and did not include 'all sources of financing used to fund the Group's operations'. KPMG did not evaluate whether Carillion's financial statements contained sufficient information relating to net borrowing and did not identify inconsistency between the presentation of net borrowing in Carillion's annual report and other evidence obtained in the course of the audit.

Closed cases

One investigation under the AEP was closed at an early stage without enforcement action, when it became apparent that the tests for enforcement action would not be met.

Common issues from cases concluded in the year

Consistent with previous years, breaches sanctioned in concluded cases overwhelmingly concerned: failure to exercise professional scepticism, failure to obtain sufficient appropriate audit evidence and failures in audit documentation. However, cases concluded in this year also included issues relating to the identification and assessment of risks, the audit of related parties and matters relating to going concern.

Failures to exercise professional scepticism continue to feature in breaches sanctioned

Ongoing cases at 31 March 2024

As of 31 March 2024, there were 35 open investigations.⁷⁶ Twenty-eight investigations concern audit and seven concern professional accountants working in business.⁷⁷ This was a reduction not only in the number of investigations open at 31 March 2023 (38) but also in the number of very large and complex investigations. It results from our ongoing focus on timely conclusion of investigations, combined with fewer investigations opened during the year compared with previous years.

Of the 28 audit investigations, two are being investigated under the Accountancy Scheme and the remaining 26 under the AEP. Twenty-two⁷⁸ have been announced and are included in the list of current enforcement cases on the FRC's website.⁷⁹ These cover a wide range of audit areas, including:

Investigation issues
Goodwill	Integrity and objectivity
Going concern	Revenue recognition
Inventory valuation and provisions	Related party transactions
Presentation and disclosure	Compliance with laws and regulations
Provisions	Audit documentation
Onerous contracts and leases	Compliance with ethical requirements
Control environment	Audit planning
Application of professional scepticism	Group audits, including oversight of component auditors
Risk of fraud	Insufficient audit evidence

Five of the seven open Accountancy Scheme investigations concerning professional accountants working in business are linked to audit investigations (some current; others concluded) and therefore concern many of the same issues. Of the seven investigations, four have been announced and can be found in the list of current enforcement cases on the FRC's website.⁸⁰

7 Sanctions

Introduction

As in previous years, in this section we provide an overview of the financial and non-financial sanctions which were imposed in the year at both an aggregate level and in individual cases and draw out matters of particular interest or significance. Sanctions are imposed in accordance with our published Sanctions Policy and Guidance.⁸¹

Sanctions summary for FY2023/24

As set out in the table below, the number of financial⁸² and non-financial sanctions fell for the second year in a row but remain significantly above the FY2020/21 figures. Sanctions were imposed in eight concluded cases this year, all of which were audit matters dealt with under the AEP and by way of settlement. In one case (which remains ongoing) sanctions were imposed on one professional accountant working in business.⁸³

Total financial sanctions before discount include the record sanctions imposed in relation to the Carillion investigations and therefore represent the highest level recorded in any given year at £48.2 million.

It should be emphasised however that the aggregate figures reflect both the number and seriousness of cases that arise for sanctioning in any given reporting year. They also reflect the size and financial strength of the entities sanctioned, as we impose proportionate sanctions which take into account the impact of the sanction on the party in question. This year the financial sanctions imposed on KPMG and two former audit engagement partners in relation to the very serious failures identified in the firm's audits of Carillion (considered further below) represented the major proportion of the global figure both before and after the application of settlement discounts (£30.6 million and £21.4 million against total FY2023/24 financial sanctions of £48.2 million and £33.1 million respectively).

£30.6m of the total sanctions relate to the Carillion audit investigations

Another notable matter which fell to be sanctioned this year followed three separate investigations into the audits of London Capital & Finance plc by Oliver Clive & Co, PwC and EY covering three consecutive audit periods. Financial sanctions of £60,000 (adjusted to £42,000 after settlement discount), £7 million (adjusted to £4.9 million after settlement discount) and £7 million (adjusted to £4.41 million after settlement discount) were imposed on Oliver Clive & Co, PwC and EY respectively. The size of the financial sanction imposed on Oliver Clive & Co reflects the key consideration of proportionality given the comparatively small size of the firm and the relative financial impact of the sanction.

The remaining audit matters sanctioned during the year were KPMG's audit of M&C Saatchi plc (FY2018) where a financial sanction of £2.25 million was imposed on KPMG (adjusted to £1.46 million after settlement discount) and MacIntyre Hudson LLP's audit of MRG Finance UK plc (£200,000 adjusted to £120,250 after settlement discount).⁸⁴

The level of discounts awarded in accordance with the Sanctions Policy (AEP) in settled cases ranged from 25% to 39.9%,⁸⁵ reflecting differences in the timing of admissions made and the extent of mitigation (including co-operation). Severe Reprimands were imposed on all audit firms and engagement partners that were subject to sanctions this year. In relation to members who were professional accountants in business or actuaries, sanctions were imposed on one individual in the year to 31 March

This was the former CFO of Autonomy who was excluded from the ICAEW for a recommended period of 20 years (to run from his suspension as a Member of the ICAEW in November 2018), following his admissions of Misconduct as a result of his conviction in the USA on 16 counts of fraud relating to his conduct at Autonomy.

Sanctions imposed of £48.2m (£33.1m after settlement discounts)

	2021/22	2022/23	2023/24
Total financial sanctions imposed:
Pre-discount	£46.5m	£40.5m	£48.2m
Post-discount	£34.6m	£28.5m	£33.1m
Number of financial sanctions imposed	25	22	17
Number of non-financial sanctions imposed	62	49	40
Of which:
Exclusions	5	4	2
Requirements and undertakings	15	10	6

Total financial sanctions

A bar chart showing financial sanctions (millions £) for 2021/22, 2022/23, and 2023/24, broken down by pre-discount and post-discount. Data points are as follows: - 2021/22: Pre-discount £46.5m, Post-discount £34.6m - 2022/23: Pre-discount £40.5m, Post-discount £28.5m - 2023/24: Pre-discount £48.2m, Post-discount £33.1m

Financial sanctions imposed on audit firms

Financial sanctions remain an important element of our sanctioning regime and continue to play a key role in securing its aims and objectives, not least due to their deterrent effect. During the year, eight financial sanctions were imposed on audit firms in respect of eight audit cases. Together they totalled £47.2 million prior to the application of any settlement discount.

As noted above, the audit case settlement that attracted the highest financial sanction in the year – and indeed the highest ever imposed by the FRC – relates to the exceptionally serious failures in KPMG's audit of Carillion's financial statements in respect of FY2013 to FY2016 inclusive and additional audit work in 2017.

The findings in the Carillion investigations were divided between two Decision Notices addressing the failures relating to: (i) FY2014-FY2016 audits and additional audit work in 2017 (Decision 1) and (ii) the 2013 audit (Decision 2), respectively. A financial sanction of £26.5 million (discounted by 30% to £18.55 million to reflect the firm's co-operation and admissions) was imposed in relation to Decision 1 and £3.5 million (also discounted by 30% to £2.45 million to reflect the firm's co-operation and admissions) in relation to Decision 2.

The failures in Decision 1 were serious and included:

A failure to demonstrate an adequate level of professional scepticism. KPMG failed to subject Carillion's management's judgements and estimates to effective scrutiny, even where those judgements appeared unreasonable and/or appeared to be inconsistent with accounting standards and might suggest potential management bias.
A threat to objectivity created by the importance of Carillion as a client of KPMG and key members of the audit team. In a number of instances this threat crystallised in that the audit team failed to adopt a rigorous and robust approach, accepting without adequate challenge the presentation of financial information that suited Carillion's management.
In relation to the FY2016 audit, a failure by KPMG and the audit engagement partner to ensure that the audit was properly managed and supervised.

£47.2m financial sanctions imposed on audit firms

A failure to obtain sufficient appropriate audit evidence in a wide range of areas and in respect of a variety of items to enable it to conclude that the financial statements were true and a failure to consider (adequately or at all) the implications for the audit of evidence suggesting Carillion's accounting might have been incorrect or unreliable.

Decision 2 addressed the failures in relation to the FY2013 audit, specifically in relation to transactions entered into by Carillion in 2013 that involved changing its provider of outsourced IT and business process services. This included a failure to identify that disclosures in the 2013 financial statements relating to these transactions might be misleading and a failure by the audit firm to obtain sufficient appropriate audit evidence to satisfy themselves that the accounting treatment adopted in relation to transactions was appropriate.

The failings in Decisions 1 and 2 were not found to be dishonest. However, in Decision 1 there was a finding of a lack of integrity in respect of the audit engagement partner's record of his review of the 2016 audit and four findings of a lack of objectivity. There was also a failure to assess a threat to independence. The breaches were particularly serious because of their impact on the credibility of the opinions and reports issued by auditors. These (and other) factors were taken into account when determining the appropriate financial sanctions in this case.

Financial sanctions – audit firms

A bar chart showing financial sanctions against audit firms (millions £) for 2021/22, 2022/23, and 2023/24, broken down by pre-discount and post-discount. Data points are as follows: - 2021/22: Pre-discount £31.8m, Post-discount £20.3m - 2022/23: Pre-discount £39.4m, Post-discount £27.7m - 2023/24: Pre-discount £47.2m, Post-discount £32.4m

	2021/22	2022/23	2023/24
Number of financial sanctions against audit firms	11	9	8

Financial sanctions against Audit Partners

Total financial sanctions imposed on Audit Partners in the period to 31 March 2024 were £1.0 million (£0.7 million after settlement discounts and/or mitigation) which is broadly similar to the amounts imposed on Audit Partners in the previous two years.

Financial sanctions – Audit Partners

A bar chart showing financial sanctions against Audit Partners (millions £) for 2021/22, 2022/23, and 2023/24, broken down by pre-discount and post-discount. Data points are as follows: - 2021/22: Pre-discount £1.06m, Post-discount £0.68m - 2022/23: Pre-discount £0.96m, Post-discount £0.74m - 2023/24: Pre-discount £1.02m, Post-discount £0.70m

	2021/22	2022/23	2023/24
Number of financial sanctions against Audit Partners	11	10	9

Non-financial sanctions

Non-financial sanctions continue to form a key part of our role as an improvement regulator as we maintain our focus on increasing the quality of financial reporting and audits.

The number of non-financial sanctions fell this year reflecting, in part, the lower number of cases which were concluded. Such sanctions are not imposed by default but rather each matter is considered on its own merits. The number of such sanctions in any given year will therefore also be driven by the nature of the audit failures identified and whether they are already being addressed through non-financial sanctions or supervisory tools.

There are several types of non-financial sanction that can be imposed to reflect the wide variety of issues and circumstances we encounter, and they vary in scope, duration and severity.

As well as the imposition of Severe Reprimands and Declarations that audit reports did not satisfy certain Relevant Requirements, non-financial sanctions published in the year included:

In relation to the Carillion Decisions described above, an order requiring KPMG to evaluate and report on whether the relevant measures taken by the firm since 2017 are sufficient to prevent recurrence of the breaches of Relevant Requirements and to take any necessary further remedial action.
Exclusion from membership of the ICAEW for 10 years imposed on the audit engagement partner in relation to Carillion Decision 1 referred to above.

Financial sanctions – Audit Partners

The financial sanctions imposed take into account a number of factors, including the seriousness of the breaches as well as the financial resources of the Audit Partner.

Bar chart showing Financial Sanctions in Millions (£) for Audit Partners, comparing Pre-discount and Post-discount amounts for FY2021/22, FY2022/23, and FY2023/24.

2021/22: Pre-discount £1.06 million, Post-discount £0.68 million
2022/23: Pre-discount £0.96 million, Post-discount £0.74 million
2023/24: Pre-discount £1.02 million, Post-discount £0.70 million

	2021/22	2022/23	2023/24
Number of financial sanctions against Audit Partners	11	10	9

Non-financial sanctions

Non-financial sanctions continue to form a key part of our role as an improvement regulator as we maintain our focus on increasing the quality of financial reporting and audits.

There are several types of non-financial sanction that can be imposed to reflect the wide variety of issues and circumstances we encounter, and they vary in scope, duration and severity.

As well as the imposition of Severe Reprimands and Declarations that audit reports did not satisfy certain Relevant Requirements, non-financial sanctions published in the year included:

In relation to the Carillion Decisions described above, an order requiring KPMG to evaluate and report on whether the relevant measures taken by the firm since 2017 are sufficient to prevent recurrence of the breaches of Relevant Requirements and to take any necessary further remedial action.
Exclusion from membership of the ICAEW for 10 years imposed on the audit engagement partner in relation to Carillion Decision 1 referred to above.
An order, in relation to the anonymised case referred to above, that the Firm review a sample of audits, assess the effectiveness of remedial actions implemented following the FRC's enforcement action, and produce a written report to Executive Counsel and the Executive Director of Supervision setting out the review's findings and conclusions.
An order requiring MHA and an Audit Engagement Partner to take certain actions to prevent recurrence of the contravention. In relation to MHA this included a requirement that the firm's audit quality function review a sample of PIE audits selected by the FRC to determine the effectiveness of the remediation steps undertaken to date and report on the same to the FRC, together with proposals to address any remaining areas for improvement. In relation to the Audit Engagement Partner, this required the provision to the FRC of: (i) the outcomes of the next three ICAEW inspections of the Audit Engagement Partner's non-PIE audits; and (ii) confirmation of at least 40 hours of verifiable CPD training for three years following the date of the Final Settlement Decision Notice (including in relation to specified areas).
In the LCF case, an order requiring PwC to take specified action designed to prevent the recurrence of the contravention. This included: (i) reporting to the FRC on the root causes of the breaches, the effectiveness of remediation measures implemented to date, and any further measures which could be taken to prevent recurrence (ii) the implementation and assessment of such further measures as agreed with the FRC.
In the LCF case, an order requiring EY to take specified action designed to prevent the recurrence of the contravention in very similar terms to those imposed on PwC as outlined above.
An exclusion from the ICAEW for a recommended period of 20 years (to run from his suspension as a Member of the ICAEW in November 2018) imposed on the former CFO of Autonomy Corporation plc following his conviction in the USA in 2018 of 16 counts of fraud. He accepted that the US Criminal Conviction amounted to Misconduct and that such conduct was a breach of the Fundamental Principle of Integrity under the ICAEW's Code of Ethics.

This will run concurrently with the period of exclusion already imposed in other proceedings. [^86]

Number of non-financial sanctions	2021/22	2022/23	2023/24
Severe Reprimands	25	19	17
Reprimands	-	-	-
Exclusions	5	4	2
Conditions/requirements	15	9	6
Undertakings	-	1	-
Declarations	17	16	15
Total	62	49	40

Stacked bar chart showing Non-financial Sanctions by Type for FY2021/22, FY2022/23, and FY2023/24.

Each bar is segmented by: - Severe Reprimands (bottom, darkest shade) - Reprimands - Exclusions - Condition/requirements - Undertakings - Declarations (top, lightest shade)

2021/22: - Severe Reprimands: ~~25 - Exclusions:~~ 5 - Conditions/requirements: ~~15 - Declarations:~~ 17 - Total: 62

2022/23: - Severe Reprimands: ~~19 - Undertakings:~~ 1 - Exclusions: ~~4 - Conditions/requirements:~~ 9 - Declarations: ~16 - Total: 49

2023/24: - Severe Reprimands: ~~17 - Exclusions:~~ 2 - Conditions/requirements: ~~6 - Declarations:~~ 15 - Total: 40

Spotlight on Non-Financial Sanctions

The setting and monitoring of non-financial sanctions has for several years formed a key part of our strategy to drive the application of high standards of auditing through the promotion of improvement and innovation. It is a key contributor to the role played by Enforcement as an improvement regulator. During this period there have been a number of cases where, as part of such sanctions, we have required firms to identify the root causes of the identified audit failures and subsequently formulate and implement appropriate measures to prevent recurrence. Firms have then been required to assess and periodically report on the effectiveness of such measures over a specified date range (typically reporting annually for up to three years). Such reports are required to be provided to both Enforcement and Supervision who will provide scrutiny and challenge and, if considered necessary, require further or different measures to be implemented. The reporting period for a number of these cases has now been met and so in this year's Review we put the spotlight on this part of our sanctions process.

In many cases the initial formulation of appropriate remedial measures will involve engagement between Enforcement, Supervision and the relevant audit firm. This enables a holistic, joined-up approach so that, for example, any such measures coordinate appropriately with other workstreams which Supervision may be engaged in with the relevant firm and ensures that the FRC's knowledge and experience of both the relevant audit firm and audit issues engaged are fully utilised. We will also engage with other relevant bodies as appropriate. In one case concluded this year involving a relatively small firm it was determined, following liaison with the ICAEW, that it was not necessary to impose any remedial measures on the basis that any residual risks could be adequately addressed by the ICAEW.

Such non-financial sanctions are not automatically concluded at the end of the period specified in the relevant sanctions order. Rather, the effectiveness of the remedial action over the specified period will be assessed against both the relevant reporting criteria and the minimum outcomes expected. In addition, in determining whether to conclude such sanctions the issues will be considered in their broader context such as the firm's recent AQR inspection findings and other information related to audit quality at the relevant firm.

It is also important to recognise that the conclusion of such sanctions does not of itself represent assurance as to the level of audit quality at the relevant firm. We do however expect firms to ensure that improvements made through non-financial sanctions are embedded, sustained and, where necessary, enhanced beyond the period of formal monitoring under the non-financial sanction. We also emphasise to firms at closure that if new information comes to light relating to matters covered or raised during the period in which the non-financial sanctions were in force (or similar issues which gave rise to the sanctions recur) further enquiries may be made.

We set out below a number of anonymised examples of such sanctions in recent years:

In one case, Enforcement and Supervision worked with the firm to formulate a supplemental bespoke audit file review checklist for a specific audit area, which was to be used in the firm's required evaluation of sample audits as part of the non-financial sanction. This included specific questions (with narrative rather than yes/no responses) to evaluate and assess the audit work completed. The audit firm considered it such an effective addition that is has now become an element of the firm's internal quality monitoring process, providing a further mechanism by which to monitor the audits of relevant businesses. This is a good example of such sanctions driving positive and innovative change.
In a further matter, which required a report to be provided to the FRC, the purpose of non-financial sanctions was to ensure that changes to an audit firm's methodology were resulting in improvements in certain areas which had been found to be deficient in the relevant Decision Notice. Supervision sent an outline report to the firm setting out the content required including guidance and comments to aid the firm's understanding of the FRC's expectations. The audit firm's consequent report was then reviewed in detail by Supervision who challenged the firm on certain points and requested additional follow-up. Following consultation and engagement between Enforcement and Supervision it was agreed that the sanction had been effective and should be closed.
In another case, Supervision was best placed to determine whether the measures taken by the firm to address the identified deficiencies as outlined in the relevant root cause analysis were sufficient. This assessment took into account the existence and operation of other non-financial sanctions to which the firm was subject. The sanction was closed on the basis that the relevant themes will be kept under review during Supervision's ongoing oversight.

Non-financial sanctions are a key contributor to the role played by Enforcement as an improvement regulator.

8. Timeliness

Addressing matters within our control to improve the timeliness of our investigative and enforcement action through streamlining our processes, refining case focus and improving project management, has been a priority for a number of years. Timeliness remains a key area of focus, recognising that we are also reliant on factors outside our control such as the responsiveness of subjects and the availability of independent advisers.

It was noted in last year's Review that from 1 April 2023 we would report against a revised 2-year KPI and a new 3-year KPI to provide a more sophisticated and accurate indicator of performance given the size and complexity of the Enforcement case portfolio. As explained in detail below both KPIs were met in FY2023/24, which was a further year of consolidation rather than headcount expansion.

Time to service of PFC, IR or settlement or closure (if earlier)

For FY2023/24 we report against a 2-year and 3-year KPI.

2-year 50% KPI

In 50% of cases to serve either the PFC or IR (or close or settle the case, if sooner) in 2-years from notification of an investigation.

In FY2023/24 we achieved this in 53% of applicable cases and therefore exceeded the KPI.

Fifteen investigations were opened between 1 April 2021 and 31 March 2022 and were measured against the 2-Year 50% KPI. The table below sets out our performance against this measure.

	Number of cases
PFC/IR served (or case concluded without PFC/IR) within two years	8
PFC/IR not served/case not otherwise concluded within two years due to:
Size/complexity	2
Delays due to need to replace external advisers (independent expert and/or Counsel)	2
Delays in production of documents by audit firm/other entity	2
Multiple factors	1
Total	15

The FRC's 50% KPI was exceeded this year with a Proposed Formal Complaint or Investigation Report served in two years from the commencement of the investigation (or closed or settled if sooner) in 53% of cases. Where cases did not meet this stage in two years, the reasons were as follows:

In two cases, the exceptional size and complexity of the matters investigated meant that it was not possible to do so.
In two cases, delays were caused by the need to replace external advisers.
In two cases, there were significant delays in our receipt of relevant material. One of these was an audit matter where there were delays in an audit firm providing material and the other was a professional accountant working in business case where privilege issues prevented the timely provision of relevant documents.
In one matter, there were a number of relevant factors including: the number of areas to be investigated; internal resource constraints; and issues with expert and Counsel availability.

The table below sets out our performance over the past three years.

The 50% KPI 2-year KPI was exceeded in each of the last 3 years.

Financial year KPI falls due	2021/22	2022/23	2023/24
Percentage of cases meeting the 2-year KPI	57%	75%	53%

Our ability to meet or exceed the KPI is inevitably impacted by the number and nature of the relevant investigations which fall to be measured in any given year. This year, for instance, despite an unusually high number of large and complex matters we were able to meet the target of 50% within the 2-year KPI for the third consecutive year.

3-year 80% KPI

In 80% of cases to serve either the PFC or IR (or close or settle the case, if sooner) in 3-years from notification of an investigation.

In FY2023/24 we achieved this in 88% of applicable cases and therefore exceeded the KPI. [^87]

Sixteen investigations were opened between 1 April 2020 and 31 March 2021 and fell to be measured against the 3-Year 80% KPI. The table below sets out our performance against this measure.

	Number of cases
PFC/IR served (or case concluded without PFC/IR) within three years	14
PFC/IR not served/case not otherwise concluded within two years due to:
Size/complexity	2
Total	16

The 80% KPI 3-year KPI was exceeded in each of the last 3 years.

We met our target of 80% within the 3-year KPI in 88% of investigations. As noted in the table above, the exceptional size and complexity of the matters under investigation meant that it was not possible to achieve the 3-year KPI in the remaining two cases.

The table below sets out our performance over the past three years against this metric and shows that the margin by which we have exceeded the KPI has increased for the second consecutive year.

Financial year KPI falls due	2021/22	2022/23	2023/24
Percentage of cases meeting the KPI within three years	81%	86%	88%

Average time to service of PFC, IR (or closure or settlement if earlier)

The average length of time for cases reaching this milestone during the year is set out in the table below.

	2021/22	2022/23[^88]	2023/24
Number of cases where PFC/IR issued (or settled/closed, if earlier)	14	19	10
Average length of time to issuance of PFC/IR (or settlement/closure, if earlier) (in months)	33	34	25

The significant reduction in average time to issue a PFC/IR or settle/close a case is a positive development and reflects our continued focus on timeliness.

Time to complete a case

The table below sets out average case lengths of matters that concluded this year and in the previous two years.

	2021/22	2022/23	2023/24
Average length of cases referred to Tribunal (months)	68	42	-
(Number of cases)	(1)	(1)	(-)
Average length of cases concluded as a result of settlement or service of undisputed Decision Notice (months)	39	35	42
(Number of cases)	(13)	(11)	(8)
Average length of cases closed with no further action (months)	26	48	9
(Number of cases)	(3)	(7)	(1)

As shown in the first row of the above table, no cases were concluded through referral to the Tribunal this year.

The second row includes the settlement of two large and complex matters arising out of KPMG's audit of Carillion. Excluding these cases, the average length of cases concluded as a result of settlement or service of an undisputed Decision Notice in the year would have been 37 months.

The final row of the table relates to a matter which was swiftly closed following the conclusion that no enforcement action should be brought.

Average age of cases open at year end

The table below [^89] sets out the number and average age of cases that remain open at the year end, over the last three years. It shows the average age has increased this year, in part due to the significantly smaller number of investigations opened in the last two years resulting in a smaller proportion of cases in their early stages in the overall case portfolio.

	2021/22	2022/23	2023/24
Number of cases open at year end	49	38	35
Number of cases opened in year	16	10	6
Average age of cases open at year end (in months)	25.4	23.8	28.8
Average age of cases open at year end excluding cases paused due to parallel proceedings (in months)	21.3	20.3	24.5

The data shown below relates to the age profile of our cases at year end compared with the previous year end.

Year investigation opened (to 31 March)
	2013	2014 -2017	2018	2019	2020	2021	2022	2023	2024	Total
Cases open at 1 April 2023[^90]	1	-	2	2	3	6	14	10	-	38
Cases closed in year	-	-	1	1	1	3	2	1	-	9
Cases open at 31 March 2024	1	-	1	1	2	3	12	9	6	35

3 legacy cases were closed during the year.

We have continued our drive to resolve Legacy Investigations (i.e. those opened in FY2020 or before) with three such matters closed during the year (with opening years ranging from FY2018 to FY2020). Five Legacy Investigations remain open; two remain paused pending resolution of parallel criminal or other proceedings (including a case opened in FY2013), while the other three cases are the exceptionally large and complex Carillion investigation into professional accountants working in business under the Accountancy Scheme, and the Thomas Cook 2017 and 2018 (AEP) investigations.

At 31 March 2024 all investigations opened between 1 April 2014 and 31 March 2018 have been concluded. The investigations remaining open from FY2013 and FY2019 are paused for parallel proceedings.

Appendix A – summary of cases concluded and published with sanctions in FY2023/24

KPMG/Carillion plc/AEP[^91]

This comprises two investigations[^92] In August 2023 two Final Settlement Decision Notices (FSDNs) were issued. The first followed admissions of breaches of Relevant Requirements by KPMG and a former audit partner (Audit Partner 1), in relation to the Statutory Audits of the financial statements of Carillion plc for the financial years ended 31 December 2014, 2015 and

The second followed admissions of breaches of Relevant Requirements by KPMG Audit plc and a second former audit partner (Audit Partner 2), in relation to the Statutory Audit of the treatment of certain transactions in the financial statements of Carillion plc for the financial year ended 31 December 2013.

Points to note

First investigation

The first investigation found that this very large public company, which had multiple large contracts with public authorities, had not been subject to rigorous, comprehensive and reliable audits in the three years leading up to its demise.

In particular, in 2016, KPMG and Audit Partner 1 failed to respond to numerous indicators that Carillion's core operations were lossmaking and that it was reliant on short term and unsustainable measures to support its cash flows.

Over all three years a large proportion of the breaches identified related to the audit work performed in respect of Carillion's most significant construction and services contracts. Other breaches related to audit work performed in other areas, including amounts reported for cash and debt, Carillion's 2016 pension liabilities and the testing of goodwill for impairment.

In a wide range of areas, and in respect of a wide variety of items:

KPMG failed to gather sufficient appropriate audit evidence and failed to consider and respond (adequately or at all) to evidence suggesting that Carillion's accounting might have been incorrect or unreliable.
KPMG failed to conduct its audit work with an adequate degree of professional scepticism. KPMG failed to subject Carillion's management's judgements and estimates to effective scrutiny, even where they appeared unreasonable and might suggest potential management bias.

Carillion was a very important client for both KPMG and key members of the audit team, creating a risk to their objectivity. Partner 1 and other members of the audit team failed to adopt a rigorous and robust approach, accepting the presentation of financial information that suited Carillion's management.

Additionally, audit procedures in a range of areas were not completed until more than six weeks after the date of the audit report was signed. No effective process was implemented to ensure that all the audit procedures underpinning the 2016 audit report had been completed, documented and reviewed satisfactorily before the audit report was issued. As a result, Audit Partner 1 did not have a proper basis to be satisfied that the opinion given in the 2016 audit report was appropriate.

The number, range and seriousness of the deficiencies in the audits of Carillion during the period leading up to its failure was exceptional and undermined the public trust in audit. This is reflected in the financial sanction imposed on KPMG, the highest ever imposed by the FRC.

Second investigation

The second investigation related to several transactions entered into by Carillion in 2013 at the same time and with the same counterparty, involving the provision of outsourced IT and business process services to Carillion and the assignment of certain IP rights by Carillion to the counterparty. These transactions were treated in Carillion's financial statements as being independent of each other and this treatment resulted in a significant increase in Carillion's reported profit for 2013.

KPMG and Audit Partner 2 failed to approach the audit of these transactions with an adequate degree of professional scepticism, failed to consider and respond to the risk of fraud, failed to obtain sufficient appropriate audit evidence regarding the accounting treatment adopted, and failed to identify that disclosures in the 2013 financial statements relating to these transactions might be misleading.

Facts

Prior to going into liquidation in January 2018, Carillion was a leading UK-based multinational construction and facilities management services company. KPMG provided an unqualified audit opinion that the financial statements of Carillion and its group companies for FY2013, FY2014, FY2015 and FY2016 gave a true and fair view of Carillion's affairs. The audit opinion for FY2016 was dated 1 March 2017 and some months after this, in July and September 2017, Carillion announced expected provisions totalling £1.045 billion, primarily arising from expected losses on a number of its contracts and a goodwill impairment charge of £134 million.

It is not suggested that the liquidation was caused by the breaches of Relevant Requirements by KPMG in its execution of the relevant audits.

Issues

Issues on the first decision

Audit failings were found in numerous areas of the audits across FY2014, FY2015 and FY2016, many in areas which had been identified as presenting significant risk of misstatement.

Contracts

Many of the breaches relate to KPMG's audit work on eight of Carillion's most significant UK construction and services contracts. All but one of these eight contracts were identified by KPMG during its 2016 audit as containing the highest degree of judgement, estimate and challenge. These eight contracts also accounted for some of the largest components of the provisions announced by Carillion in 2017.

For construction contracts, it was necessary to forecast total contract revenue and costs to determine the amount of revenue and profit to be recognised in the relevant accounting year. The judgements made relating to these forecasts were highly subjective and had a very significant impact on Carillion's overall reported profit. However, for the construction contracts considered in the investigation, KPMG did not obtain sufficient appropriate audit evidence that certain amounts for claims and variations to the contracts yet to be agreed should be included in forecast revenue and in a number of cases had evidence suggesting that they should not be included. Similarly, KPMG did not subject Carillion's forecast costs to any effective challenge or scrutiny to ensure that they were reasonable. The forecasts were often unsupported by evidence and inconsistent with both the contract's track record and other evidence. Whilst KPMG identified several of these contracts as being 'high risk', it did not respond to this in properly evaluating whether overall positions taken on the contracts were appropriate and reasonable.
For services contracts considered in the investigation, substantial amounts were recognised as assets during 2014, 2015 and 2016 such that reported profit was increased. KPMG did not challenge inconsistencies and a lack of clarity generally in the justifications provided by management for the recognition of these assets. Whilst it identified a risk in the 2014, 2015 and 2016 audits that several of these contracts would make a loss overall, KPMG failed to evaluate this risk properly.

Further, in relation to certain elements of KPMG's audit work on Carillion's portfolio of contracts generally:

KPMG performed detailed audit testing only on specific contracts and conducted only very limited audit work over other contracts, accounting for revenue of over £1.6 billion in 2015 and £1.4 billion in 2016.
In the 2016 audit KPMG failed to adequately evaluate the design and implementation of Carillion's controls and relied on controls without properly confirming whether they were operating effectively.
In 2016, KPMG identified an aggregate 'exposure' of more than £250 million on contracts it identified as 'higher risk'. It highlighted specific amounts totalling more than £600 million, which related to these 'higher risk' contracts and to other contracts it described as 'notable', that depended on Carillion's management's estimates and judgements. However, KPMG concluded that provisions of just £50.1 million were reasonable and that Carillion's reported position on contracts overall was appropriate. These conclusions were not supported by the evidence obtained.

Overall, KPMG's conclusions were not supported by the evidence obtained and it did not respond to indications that the accounting treatment might overstate reported revenue and profit. In particular, KPMG failed to consider estimates and judgements made by Carillion's management with an adequate degree of professional scepticism and in relation to two contracts audit team members failed to maintain their objectivity.

Debt

Net borrowing was considered to be an important indicator of Carillion's liquidity and hence its ability to pay its debts when due. In 2016 there was evidence available to KPMG that the amount reported as net borrowing and the accompanying disclosures may not have given a true picture of the underlying borrowing of the group. This included:

Under Carillion's Early Payment Facility (EPF), invoices raised by Carillion's suppliers were paid by participating banks with Carillion repaying the banks at a later date. This provided, in effect, an additional source of working capital for Carillion. The nature and scale of the arrangements, and their effect as an additional form of financing, were not disclosed in the financial statements. KPMG did not obtain a clear understanding of how the EPF operated or its impact on Carillion's reported net borrowing.
In late 2016 Carillion entered into a number of contracts that had a material impact on both reported revenue and profit, and year end cash, and consequently the reported level of net debt. KPMG failed to respond appropriately to evidence that suggested the treatment adopted in each case was inappropriate. KPMG showed a lack of scepticism and audit team members failed to maintain their objectivity in relation to judgements made by Carillion's management in respect of these contracts.
Large movements in amounts for net borrowing around the year end strongly suggested manipulation of borrowing at year end – for example, by delaying payments to creditors.

Overall, in relation to debt, KPMG failed to assess adequately whether the 2016 financial statements provided a true and fair view of Carillion's financial position and failed to assess whether the presentation of net borrowing in the 2016 annual report was consistent with KPMG's knowledge acquired during the audit.

Going concern

KPMG was required to conclude whether it was appropriate for Carillion's financial statements to be prepared on a going concern basis and whether there was any material uncertainty about Carillion's ability to continue as a going concern that should be disclosed in the financial statements. However, in the 2016 audit KPMG failed to properly evaluate and challenge management's assessment of going concern, and failed to identify and respond to events or conditions that collectively might have cast significant doubt over Carillion's ability to continue as a going concern.

Other accounting and auditing areas

On Carillion's reported pension liabilities, KPMG's actuaries regarded the assumptions used in the 2016 valuation of pensions liabilities as likely to result in a valuation of liabilities 'at the extreme weak limit' and identified that moving some of these assumptions to the centre of its benchmark range would have increased the reported liability by at least £200 million. KPMG failed to respond to this and other indications of management bias relating to these assumptions.

Carillion reported goodwill balances totalling over £1.5 billion. KPMG identified this as a significant risk, noting the size of the amounts and the inherent uncertainty involved. However, the audit work failed to ensure that Carillion's assessment of goodwill was performed appropriately and failed to obtain sufficient evidence to support a number of important assumptions that underpinned this assessment.

One of Carillion's overseas components, Qatar, included a contract which was estimated to have a final value of over £600 million. In the 2016 audit, KPMG was aware of significant problems with this contract and that its reported performance incorporated over £100 million in claims and variations which had not yet been agreed with its customer. However, KPMG's audit work provided insufficient evidence to support the very large amounts recognised. Additionally, in its audit of the Canada component, KPMG failed to respond appropriately to indications of possible management bias and risks that revenue in relation to claims had been recognised inappropriately.

Management, supervision and review

In the 2016 audit, records of the preparation and review of working papers were unreliable and, in some cases, misleading. Audit procedures in a range of areas were performed more than six weeks after the date of the audit report but were nonetheless recorded on the final audit file. Overall, no effective process was implemented to ensure that all the audit procedures underpinning the 2016 audit report had been completed, documented and reviewed satisfactorily before the audit report was issued. In light of these deficiencies, Audit Partner 1 did not have a proper basis to be satisfied that the opinion given in the 2016 audit report was appropriate.

Issues on the second decision

In December 2013 Carillion concluded an agreement with a new provider of a range of outsourced services. This agreement provided for:

An assignment by Carillion to the new provider of certain intellectual property rights for an eco-friendly heating system, for which the new provider would pay £27 million.
A £14 million contribution to an 'exit fee' payable by Carillion to the former provider of the services.
The services to be provided and charges to be paid by Carillion. These included 'Other Charges' totalling £40.8 million over the life of the contract which did not appear to relate to any specific services.
A charge payable by Carillion to the new provider, in the event the agreement was terminated early, initially amounting to c. £40 million and reducing over the life of the agreement.

The combined effect of these elements was that the new service provider paid Carillion £41 million at the outset of the contract. The accounting treatment adopted by Carillion for these payments resulted in an increase of £41 million reported profit in the 2013 financial statements, on the basis that each of the elements of the transactions were independent of each other, with the contractual values for each element being at fair value.

However, KPMG was aware of the significance of the profit being recognised and of evidence that the IP assignment was not at fair value. Taking into account all the evidence obtained by KPMG, the most likely explanation for the transactions was that the transactions were not independent of each of other and the amount paid by the new provider would in effect be recovered through inflated charges paid by Carillion over the life of the contract. In this case, the £41 million would not represent income earned in 2013 and should not have resulted in an increase in reported profit.

KPMG failed to approach the transactions with an adequate degree of professional scepticism and failed to consider and respond to the risk of fraud. It failed to perform audit procedures that would provide sufficient appropriate audit evidence to enable it to conclude on the appropriate accounting treatment of the transactions. KPMG also failed to identify that disclosures in the 2013 financial statements relating to the transactions might be misleading.

Outcome

Decision 1

The following sanctions were imposed on KPMG:

A financial sanction of £26.5 million, reduced by 30% to £18.6 million to reflect the firm's co-operation and admissions.
Non-financial sanctions, comprising:
- a published statement, in the form of a Severe Reprimand;
- a Declaration that the relevant audit reports signed on behalf of the firm did not satisfy the Relevant Requirements; and
- an order requiring the firm to take remedial action aimed at preventing recurrence of the breaches of Relevant Requirements.

The following sanctions were imposed on Audit Partner 1:

A financial sanction of £0.5 million, reduced by 30% to £0.35 million to reflect Audit Partner 1's co-operation and admissions.
Non-financial sanctions, comprising:
- a published statement, in the form of a Severe Reprimand; and
- exclusion from membership of the ICAEW for 10 years. This will run concurrently with the period of exclusion already imposed in other proceedings.

Decision 2

The following sanctions were imposed on KPMG:

A financial sanction of £3.5 million, reduced by 30% to £2.45 million to reflect the firm's co-operation and admissions.
Non-financial sanctions, comprising:
- A published statement, in the form of a Severe Reprimand; and
- A Declaration that the audit report signed on behalf of the firm did not satisfy the Relevant Requirements.

The following sanctions were imposed on Audit Partner 2:

A financial sanction of £100,000 reduced by 30% to £70,000 to reflect Audit Partner 2's co-operation and admissions.
A non-financial sanction comprising a published statement in the form of a Severe Reprimand.

Unnamed Firm/Audited Entity/AEP 86

A Final Settlement Decision Notice (FSDN) was issued following admissions of breaches of Relevant Requirements by an Audit Firm and the Audit Engagement Partner in relation to the Statutory Audit of the financial statements of a company (the Audit).

Points to note

There were serious failings in four audit areas which are fundamental to Statutory Audits (revenue, related party transactions, trade debtors and right-of-use asset impairment) as well as failures of documentation and quality control. Some of the breaches relate to basic audit procedures and reflect serious weaknesses in the review process.

The Respondents co-operated with the FRC's investigation and admitted the breaches. The extent and timing of their admissions is reflected in the discount which has been applied to the financial sanctions. The Respondents provided a good level of co-operation as required but not the exceptional level of co-operation which would amount to a positive mitigating factor.

Issues

The breaches of Relevant Requirements related to the following areas of the Audit: the impairment calculation; the testing of information about revenue recognition; the risks associated with related party transactions; the testing of trade receivables; the documentation of audit work; and general failures in quality control.

The standards found to have been breached in the matters covered by FSDN were:

ISA (UK) 200: Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing;
ISA (UK) 220 (Quality Control for an Audit of Financial Statements);
ISA (UK) 230 (Audit Documentation);
ISA (UK) 240 (The Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements);
ISA (UK) 250 Section A (Consideration of Laws and Regulations in an Audit of Financial Statements);
ISA (UK) 260 (Communication with Those Charged With Governance);
ISA (UK) 500 (Audit Evidence);
ISA (UK) 530 (Audit Sampling); and
ISA (UK) 550 (Related Parties).

Outcome

The following sanctions were imposed on the Audit Firm: - A financial sanction of £650,000, adjusted for aggravating and mitigating factors and discounted for admissions and early disposal by 30%, so that the financial sanction payable was £455,000. - Non-financial sanctions, comprising: - a published statement, in the form of a Severe Reprimand; - a Declaration that the audit report signed on behalf of the Audit Firm did not satisfy the Relevant Requirements; and - an order requiring that the Audit Firm review a sample of audits (to be selected by the Executive Director of the FRC’s Supervision division), assess effectiveness of remedial actions implemented following the Audit in respect of those audits, and produce a written report to Executive Counsel and the Executive Director of Supervision which sets out the review’s findings and conclusions. Unless Executive Counsel and the Executive Director of Supervision are satisfied with the outcome of the review, the Audit Firm is required to conduct a further review of the selected audits covering the subsequent year.

The following sanctions were imposed on the Audit Engagement Partner: - A financial sanction of £40,000 adjusted for aggravating and mitigating factors, and discounted for admissions and early disposal by 30% so that the financial sanction payable was £28,000. - Non-financial sanctions, comprising: - a published statement, in the form of a Severe Reprimand; and - a Declaration that the audit report signed by the Audit Engagement Partner did not satisfy the Relevant Requirements.

In deciding not to require any additional non-financial sanctions in respect of the Statutory Auditor, Executive Counsel took into account that the Statutory Auditor is not on the FRC’s Public Interest Entity (PIE) Auditor Register, and cannot currently undertake Statutory Audit Work for PIEs. Should they apply to be included on the PIE Auditor Register in future the FRC will decide whether they meet the registration requirements according to the usual process.

The Respondents paid Executive Counsel’s costs of the investigation.

KPMG/M&C Saatchi plc/AEP94

On 14 November 2023, a Final Settlement Decision Notice (FSDN) was issued following the admission of breaches of Relevant Requirements by KPMG and the Audit Engagement Partner in relation to the statutory audit of the financial statements of M&C Saatchi plc for FY2018.

Points to note

Breaches were admitted across three broad areas of the audit: - failures to properly audit journal entries and year end adjustments, including WIP credits (a type of client payment on account), processed by management, which increased revenue by £1.2 million and which were subsequently reversed in the FY2019 accounts; - a failure to document the Respondents’ change in approach to the audit of ageing WIP debits; and - a failure to audit rebates properly.

The audit failures relating to WIP credits and to rebates included admissions that the Respondents lacked professional scepticism in those areas.

No further non-financial sanctions were imposed in this case. A relevant factor in that decision was that KPMG’s audit improvement programmes performed since the audit (particularly as a result of other FRC Enforcement investigations and following engagement with the FRC’s Supervision Division) have reduced the risk of the failings identified during the M&C Saatchi audit recurring.

The sanctions imposed took into account the fact that it was a challenging audit and the auditors demonstrated some robustness in pushing back the signing date until they obtained further evidence from management. However, the breaches of Relevant Requirements included serious failings and, specifically, breaches relating to UK sub-consolidation adjustments affecting or potentially affecting a significant number of people in the United Kingdom such as the public, investors and other market users.

Facts

M&C Saatchi is a global marketing services business and has been listed on the Alternative Investment Market (AIM), a sub-market of the London Stock Exchange, since July

It was, at the relevant time, a PIE by virtue of its market capitalisation level.

KPMG were appointed as auditors of M&C Saatchi in 2012 and retained that appointment up until 29 September 2019 when they resigned.

The FRC investigation was launched following M&C Saatchi’s discovery of accounting errors, announced in 2019, which ultimately led to a restatement of the FY2018 profit in the FY2019 annual accounts. The investigation looked at a number of elements of the audit, including revenue recognition, journal entries, and the year end consolidation process.

Issues

KPMG and the Audit Engagement Partner admitted breaches of Relevant Requirements in a number of audit areas.

Firstly, the Respondents did not audit with sufficient professional scepticism the release of WIP credits, which increased revenue by £1.2 million. These releases, processed as UK sub-consolidation adjustments, were subsequently reversed in the FY2019 annual accounts. The adjustments were processed manually and were high risk. The breaches in this area constitute a significant failure.

Secondly, the admissions included failures to properly audit journal entries across a number of subsidiary companies, including a lack of any journals-testing at all for two subsidiaries, and a failure to identify potentially high-risk journals for testing across a number of entities.

Thirdly, the Respondents did not document why they did not complete their planned testing of ageing WIP debits on the audit file and there was no contemporaneous material setting out any analysis, consideration or justification for such a change in audit approach.

Finally, the Respondents failed to document their reasoning, or complete their enquiries with management in relation to the retention of rebates under a significant contract which, on its face, appeared to require such rebates to be passed back to a client. The level of professional scepticism was insufficient.

The standards found to have been breached in the matters covered by FSDN were: - ISA (UK) 200: Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing; - ISA (UK) 230: Audit Documentation; - ISA (UK) 240: The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements; - ISA (UK) 300: Planning an Audit of Financial Statements; and - ISA (UK) 500: Audit Evidence.

Outcome

The following sanctions were imposed on KPMG: - A financial sanction of £2.25 million, discounted for admissions and early disposal by 35% to £1.46 million. - Non-financial sanctions, comprising: - a published statement in the form of a Severe Reprimand; and - a Declaration that the audit report signed on behalf of KPMG did not satisfy the Relevant Requirements.

The following sanctions were imposed on the Audit Engagement Partner: - A financial sanction of £75,000, discounted for admissions and early disposal by 35% to £48,750. - Non-financial sanctions, comprising: - a published statement, in the form of a Severe Reprimand; and - a Declaration that the audit report signed by the Audit Engagement Partner did not satisfy the Relevant Requirements.

MacIntyre Hudson LLP/MRG Finance UK plc/AEP95

In December 2023, a Final Settlement Decision Notice (FSDN) was issued following admissions of breaches of Relevant Requirements by MacIntyre Hudson LLP (MHA) and two Audit Engagement Partners (one a former Partner of MHA, the other a former Audit Director and employee of MHA) in relation to the Statutory Audit of the financial statements of MRG Finance UK plc (MRG) for the financial periods ending 31 December 2018 (FP2018) and 31 December 2019 (FY2019).

Points to note

The primary breach admitted in each audit year was the failure during the audit acceptance and continuance processes to ultimately identify (and so conduct the audits) on the basis that MRG was a Public Interest Entity (PIE) because, although it had not listed its shares, it had listed bonds on the London Stock Exchange debt market.

The failure to gain an adequate understanding of the audited entity and the regulatory framework applicable to it led directly to further breaches of Relevant Requirements, including, in both years, provision of prohibited non-audit services and a failure to ensure that an Engagement Quality Control Review (EQCR) was performed before the audit report was signed.

Additional breaches of Relevant Requirements were admitted, concerning the application of the correct accounting standards and documentation, and audit work on: confirmation of bank balances; a loan to MRG’s parent company and the going concern assumption.

Facts

MRG was incorporated on 3 May 2018 in order to issue bonds to raise finance for its parent company, a business focused on natural resources with interests in agribusiness, logistics and technology. The bonds issued by MRG were listed on the Main Market of the London Stock Exchange. MHA was appointed to conduct the first Statutory Audit of MRG’s financial statements for FP2018, being the date of incorporation to 31 December

The audit engagement was continued for FY2019.

Issues

There was a primary failure to gain an adequate understanding of MRG UK and the regulatory framework applicable to it (in both audit years). This meant that, for both audit years, the Respondents conducted audits on the incorrect basis that MRG was not a PIE.

This was a fundamental issue for the audits as the PIE audit regime requires the auditor to undertake additional reviews of audit work and provide an auditor’s report that includes specified information for users of financial statements. Stricter standards also apply for provision of any non-audit services.

Because MRG was not ultimately identified as a PIE, in both audits: (1) no Engagement Quality Control Reviewer was appointed and so no Engagement Quality Control Review was performed before the auditor’s reports were signed; (2) the auditor’s reports did not contain all the required information; and (3) prohibited non-audit services (the preparation of financial statements) were provided, in breach of the Ethical Standard.

Further breaches of Relevant Requirements were also admitted in a number of other areas in both audits: - Confirmation of bank balances: a failure to design and perform adequate audit procedures to obtain sufficient appropriate audit evidence to be able to draw reasonable conclusions in relation to MRG’s stated cash balance. - Loan to MRG’s parent company: a failure to design and perform audit procedures that were appropriate for the purpose of obtaining sufficient appropriate audit evidence to be able to draw reasonable conclusions in relation to the implied assertion that the loan was recoverable and therefore appropriately valued in the financial statements. There was also a failure to correct the manner in which the loan was presented in the financial statements, which meant the financial statements did not comply with the balance sheet format prescribed in the Companies Act. - The going concern assumption: when performing risk assessment procedures, a failure adequately to consider whether events or conditions existed that may have cast significant doubt on MRG’s ability to continue as a going concern. - Application of the correct accounting standards: a failure to identify that the financial statements should have been prepared in accordance with IFRS (as stated in the bond prospectus). - Documentation of audit work: a failure to prepare audit documentation as required by ISA (UK) 230; there were a number of deficiencies in the audit documentation.

The standards found to have been breached in the matters covered by FSDN were: - ISA (UK) 220 (Quality Control for an Audit of Financial Statements); - ISA (UK) 230 (Audit Documentation); - ISA (UK) 250 (Section A—Consideration of Laws and Regulations in an Audit of Financial Statements); - ISA (UK) 260 (Communication with Those Charged With Governance); - ISA (UK) 300 (Planning an Audit of Financial Statements); - ISA (UK) 315 (Identifying and Assessing the Risks of Material Misstatement); - ISA (UK) 330 (The Auditor’s Response to Assessed Risks); - ISA (UK) 500 (Audit Evidence); - ISA (UK) 570 (Going Concern); - ISA (UK) 700 (Forming an Opinion and Reporting on Financial Statements); - ISA (UK) 701 (Communicating Key Audit Matters in the Independent Auditor’s Report); and - The Ethical Standard.

Outcome

The following sanctions were imposed on MHA: - A financial sanction of £0.2 million, adjusted by 7.5% for mitigation, and a further 35% for admissions and early disposal to £120,250. - Non-financial sanctions, comprising: - a published statement in the form of a Severe Reprimand; - a Declaration that the two audit reports signed on behalf of MHA did not satisfy the Relevant Requirements; and - an order requiring MHA to take specified actions to prevent the re-occurrence of the contravention comprising provision of a report evaluating (i) the effectiveness of certain remedial actions taken by MHA; (ii) the impact on quality of audit work; and (iii) setting out proposals to address any remaining areas for improvement.

The following sanctions were imposed on the Audit Engagement Partner for FP2018: - A financial sanction of £30,000, adjusted by 35% for admissions and early disposal to £19,500. - Non-financial sanctions, comprising: - a published statement, in the form of a Severe Reprimand; and - a Declaration that the audit report signed on behalf of MHA did not satisfy the Relevant Requirements.

The following sanctions were imposed on the Audit Engagement Partner for FY2019: - A financial sanction of £25,000, adjusted by 25% for admissions and early disposal to £18,750. - Non-financial sanctions, comprising: - a published statement, in the form of a Severe Reprimand; - a Declaration that the audit report signed on behalf of MHA did not satisfy the Relevant Requirements; and - an order requiring the Audit Engagement Partner to take specified actions to prevent the re-occurrence of the contravention.

The Respondents paid Executive Counsel’s costs of the investigation.

Oliver Clive & Co/London Capital & Finance plc/AEP96

In November 2023, a Final Settlement Decision Notice (FSDN) was issued following admissions of breaches of Relevant Requirements by Oliver Clive & Co Limited (OCC) and the Audit Engagement Partner in relation to the Statutory Audit of the financial statements of London Capital & Finance plc, at that time named London Capital & Finance Limited (LCF) for the one-month period ended 30 April 2015.

Points to note

There were numerous breaches of Relevant Requirements that are fundamental to the role of the independent auditor: - Most seriously, the Respondents failed to identify, assess and act upon the threats to their objectivity arising from the fact that they had prepared the financial statements that they audited, and they were in a position to take accounting and reporting decisions on behalf of the management of LCF. - The Respondents failed adequately to identify, assess, discuss and record the risk of material misstatement due to fraud or error, which was heightened by various features of LCF’s structure and operations. - Executive Counsel was unable to determine whether the Respondents would necessarily have identified that LCF was potentially a fraudulent entity or that the financial statements may have been materially misstated, if the breaches had not occurred, but the breaches meant that the Respondents were not in a position to detect those matters. They failed to provide the reasonable assurance that the financial statements taken as a whole were free from material misstatement, whether caused by fraud or error, which is the objective of any Statutory Audit. - The breaches were made more serious by the fact that the Respondents knew they were auditing an expanding business which was engaged in selling unregulated financial products to retail investors, and that potential investors might place reliance on the clean audit opinion. - The level of sanction took account of the very small size of OCC, compared to other firms that have been subject to sanction by the FRC, and the fact that this was an audit of one month’s financial statements of an entity that was, itself, relatively small at the time when the audit was carried out.

Facts

LCF’s business involved issuing private bonds to retail investors and lending the proceeds to a small number of commercial clients. LCF went into administration just over three years after the April 2015 audit was concluded. By that stage, LCF had issued bonds, with a total value of about £237 million to 11,625 individual investors, a very significant expansion compared with the size of the business at the time of the audit.

LCF’s borrowers were unable to repay their loans, leaving bondholders with significant losses. These have been partly reimbursed by compensation schemes funded by the financial services industry and the taxpayer. The Serious Fraud Office (SFO) has begun a criminal investigation on the basis of suspicion that LCF’s bondholders may have been defrauded but no finding to that effect has been made by any court to date.

Issues

The breaches of Relevant Requirements in the April 2015 audit concerned ten areas. These were: compliance with ethical standards; planning; identifying and assessing the risk of material misstatement; loan debtor; related parties; bond creditors; opening balances; subsequent events; going concern; and quality control.

The standards found to have been breached in the matters covered by FSDN were: - ISA (UK) 200: Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing; - ISA (UK) 210 (Agreeing the Terms of Audit Engagements); - ISA (UK) 220 (Quality Control for an Audit of Financial Statements); - ISA (UK) 230 (Audit Documentation); - ISA (UK) 240 (The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements); - ISA (UK) 300 (Planning an Audit of Financial Statements); - ISA (UK) 315 (Identifying and Assessing the Risks of Material Misstatement Through Understanding the Entity and its Environment); - ISA (UK) 500 (Audit Evidence); - ISA (UK) 510 (Initial Audit Engagements - Opening Balances); - ISA (UK) 550 (Related Parties); - ISA (UK) 560 (Identification of Subsequent Events); and - ISA (UK) 570 (Going Concern).

Outcome

The following sanctions were imposed on OCC: - A financial sanction of £60,000, adjusted by 30% for admissions and early disposal to £42,000. - Non-financial sanctions, comprising: - a published statement, in the form of a Severe Reprimand; and - a Declaration that the Audit Report did not satisfy the Relevant Requirements.

The following sanctions were imposed on the Audit Engagement Partner: - A financial sanction of £20,000 adjusted by 30% for admissions and early disposal to £14,000. - Non-financial sanctions, comprising: - a published statement, in the form of a Severe Reprimand; and - a Declaration that the audit report did not satisfy the Relevant Requirements.

PwC/London Capital & Finance plc/AEP97

In January 2024, a Final Settlement Decision Notice (FSDN) was issued following admissions of breaches of Relevant Requirements by PwC and the Audit Engagement Partner in relation to the Statutory Audit of the financial statements of London Capital & Finance plc (LCF) for the FY2016.

Points to note

The breaches were serious, with multiple contraventions of requirements which are fundamental to the role of the independent auditor: - Most seriously, the Respondents failed to gain an adequate understanding of the nature of LCF’s business and its internal controls to allow them to properly identify and assess the risk of material misstatement. - Further, the Respondents failed to plan and perform the audit with adequate professional scepticism, with particular regard to the degree of control exercised by the managing director of LCF, the commerciality of LCF’s business model and operations, and LCF’s cash flows and liquidity. - Executive Counsel was unable to determine whether the Respondents would necessarily have identified that LCF was potentially a fraudulent entity or that the financial statements may have been materially misstated, if the breaches had not occurred, but the breaches meant that the Respondents were not in a position to detect those matters. They failed to provide the reasonable assurance that the financial statements taken as a whole were free from material misstatement, whether caused by fraud or error, which is the objective of any Statutory Audit. - The breaches were made more serious by the fact that the Respondents knew they were auditing an expanding business which was engaged in selling unregulated financial products to retail investors and that potential investors might place reliance on a clean audit opinion from a top audit firm. - The size and financial strength of PwC, the largest audit firm in the UK, was a relevant consideration when deciding the level of sanction.

Facts

LCF’s business involved issuing private bonds to retail investors and lending the proceeds to a small number of commercial clients. LCF went into administration on 30 January 2019, just over two years after the FY2016 Audit was concluded. By that stage, LCF had grown significantly and issued bonds, with a total value of about £237 million, to 11,625 individual investors. At the end of FY2016, the cumulative total of the amounts outstanding on the bonds was just under £10 million, which had increased from £1 million over the period of the FY2016 Audit.

Issues

The breaches of Relevant Requirements in the FY2016 audit concerned eight areas. These were: identifying and assessing the risk of material misstatement; exercise of professional scepticism and risk of fraud; loan debtors; prepayments; revenue; financial instrument disclosures; going concern; and related party transactions.

The standards found to have been breached in the matters covered by FSDN were: - ISA 200 (Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing); - ISA 230 (Audit Documentation); - ISA 240 (The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements); - ISA 315 (Identifying and Assessing the Risks of Material Misstatement through understanding the Entity and its Environment); - ISA 500 (Audit Evidence); - ISA 510 (Initial Audit Engagements - Opening Balances); - ISA 550 (Related Parties); - ISA 570 (Going Concern); and - ISA 700 (The Independent Auditor’s Report on Financial Statements).

Outcome

The following sanctions were imposed on PwC: - A financial sanction of £7.0 million, adjusted by 30% for admissions and early disposal to £4.9 million. - Non-financial sanctions, comprising: - a published statement, in the form of a Severe Reprimand; - a Declaration that the FY2016 audit report did not satisfy the Relevant Requirements; and - an order requiring PwC to take specified action designed to prevent the recurrence of the contravention.

The following sanctions were imposed on the Audit Engagement Partner: - A financial sanction of £150,000 adjusted by 30% for admissions and early disposal to £105,000. - Non-financial sanctions, comprising: - a published statement, in the form of a Severe Reprimand; and - a Declaration that the FY2016 audit report did not satisfy the Relevant Requirements.

EY/London Capital & Finance plc/AEP98

In January 2024, a Final Settlement Decision Notice (FSDN) was issued following admissions of breaches of Relevant Requirements by EY and the Audit Engagement Partner in relation to the Statutory Audit of the financial statements of London Capital & Finance plc (LCF) for the FY2017.

Points to note

The breaches were serious, with multiple contraventions of requirements which are fundamental to the role of the independent auditor: - Most seriously, the Respondents failed to gain an adequate understanding of the nature of LCF’s business and its internal controls, to allow them to properly identify and assess the risk of material misstatement. - Further, the Respondents failed to plan and perform the audit with adequate professional scepticism, with particular regard to the degree of control exercised by the managing director of LCF, the commerciality of LCF’s business model and operations, and LCF’s cash flows and liquidity, and they failed properly to execute the audit procedures that they had designed in response to the assessed risk of fraud. - Executive Counsel was unable to determine whether the Respondents would necessarily have identified that LCF was potentially a fraudulent entity, or that the financial statements may have been materially misstated, if the breaches had not occurred, but the breaches meant that the Respondents were not in a position to detect those matters. They failed to provide the reasonable assurance that the financial statements taken as a whole were free from material misstatement, whether caused by fraud or error, which is the objective of any Statutory Audit. - The breaches were made more serious by the fact that the Respondents knew they were auditing an expanding business which was engaged in selling unregulated financial products to retail investors, and that potential investors might place reliance on a clean audit opinion from a top audit firm. - The size and financial strength of EY, the third-largest audit firm in the UK, was a relevant consideration when deciding the level of sanction.

Facts

LCF’s borrowers were unable to repay their loans, leaving bondholders with significant losses. These have been partly reimbursed by compensation schemes funded by the financial services industry and the taxpayer. The Serious Fraud Office (SFO) has begun a criminal investigation on the basis of suspicion that LCF’s bondholders may have been defrauded, but no finding to that effect has been made by any court to date.

Issues

The breaches of Relevant Requirements in the FY2017 audit concerned six areas. These were: (i) identifying and assessing the risk of material misstatement; (ii) exercise of professional scepticism and risk of fraud; (iii) loan debtors; (iv) bond creditors; (v) going concern; and (vi) related party transactions.

The standards found to have been breached in the matters covered by the FSDN were: - ISA (UK) 200: Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing; - ISA 230 (Audit Documentation); - ISA 240 (The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements); - ISA 315 (Identifying and Assessing the Risks of Material Misstatement through Understanding the Entity and its Environment); - ISA 330 (The Auditor’s Responses to Assessed Risks); - ISA 500 (Audit Evidence); - ISA 550 (Related Parties); and - ISA 570 (Going Concern).

Outcome

The following sanctions were imposed on EY: - A financial sanction of £7 million, adjusted by 10% for mitigation and a further 30% for admissions and early disposal to £4.41 million. - Non-financial sanctions, comprising: - a published statement, in the form of a Severe Reprimand; - a Declaration that the FY2017 Audit Report did not satisfy the Relevant Requirements; and - an order requiring EY to take specified action designed to prevent the recurrence of the contravention.

The following sanctions were imposed on the Audit Engagement Partner: - A financial sanction of £75,000 adjusted by 10% for mitigation and a further 30% for admissions and early disposal to £47,250. - Non-financial sanctions, comprising: - a published statement, in the form of a Severe Reprimand; and - a Declaration that the FY2017 audit report did not satisfy the Relevant Requirements.

The FRC does not accept any liability to any party for any loss, damage or costs, however arising, whether directly or indirectly, whether in contract, tort or otherwise from action or decision taken (or not taken) as a result of any person relying on or otherwise using this document or arising from any omission from it.

© The Financial Reporting Council Limited 2024 The Financial Reporting Council Limited is a company limited by guarantee. Registered in England number 02486368. Registered Office: 8th Floor, 125 London Wall, London, EC2Y 5AS

Financial Reporting Council 8th Floor 125 London Wall London, EC2Y 5AS

+44 (0)20 7492 2300 www.frc.org.uk

Year ended 31 March 2024. ↩
No investigations into actuaries were opened during the year. ↩
A period of two years between the notification of an investigation and service of either the Proposed Formal Complaint or Investigation Report (or closure or settlement if sooner). Further details can be found in Section 7 of this Review. ↩
A period of three years between the notification an investigation and service of either the Proposed Formal Complaint or Investigation Report (or closure or settlement if sooner). Further details can be found in Section 7 of this Review. ↩
International Standards of Auditing. ↩
Press Notice: Sanctions against three audit firms over the audits of London Capital & Finance plc ↩
Press Notice: Sanctions against PricewaterhouseCoopers LLP and audit partner ↩
Press notice: Sanctions against MacIntyre Hudson LLP, a former partner and a former employee ↩
ISA 200, paragraph 13(1). ↩
Press Notice: Sanctions against KPMG LLP, KPMG Audit plc and two former partners ↩
Press Notice: Sanctions against KPMG LLP and audit partner ↩
Press Notice: Sanctions against PwC and two former audit partners ↩
Press Notice: Sanctions against PricewaterhouseCoopers LLP and audit partner (in relation to PwC's audit of Kier) ↩
Press Notice: Sanctions against PricewaterhouseCoopers LLP and audit partner (in relation to PwC's audit of Galliford Try) ↩
Press Notice: Sanctions against PwC and two former audit partners ↩
Press Notice: Sanctions against KPMG LLP, KPMG Audit plc and two former partners ↩
Press Notice: Sanctions against PwC and two former audit partners ↩
Press Notice: Sanctions against KPMG LLP, KPMG Audit plc and two former partners ↩
Press Notice: Sanctions against PricewaterhouseCoopers LLP and audit partner (in relation to PwC's audit of Galliford Try) ↩
Press Notice: Sanctions against UHY Hacker Young LLP and the Audit Engagement Partner in relation to Laura Ashley Holdings plc ↩
Our approach to regulation. The FRC and the Regulators' Code ↩
Statutory Guidance: The Regulators' Code ↩
The Audit Enforcement Procedure ↩
Accountancy Scheme ↩
Actuarial Scheme ↩
Prior to the introduction of the AEP in 2016, all audit investigations, as well as investigations into accountants, were conducted under the Accountancy Scheme. ↩
Sanctions imposed under the Auditor Regulatory Sanctions Procedure (ARSP) and the Crown Dependencies' Recognised Auditor Sanctions Procedure (CDRASP) are handled by our Audit Quality Review Team. ↩
Statutory Auditors and Third Country Auditors Regulations 2016 (original version) ↩
The Recognised Supervisory Bodies include: Association of Chartered Certified Accountants (ACCA), Chartered Accountants Ireland (CAI), Institute of Chartered Accountants in England and Wales (ICAEW), Institute of Chartered Accountants of Scotland (ICAS) ↩
For accountants: the ICAEW, Chartered Institute of Management Accountants (CIMA), ACCA, Chartered Institute of Public Finance and Accountancy (CIPFA), ICAI and ICAS. For actuaries: the Institute and Faculty of Actuaries (IFOA). ↩
The FRC can also instigate Scheme cases if the matters have come to our attention via, for example, horizon scanning. ↩
The Conduct Committee is a sub-committee of the Board. The rest of this section will refer to the Conduct Committee. ↩
The Case Assessment team conducts horizon scanning, considers complaints and referrals from other regulators, and receives referrals from other parts of the FRC, in particular the Audit Quality Review (AQR) team. AQR inspections which receive the lowest rating are generally passed to the Case Assessment team. ↩
Constructive Engagement is appropriate for cases at the less serious end, often involving technical breaches, and where there is less likely to have been harm or risk of harm to the public (including investors, customers, employees, pensioners or creditors). ↩
If a professional body has referred a Scheme matter to the FRC, the Conduct Committee must make the decision, so the Case Examiner presents all of those cases to the Committee. ↩
In Referral Cases (as defined in the Guidance for the Case Examiner) the Case Examiner's recommendation of either Constructive Engagement or no further action is subject to additional internal quality assurance processes, which include consideration by other senior FRC staff, before being submitted to the Conduct Committee for a decision. ↩
Conduct Committee Terms of Reference ↩
Misconduct is defined as 'an act or omission or series of acts or omissions...which falls significantly short of the standards reasonably to be expected of a Member or a Member Firm or has brought, or is likely to bring, discredit to the Member (or Member Firm) or to the accountancy (or actuarial) profession'. ↩
Guidance on the opening of investigations under the Audit Enforcement Procedure (January 2022) ↩
Accountancy Scheme - Guidance on the commencement of investigation of cases by the Financial Reporting Council - January 2021; Actuarial Scheme - Guidance on the commencement of investigation of cases by the Financial Reporting Council. January 2021 ↩
Overview of AQR inspection work and findings ↩
This also provides an opportunity for subjects to meet with and raise any questions or discuss any concerns with the case team. These meetings are particularly useful for smaller firms and those who have not had experience of FRC investigations, for example, firms that are new to the PIE market. ↩
The AEP and both Schemes provide that the Respondents are given eight weeks to respond, and that extensions of time are possible. ↩
Sanctions Policy (AEP), January 2022; Accountancy Scheme Sanctions Guidance, March 2021; Actuarial Scheme Sanctions Guidance, March 2021 ↩
Paragraph 46 Sanctions Policy (AEP); paragraph 34 Accountancy Scheme Sanctions Guidance; paragraph 31 of Actuarial Scheme Sanctions Guidance, March 2021 ↩
KPMG received a sanction of £30 million for their audits of Carillion. ↩
Publication Policy (AEP), Publication Policy (Accountancy and Actuarial Schemes) ↩
Guidance on the opening of investigations (AEP); Accountancy Scheme - Guidance on the commencement of investigation of cases by the Financial Reporting Council; Actuarial Scheme - Guidance on the commencement of investigation of cases by the Financial Reporting Council ↩
Other regulators apply different tests: some announce all, and some make no announcements until a later stage in the investigation. The FCA has recently launched a consultation on the same issue. ↩
The Case Examiner and Case Examination and Enquiries function moved to the Supervision Division on 1 April 2023 and has been renamed Case Assessment. ↩
The Case Examiner determines that a matter is a Referral Case if they consider that a decision to take no further action or to pursue Constructive Engagement in respect of it may be contentious, high-profile or may risk undermining confidence in the FRC's (or the wider) regulatory regime. ↩
Under the revised Audit Enforcement Procedure (June 2023) ↩
The Conduct Committee may reconsider the Case Examiner's decision to take no further action or to arrange Constructive Engagement. ↩
Paragraph 10A Guidance for the Case Examiner-June-2023.pdf) ↩
In certain circumstances a case may be referred to the appropriate RSB to conduct the investigation. ↩
Data is given as at 31 March 2024. As at date of publication (25 July 2024) the Enforcement team size is 68 (31 lawyers, 23 forensic accountants, 7 legal assistants and 4 operations and administrative staff). ↩
Who can the FRC investigate and act against? ↩
'Referral Case' has the meaning given in paragraph 10A of the Guidance for the Case Examiner-June-2023.pdf) which took effect on 30 June 2023. When the Case Examiner considers that a decision to take no further action or to pursue Constructive Engagement may be contentious, high-profile or may risk undermining confidence in the FRC's (or the wider) regulatory regime, the case is referred to the Conduct Committee who will decide on the appropriate course of action. ↩
On 1 April 2023, the effective date of the CA restructuring, 10 cases were transferred to the Supervisor team within AFS. These were cases where the Constructive Engagement process was in progress. ↩
The enquiries and outcomes data comprises all cases passing through the case assessment process, including all audit matters dealt with under the AEP and all Scheme matters referred to the Conduct Committee. ↩
The source category refers to the method by which a matter first came to the FRC's attention. It may be that matters we identify through horizon scanning activities are also subsequently the subject of complaints or external referrals. ↩
The reduction of cases year on year reflects that on 1 April 2023, the effective date of the CA restructuring, 10 cases were transferred to the Supervisor team within AFS and closed within CA. These were cases where the Constructive Engagement process was in progress. ↩
Cases are regarded as closed at the point of referral for investigation by the Conduct Committee or when the decision is taken by the Case Examiner, or as regards Referral Cases, by the Conduct Committee, that the matter be resolved through Constructive Engagement or no further enquiry work needs to be undertaken by the Case Examiner. Individual outcomes are not published, except where they lead to the opening of investigations and where, in accordance with the Publication Policies, it is considered appropriate to announce that investigation. ↩
A case is opened on the date the complaint is either received, referred from another division, referred from another regulator, or identified through horizon scanning activities. ↩↩
Guidance for the Case Examiner (AEP)-June-2023.pdf), paragraphs 13 to 15 outline where a case may be suitable for Constructive Engagement. ↩↩
There may be multiple underlying issues connected to a single case. ↩
Publication Policy (Audit Enforcement Procedure)-December-2023-Final.pdf), Publication Policy (Accountancy and Actuarial Schemes)-June-2023-Final.pdf) ↩
As a comparison, eight AEP investigations were announced in 2022/23. Investigations that have been announced can be found at Enforcement Cases ↩
For consistency with previous Reviews, the definition of a legacy case remains as open for four years or more. In next year's Review we plan to use five years or more period to take account of the introduction of the 3-year KPI this year. ↩
FRC year ended 31 March 2020. ↩
Sanctions against a Statutory Audit Firm and a Statutory Auditor ↩
The Auditor Regulatory Sanctions Procedure covers failures to comply with the Regulatory Framework for Auditing of major local audits. Major local audits are principally local authorities and health bodies other than Foundation Trusts. Sanctions imposed under the Auditor Regulatory Sanctions Procedure ↩
Under the Crown Dependencies' Recognised Auditor Sanctions Procedure the Audit Quality Review team has inspected a Recognised Auditor registered in one of the Crown Dependencies of Guernsey, the Isle of Man and Jersey. ↩
The Work and Pensions Committee and Business, Energy and Industrial Strategy Committee joint report on the failure of Carillion (published 16 May 2018) paragraph 8. ↩
Final Settlement Decision Notice (Decision 1). ↩
An investigation will comprise one of the following: (1) an audit investigation into an audit firm and Audit Partner(s) (under the Accountancy Scheme or the AEP); (2) an investigation into professional accountant(s) working in business (under the Accountancy Scheme); (3) a non-audit investigation into professional accountant(s) and accountancy firms (under the Accountancy Scheme); or (4) an investigation into actuaries (under the Actuarial Scheme). Each investigation may include multiple subjects, and an investigation is not considered closed until concluded against all subjects. ↩
Further details of the FRC's remit and powers can be found in the Enforcement regimes and information gathering powers on the FRC's website. ↩
EY/Thomas Cook comprises two open investigations. In September 2019, an investigation was opened in relation to the audit of the financial statements of Thomas Cook Group plc for the year ended 30 September 2018. In December 2019, a second investigation was opened in relation to the audit of the financial statements of Thomas Cook Group plc for the year ended 30 September 2017. Under the AEP in force in December 2019, a new investigation was required to be commenced if additional matters were identified outside the scope of the initial investigation. In this instance, matters in an earlier audit year were identified, leading to a second investigation under the AEP. ↩
Enforcement cases ↩
Enforcement cases ↩
Links to the sanctions policies are here: Sanctions Policy (Audit Enforcement Procedure) (effective from January 2022)-December-2023-Final.pdf); Accountancy Scheme Sanctions Guidance (March 2021)-June-2023-Final.pdf); Actuarial Scheme Sanctions Guidance (March 2021)-June-2023-Final.pdf) ↩
The proceeds of financial sanctions imposed in AEP matters are remitted to the government, while in cases under the Schemes the proceeds of such sanctions are remitted to the professional body of the firm or individual that has been sanctioned, in accordance with the contractual arrangements by which the Schemes operate. ↩
Press Notice: Sanction against Member in relation to Autonomy Corporation Plc ↩
A financial sanction of £650,000 (reduced to £455,000 after settlement discount) was also imposed on an unnamed audit firm in relation to the audit of an unnamed audited entity this year. Their identities were anonymised on publication in accordance with the FRC's obligations under regulation 6(2) and (3) of the Statutory Auditors and Third Country Auditors Regulations 2016. ↩
The maximum adjustment awarded for mitigation was 10% and the maximum discount for admissions and early disposal was 35%. The highest overall discount was in a case where a 7.5% discount was applied for mitigation and an additional 35% for admissions and early disposal. As the early disposal discount is applied to the figure after mitigation, the overall discount in this case amounted to 39.9%. ↩
Sanctions against a Statutory Audit Firm and a Statutory Auditor ↩
Press Notice: Sanctions against KPMG LLP and audit partner ↩
Press Notice: Sanctions against MacIntyre Hudson LLP and two Audit Engagement Partners ↩
Press Notice: Sanctions against three audit firms over the audits of London Capital & Finance plc ↩
Press Notice: Sanctions against three audit firms over the audits of London Capital & Finance plc ↩
Press Notice: Sanctions against three audit firms over the audits of London Capital & Finance plc ↩

File

Name Annual Enforcement Review 2024

Publication date 23 July 2024

Type Report

Format PDF, 2.9 MB

Download original

Annual Enforcement Review 2024

Case Assessment (CA)50 – intelligence gathering, initial enquiries

Cases opened in the year60,61

File

Is this page useful?

Cases opened in the year 60,⁶¹