The content on this page has been converted from PDF to HTML format using an artificial intelligence (AI) tool as part of our ongoing efforts to improve accessibility and usability of our publications. Note:
- No human verification has been conducted of the converted content.
- While we strive for accuracy errors or omissions may exist.
- This content is provided for informational purposes only and should not be relied upon as a definitive or authoritative source.
- For the official and verified version of the publication, refer to the original PDF document.
If you identify any inaccuracies or have concerns about the content, please contact us at [email protected].
Technical Advisory Group Meeting Minutes (28/02/2025)
TAG minutes 24 September 2024 (Appendix 1)
No comments on minutes.
Ethics (13.30-14.30)
1. Update on discussion around training technological tools (Appendix 2)
Audit firms work with large quantities of data from the entities they audit, and may wish to use this data in the development of audit related technological tools. The permissibility of this use of data under the Ethical Standard arose through the FRC's external technology working group and was previously brought to TAG in September 2024 and discussed in two additional technology working group meetings. It was also discussed at the IESBA technology experts' group.
Both the FRC Ethical Standard and the IESBA Code have potentially relevant provisions and firms must additionally be aware of the broader legal and regulatory landscape around use of confidential data. The recent revisions to the IESBA Code clarify that authorisation from the audited entity must be obtained before any confidential information is used in the development of technology:
114.3 A3 The circumstances in which a firm or employing organization seeks authorization to use or disclose confidential information, include where the information is to be used for...the development of products or technology”.
This includes, as the FRC understands it, both the use of information in its original form and the use of that information as the basis of synthetic or derived data.
One firm raised the issue of authorisation from an audited entity potentially being revoked after originally being granted. This may create significant issues as some forms of technology cannot "unlearn" information they have been trained on.
The IESBA Code is silent on this issue, and the FRC sees this as primarily an issue for firms to discuss with their legal teams, rather than an ethics and independence issue. It may be that the way the authorisation request is drafted determines whether the authorisation can be revoked and what the appropriate course of action would be if it was.
Some firms have interpretated the requirements on gifts and favours in the FRC Ethical Standard as prohibiting accepting authorisation from an audited entity to use their data, as this might be seen as accepting a gift or favour from that entity.
In particular, paragraph 4.38 says that "a firm, its partners and any covered person, and persons closely associated with them, shall not offer or accept pecuniary and non-pecuniary gifts or favours, including hospitality, from an entity relevant to the engagement, or any other entity related to that entity, unless an objective, reasonable and informed third party would consider the value thereof as trivial or inconsequential."
The FRC clarifies that this is not its interpretation of this requirement in this context.
One firm asked if it may be deemed a business relationship if the firm develops a tool with information from an audited entity.
This need not be the case and would be determined by the specific fact pattern of a scenario. If the firm and audited entity have a common commercial interest, per paragraph 2.24 of ES 2024, for example if the firm pays a fee for the information, a business relationship may be present. 2.25 and 2.26 of the ES 2024 contain provisions on when would be permissible.
There were no active disagreements from TAG with the FRC position.
2. Update on final version of the Ethical Standard 2024
The errata to the Ethical Standard 2024 went live before 15th December 2024 and minor changes have been put through. The FRC confirmed that the IESBA PIE definition was included in the Ethical Standard 2024 for the purposes of cross-referencing only and not to introduce the IESBA definition to the UK.
3. Queries on 2024 Revisions to the Glossary of Terms (Appendix 3)
- Addition of para (d) to the “public interest assurance engagement” definition
The FRC confirmed that paragraph (d) refers to ISAE 3000 engagements. Given that ISAE (UK) 3000 has now been adopted in the UK, it has been included in the revised definition. The ES 2024 will not be re-opened to include reference to ISAE (UK) 3000 engagements in footnote 1.
- Expansion of the "relevant ethical standards" definition to include the IESBA Code
The definition of "relevant ethical requirements" was updated to align with the definition used in ISQM (UK) 1 and the latest IAASB handbook.
- Why there has been no change to the “significant affiliate” definition considering the definition of a "significant component” has been removed from the Glossary and the ISAs – and therefore no such determination would be made by the group engagement team
The definition for "significant affiliate" is purely for use in the context of an assessment for ethics purposes, not audit ones. The definition of a "significant affiliate" hasn't been changed because it's still appropriate for use in the revised Ethical Standard.
4. Update on UK adoption of international sustainability standards
The FRC confirmed that there will be a public consultation on UK adoption of the assurance standard and the application of relevant ethical standards. The FRC will consult on the basis of making only very limited changes to the IAASB's ISSA 5000 standard.
5. Interaction of ISA (UK) 700-45-1 (d) & ES 24 1.22
How to apply ISA (UK) 700 45-1(d) in situations where a historic breach that is both inadvertent and insignificant is identified – i.e. one where the breach did not occur between the start of the audited year and date of our report (or, in the case of internal control/risk/systems/internal audit, the cooling in period). For example, consider a situation where you discover a discussion about a potential non-audit service in the current year, which you reject, but discover the service has been provided in a prior year
Note - the Ethical Standard reference is 1.25(e) (2024) rather than 1.22 (in 2019).
Relevant breaches of the Ethical Standard should be disclosed in the auditor's report, regardless of their historic nature.
One firm shared that they have had instances of this and have disclosed it within the audit opinion as well as in the audit committee report.
6. UK Statutory Public Interest Entity (PIE) definition and Other Entities of Public Interest (OEPIS)
The most recent consultation on revisions to the Ethical Standard showed overwhelming support for removing the OEPI category once any new UK statutory PIE definition has been finalised. This is still the FRC's position.
AOB
A firm asked if additional services for public interest assurance engagements under 5.8 of ES 2024 can be limited to affiliates and significant affiliates.
Audit (14.30-15.30)
1. Update on ISAs (UK) 250 & 270
The FRC provided an update on the ISA (UK) 250 project and confirmed that the changes and adaptations made since the exposure draft still need to be approved by the FRC Board.
2. Update on Small and Medium Enterprises (SME) Audit Practice Note
The FRC outlined the workstream, within a wider SME project, which is focusing on opportunities for proportionality in the existing UK ISAs (UK). The aim is to provide comfort to practitioners that they are supported by guidance in the judgments they make for their audits to be proportionate to risk and the size and complexity of the entities they are auditing. Extensive outreach has been conducted, forming the basis of a working group that includes several firms and professional bodies. An exposure draft of a Practice Note (PN) is expected by summer 2025.
The goal of the PN is to empower practitioners to conduct proportionate audits.
3. Update on Auditor Reporting Project
The key aims of the project are to declutter and simplify the auditor's report, creating more space for decision-useful information for investors. This would include genuine reporting by exception where that is required, reducing boilerplate content.
Key potential additional requirements include mandatory key observations, which currently only apply to PIEs. There is also a proposal to include commentary on key control deficiencies identified in the audit and reported to Those Charged With Governance.
These proposals will be finalised in this calendar year and once approved by the FRC Board will be the subject of a full public consultation.
4. Update on UK adoption of international sustainability standards
See agenda item 4 above.
5. Update on local audit Sandbox on the auditing of reserves
The sandbox initiative is ongoing and is now specifically focussing on recovery of assurance after disclaimed opinions, particularly in respect of reserves. Draft guidance will be drafted by the FRC for discussion at the next sandbox meeting. A significant proportion of the guidance will be concerned with effective risk assessment.
The sandbox will be completed regardless of system leadership arrangements. There is a desire for sandbox members to align slightly more, but it is not possible to prescribe what they do.
Key stakeholders, including MHCLG and PSAA, will be involved.
AOB
The FRC provided a brief update on upcoming projects.