The content on this page has been converted from PDF to HTML format using an artificial intelligence (AI) tool as part of our ongoing efforts to improve accessibility and usability of our publications. Note:

No human verification has been conducted of the converted content.
While we strive for accuracy errors or omissions may exist.
This content is provided for informational purposes only and should not be relied upon as a definitive or authoritative source.
For the official and verified version of the publication, refer to the original PDF document.

If you identify any inaccuracies or have concerns about the content, please contact us at [email protected].

Annual Enforcement Review 2025

1. Overview by Executive Counsel

The Annual Enforcement Review was first introduced in 2019 to provide stakeholders with greater insight into the FRC's enforcement activities and to provide a baseline against which to assess future performance. The backdrop to those activities has changed considerably over the intervening years which have included events of major global significance resulting in ongoing volatility.

Against this challenging background, our enforcement activities need to be viewed through the lens of the FRC's purpose. That purpose is to serve the public interest which includes supporting economic growth through upholding high standards of corporate governance and reporting, audit, and actuarial work. This provides confidence to attract investment to enable well-run businesses to build and scale for the benefit of society as a whole.

Proportionate, risk focused, enforcement targeted on key issues is necessary to support that confidence by holding to account the minority who have fallen short to a serious or significant extent, by deterring similar behaviour and by publishing improvement directed outcomes. We devoted a chapter of last year's Annual Enforcement Review to explaining our approach to proportionality, and that philosophy has continued to shape and inform our activities this year.

The number of matters considered by Case Assessment held steady, with a slight increase in the number of investigations (eight) opened by the Conduct Committee. The year saw twelve matters resolved through Constructive Engagement; two investigations closed with no further action; and nine investigations resolved through settlement. The overall result has been to continue the reduction in the number of open investigations from a high of 52 in Autumn 2021 to 32.

We have seen further good examples of exceptional co-operation by firms and individuals evidencing commitment to self-improvement. However, we continue to see failings in certain areas identified in previous years such as lack of professional scepticism. Our published outcomes therefore continue to repay careful study, both as regards areas covered before and when addressing different issues.

The year saw financial sanctions imposed of £14.5m (before discount). Total financial sanctions imposed in a year depend on numerous factors, including the number and nature of investigations resolved and the financial resources of the subjects. Trend analysis should therefore be approached with caution given the distortive effect of subject specific circumstances or exceptional cases sanctioned in any one year.

Non-financial sanctions continue to play a key part in our role as an improvement regulator through identifying the reasons for breaches and assessing not only whether measures are needed to prevent recurrence but also whether measures since implemented by firms have proved effective. Once again, the overall number of such sanctions fell this year, reflecting that such sanctions are imposed when, where, and to the extent necessary.

Low-angle view of a modern glass and steel building with a sharp, geometric design and a triangular glass peak, set against a clear blue sky.

Headshot of a woman with blonde hair, wearing a black top and a double strand pearl necklace, looking directly at the camera.

Elizabeth Barrett, FRC Executive Counsel

Our longstanding commitment to continuing to improve timeliness to the extent that operative factors are within our control has resulted in positive delivery against our KPIs with both KPIs met for the third year in succession and our 2-year KPI exceeded by a significant margin. These results have been achieved during a year of further consolidation and reduction in headcount to 2021/22 levels.

References to improvement would not be complete without noting that as a forward-looking regulator this includes review of our own approach and procedures to ensure that they remain responsive to dynamic and evolving market needs, and to the public interest. Whilst considered as a regular part of our day-to-day operations, periodically a more substantive exercise is merited to ensure that our processes and activities are sufficiently adaptable to continue to be efficient, effective, and proportionate, with an appropriately balanced approach to risk.

To this end we have launched the End-to-End Enforcement Process Review (E2E). This is a major project covering work conducted in our Supervision, Enforcement and Legal Services teams which is aligned and proceeding in parallel with a similarly substantial project addressing our Future Audit Supervision Strategy. E2E is looking at processes and procedures across the spectrum of our enforcement regime from initial case assessment to investigations and enforcement action and ending with publication of outcomes. We have had positive early engagement from stakeholders and look forward to sharing our thinking through a public consultation later in the year. In short, much has changed – externally and internally

since I joined the FRC in 2018. These seven years have been very busy, with improvements in our responsiveness, timeliness and approach, and important case outcomes delivered. As I look to the future, with the output of the E2E Review to implement, this seems a natural time to hand over to a successor for this new phase in the development of our investigations and enforcement function. On my departure in the Autumn, I leave my successor with a strong platform on which to continue to build, with a professional, committed, and experienced enforcement team and the exciting opportunity to shape the delivery of the output of the E2E Review from the outset.

It remains only for me to thank our Senior Advisors and members of our Advisory Panel for invaluable input from their perspectives as experienced practitioners in their fields, and to pay tribute to the significant steps taken by firms and individuals to improve audit quality, engage positively with the regulatory process and embrace the benefit of self-reporting and the making of full and frank early admissions.

Above all however I would like to thank all members of enforcement and other FRC colleagues for their unstinting support in our collective endeavour to serve the public interest.

2. The year¹ at a glance

(Comparator text for the year to 31 March 2024 is shown in brackets)

32 (35) current investigations
8 (6) investigations opened into auditors and accountants² in the year
12 (13) cases resolved through Constructive Engagement
9 (8) cases resolved through settlement
Financial sanctions of £14.5 million (£48.2 million) (before settlement discount)
2 (1) cases closed with no further action
90% (53%) of cases met the 2-year 50% key performance indicator³
87% (88%) of cases met the 3-year 80% key performance indicator⁴
Achieved with a headcount reduction of six to a team size of 64 (70)

Recurring themes in concluded audit investigations: lack of scepticism, compliance with ethical requirements, failure to understand the business, laws and regulations, presentation and disclosure, going concern and insufficient audit evidence.

3. The team and processes

Case Assessment (CA) – intelligence gathering, initial enquiries

Who are the members of the FRC Supervision CA team?

The team comprises:

Case Examiner
Four CA team members

Whose conduct does the CA team consider?

Accountants, accountancy firms and actuaries under the Accountancy Scheme and Actuarial Scheme (Schemes).
Statutory audit firms and statutory auditors under the Audit Enforcement Procedure (AEP).

Sources:

Horizon scanning.
Referrals from other FRC teams, regulators, audit firms and professional bodies.
Complaints.
Whistleblowing disclosures.

Outcomes:

No further action.
Referral to a professional accountancy or actuarial body, or other regulator.
Referral to another FRC team.
Constructive Engagement (AEP only).
Referral to Conduct Committee for decision on a Referral Case.⁵
Referral to the Conduct Committee for decision on opening of investigation.

Case Assessment process

A high-level overview of our CA process is set out in the flow chart below.⁶

Receipt of information

Information sources include: horizon scanning, complaints, whistleblowing disclosures, other FRC teams, regulators, audit firms and professional bodies.

Determining whether a question arises

Make enquiries to determine whether the information raises a question of a breach of a Relevant Requirement or reasonable grounds to suspect Misconduct. The Case Examiner has powers to make enquiries and obtain specialist expert and legal advice. (Close case if the Case Examiner determines there is no question arising.)

Refer matter to Conduct Committee

Determine whether the matter is a Referral Case or a Non Referral Case (AEP)

Referral case⁸: If the Case Examiner considers that a decision to take no further action or to pursue Constructive Engagement may be contentious, high-profile or may risk undermining confidence in the FRC's (or the wider) regulatory regime.
Non Referral case: If the Case Examiner does not consider the matter to be a referral case. May be dealt with by the Case Examiner without proceeding to the Conduct Committee.

Conduct Committee decides on the appropriate course of action.

Investigation undertaken by Enforcement Division's lawyers and forensic accountants. The Committee will decide whether the opening of the investigation should be announced.⁹
Constructive Engagement (AEP only) undertaken in AFS.¹⁰ If unable to resolve to the Case Examiner's satisfaction the Conduct Committee will consider Investigation.
No Further Action

Before referral to Tribunal, if at any time the Executive Counsel decides that the Respondent should not be liable for Enforcement Action, the case is closed.

Settlement is encouraged under the AEP and both the Schemes, with significant discounts to financial sanctions typically available to Respondents where early admissions are made. Under all regimes, settlements are reached by agreement between Executive Counsel and the Respondents and are approved by an Independent Reviewer.

Proposed allegations

Document served on those under investigation (Respondents) setting out grounds for potential breaches/Misconduct. Opportunity for Respondents to make representations.

Enforcement action

Decision by Executive Counsel to pursue enforcement action where the relevant tests are met, including where parties are unable to agree at this stage. Final allegations served on Respondents.

Determination (AEP)

Breaches determined by Executive Counsel can be accepted by the Respondent.

Tribunal

If breaches (AEP) or allegations of Misconduct (Schemes) are not accepted the case will be referred to the Independent Tribunal. The Independent Tribunal will conduct a full public hearing and determine if there are breaches or Misconduct.

Sanctions¹³

Sanctions for breaches/Misconduct imposed. Final Decision Served. Publication decision is made by the Conduct Committee.

Further details of the FRC's remit and powers can be found in the Enforcement regimes and Information gathering powers on the FRC's website.

Investigations and Enforcement – conduct of investigations opened by the Conduct Committee

Who are the members of the FRC Enforcement Division?

The division handles investigations and enforcement action.

The team has reduced in size from 70 team members last year to 64 team members this year amounting to a FTE¹¹ of 60.

The team comprises:

Executive Counsel: Elizabeth Barrett
Deputy Executive Counsel: Claudia Mortimore, Jamie Symington
27 lawyers (qualified barristers or solicitors and trainee solicitors)
23 forensic accountants
7 legal assistants
4 operations and administrative team members

Whose conduct can the FRC investigate?¹²

Accountants, accountancy firms and actuaries under the Accountancy Scheme and Actuarial Scheme.
Statutory audit firms and statutory auditors under the AEP.

Outcomes

AEP:

Investigation Report (IR).
Decision Notice and proposed sanction.
Accepted or Independent Tribunal convened.

Scheme:

Proposed Formal Complaint (PFC)/Formal Complaint (FC).
Settlement or Independent Tribunal convened.

At any point, Executive Counsel can close a case should the threshold for taking enforcement action not be met.

Sanctions

Financial:

Unlimited financial sanctions.

Non-financial sanctions, for example:

Reprimand.
Exclusion as a member of a professional body.
Other remedial actions as appropriate.

Sanctions are determined by reference to the Sanctions Policy (AEP), Accountancy Sanctions Guidance (Scheme) and Actuarial Sanctions Guidance (Scheme).

Investigation and Enforcement process

A high-level overview of our investigation and enforcement process is set out below. A definition of terms used can be found in the Glossary on our website.

Decision to investigate

Taken by the FRC's Board or Conduct Committee following a referral by the Case Examiner. Passed to Executive Counsel.

Investigation

Undertaken by Enforcement Division's lawyers and forensic accountants. Powers to require production of information and documents from audit firms, auditors and certain audited entities (AEP) and accountants, accountancy firms and actuaries (Schemes). There is a general duty to cooperate under all regimes. Independent expert opinion on potential breaches/ Misconduct is sought in most cases.

Proposed allegations

Document served on those under investigation (Respondents) setting out grounds for potential breaches/Misconduct. Opportunity for Respondents to make representations.

Enforcement action

Decision by Executive Counsel to pursue enforcement action where the relevant tests are met, including where parties are unable to agree at this stage. Final allegations served on Respondents.

Determination (AEP)

Breaches determined by Executive Counsel can be accepted by the Respondent.

Tribunal

Sanctions¹³

Sanctions for breaches/Misconduct imposed. Final Decision Served. Publication decision is made by the Conduct Committee.

Before referral to Tribunal, if at any time the Executive Counsel decides that the Respondent should not be liable for Enforcement Action, the case is closed.

Settlement is encouraged under the AEP and both the Schemes, with significant discounts to financial sanctions typically available to Respondents where early admissions are made. Under all regimes, settlements are reached by agreement between Executive Counsel and the Respondents and are approved by an Independent Reviewer.

Further details of the FRC's remit and powers can be found in the Enforcement regimes and Information gathering powers on the FRC's website.

4. Case Assessment (CA)

CA is responsible for undertaking enquiries (referred to in this section as 'cases') up to the point of a decision to refer the matter (which may be a Referral Case)¹⁴ to the Conduct Committee. Currently matters are referred for the Committee to decide whether an investigation should be opened, to decide if the matter can appropriately be resolved via Constructive Engagement, or to take no further action. If Constructive Engagement is deemed to be suitable, cases are transferred to the Supervisor team within Audit Firm Supervision who conduct and manage the process.

The table below summarises the number of cases opened and closed by the Case Examiner in the current and preceding two years.

The choices available to the Conduct Committee are included in the matters under consideration as part of E2E which is considering governance structures, and decision-making processes to ensure that these continue to be efficient, effective and proportionate including in terms of offering a sufficiently broad graduated range of regulatory responses. Options to improve timeliness, throughout the process from CA to publication of investigation outcomes, whilst continuing to meet regulatory objectives, are also a key focus of E2E.

40 cases opened by CA during the year

Cases	2022/23	2023/24	2024/25
Open at start of the year	27	40	20
Opened in the year	70	40	40
Closed in the year	(57)	(60)	(44)
Open at end of the year	40	20	16

Cases opened in the year¹⁵,¹⁶

Cases opened (by source)

This chart illustrates the sources of cases opened, with specific numbers for different periods. For 2024/25, a total of 40 cases were opened, comprising: * Horizon scanning: 20 * FRC teams: 16 * Complaints: 3 * External referrals: 1

The overall trends for cases opened are: * 2024/25: 40 * 2023/24: 40 * 2022/23: 70

During the year, 44 cases were closed by CA, a 27% reduction on the previous year (60 cases closed). The main reason for the lower number of cases closed in the current year is the reduced number of cases opened in the year (as noted above). A further factor is the number of cases held open at the end of the year (carried over to the next year) and subsequently closed in the following year. As noted above 2022/23 had 40 cases carried over and this has continually decreased year on year with 2024/25 having 16 open at year end. The table on page 10 summarises the number of cases opened and closed by CA in the current and preceding two years. Of the cases closed:

Outcome of CA cases

90% of cases opened in the year were audit-related

Cases closed (by outcome)

This pie chart shows the breakdown of cases closed by outcome: * Constructive Engagement: 28 (64%) * Referred for investigation by the Conduct Committee: 9 (20%) * No further action: 7 (16%)

The total cases closed for each year were: * 2024/25: 44 * 2023/24: 60 * 2022/23: 57

Nine¹⁹ (six in 2023/24) were referred by the Conduct Committee to Executive Counsel for investigation.
Seven (28²⁰ in 2023/24) were transferred to the Supervisor team to resolve through Constructive Engagement.

64% of cases concluded in the year were closed with no further action

A total of 28 (26 in 2023/24) resulted in no further action²¹ by the Case Examiner.

More details of the cases in each category are set out in the subsections below.

Referrals to the Conduct Committee to consider opening an investigation

The cases referred to the Conduct Committee for potential investigation, and its decisions in the year, are shown below:

Investigations opened or extended under the AEP or the Schemes²²	Returned for Constructive Engagement or no further action	Total
Audit	8	1
Accountancy	1	1
Actuarial	0	0
Total	9	2

In nine of these cases, the Conduct Committee decided to open an investigation (or in one case extend an existing investigation to a further audit year) and referred the case to Enforcement (under the AEP or the Schemes). Further details of the new investigations opened (to the extent that details may be given) are included in Chapter 5 Investigations and Enforcement.

While the overall number of cases closed during the year has decreased, the number where investigations opened has increased from the previous year (nine versus six). The increase in the number of investigations opened was mainly due to the results of CA's horizon scanning, which identified matters of significant public interest.

12 cases were resolved through Constructive Engagement

The KPI for referral of a matter from CA to the Conduct Committee is six months. The KPI was met in 55% of matters as compared with 83% last year. The time taken to refer a case to the Conduct Committee depends on the specific circumstances of each matter, including the amount of material considered by CA. The average time taken from opening to referring a matter to the Conduct Committee for potential investigation was just over ten months, compared to just under five months in 2023/24. This was due to delays in obtaining relevant material, such as investigation reports, which was partly due to the need to agree legal privilege waivers.

In addition to the cases where an investigation was recommended by the CA team, the Conduct Committee considered 15 Referral Cases in the period. Of these, seven were transferred to the Supervisor team for Constructive Engagement and eight cases led to no further action.

Constructive Engagement

During the year, we continued our focus on further developing the Constructive Engagement process for qualifying cases²³ as an effective and efficient alternative to investigation.

Once the decision has been made to undertake Constructive Engagement, the case is transferred to the Supervisor team, which conducts the process. Seven closed CA cases entered the Constructive Engagement process and 12 Constructive Engagement cases were concluded in the period (13 in 2023/24).

Constructive Engagement cases	2024/25
Brought forward at 1 April 2024	15
Transferred for Constructive Engagement in the year	7
Concluded in the year	(12)
Constructive Engagement ongoing at 31 March 2025	10

In these 12 cases, we engaged with seven separate statutory audit firms. Nine (75%) of the cases involved one of the six Tier 1 firms, two (17%) cases involved a Tier 2 firm, and one (8%) case involved a Tier 3 firm.

Most of the Constructive Engagement cases concern potential breaches which have been identified as part of AQR inspections (grade 4 inspection results).

Intervention through Constructive Engagement can enable the audit firm to take remedial action before the subsequent year's audit is concluded, and to make improvements in firm-wide procedures, thus reducing the risk of recurrence across the firm's audit portfolio.

Remedial action before conclusion of the next audit and improvements in firm-wide procedures reduce the risk of recurrence

The KPI to conclude Constructive Engagement is 12 months which was met in 17% of cases (2023/24: 38%). The average time to conclude the Constructive Engagement with firms was 13 months (2023/24: eight months) after the decision had been made to resolve the case through Constructive Engagement, and 17 months (2023/24: 13 months) after the corresponding CA case had been opened. A number of Constructive Engagement cases were kept open until the remedial actions had been sufficiently embedded or quality improvements had been sufficiently demonstrated by firms in subsequent audits, which can impact the average time taken to conclude cases.

Across the 12 cases where Constructive Engagement was concluded, the most common accounting areas were:

Provisions (three cases): These cases presented issues such as insufficient evidence and challenge in relation to the valuation of provisions, failure to adequately assess the competence, capabilities and objectivity of management's expert and significant movements in provision balances, which raised questions of possible prior period restatements.
Impairment (three cases): These cases presented issues such as insufficient audit procedures performed and evidence obtained over the appropriateness of impairment provisions, inadequate procedures to corroborate and challenge cash flow forecasts supporting management's impairment assessments, and insufficient audit procedures performed to assess the fair value and recoverable amount of assets – and therefore the validity and accuracy of impairment reversals.

The most common issues were:²⁴

Lack of challenge of management and professional scepticism (seven cases): Lack of procedures performed to corroborate and challenge key management assumptions in several judgemental areas, including provisions, payables, revenue forecasts and intangible assets, and familiarity bias resulting in an overreliance on the prior year audit approach.
Insufficient audit procedures performed (six cases): Insufficient audit procedures due to audit team over-reliance on previous audit work undertaken, insufficient risk assessment and insufficient guidance available to audit teams.
Insufficient coaching, supervision and review (six cases): Insufficient involvement of the Audit Partner and Engagement Quality Reviewer (EQR) or involvement late in the audit process, lack of clarity on the role and responsibilities of the EQR, a lack of senior focus on audit areas perceived to be less complex, insufficient coaching for preparers of complex audit work and insufficient documentation of reviewer challenge.

Most cases resolved through Constructive Engagement cases were identified through AQR inspections

Examples of remedial actions included:

Providing training in the areas of effective review, risk assessment and auditing estimates.
Developing or enhancing guidance and methodology in the areas of auditing estimates, banking and IFRS 9, materiality and EQR.
Enhancements to firm-wide resourcing processes, guidance and tools.
Enhancing communications and training focusing on auditor mindset and biases, including assumed knowledge and overconfidence bias.
Establishment of KPIs and other outcome measures to assess the effectiveness of remedial action, for example, in embedding existing firm-wide frameworks.
Undertaking targeted hot reviews and/or central monitoring to assess implementation and effectiveness of remedial actions, for example, the quality of work performed using new working papers and the appropriateness of work allocation.

While each case is considered on its own merits, to illustrate the type of Constructive Engagement activity undertaken, two anonymised examples are set out below.

Case A

We made enquiries of a firm regarding its FY2021 audit of a public interest entity (PIE). Our main focus was the firm's approach to auditing expected credit losses.

An AQR inspection of the FY2021 audit identified that the audit team performed insufficient procedures and obtained insufficient evidence to assess the appropriateness of the impairment provision and whether the audit team's independent calculation was sufficiently precise.

As part of the approach to Constructive Engagement, the Supervisor team reviewed the firm's root cause analysis and a sample of working papers from the FY2023 audit of the entity.

The Constructive Engagement process resulted in:

The firm improving the quality of its audit procedures and challenge of management in relation to its audit of the impairment provision.
Establishment of a firm-wide specialist group to support audit teams for all AQR-scope audits where credit risk is a significant risk.
An improvement plan to strengthen methodologies, training and investment in audit quality.
Updating relevant testing plans, methodology, guidance documents and workbooks.
The delivery of training to audit team members in relation to auditing expected credit losses.

The firm established a firm-wide specialist group to support audit teams for all AQR-scope audits where credit risk is a significant risk

We made enquiries of a firm regarding its FY2021 audit of a public interest entity (PIE). Our main focus was the firm's approach to auditing expected credit losses.

As part of the approach to Constructive Engagement, the Supervisor team reviewed the firm's root cause analysis and a sample of working papers from the FY2023 audit of the entity.

The Constructive Engagement process resulted in:

The firm improving the quality of its audit procedures and challenge of management in relation to its audit of the impairment provision.
Establishment of a firm-wide specialist group to support audit teams for all AQR-scope audits where credit risk is a significant risk.
An improvement plan to strengthen methodologies, training and investment in audit quality.
Updating relevant testing plans, methodology, guidance documents and workbooks.
The delivery of training to audit team members in relation to auditing expected credit losses.

The firm established a firm-wide specialist group to support audit teams for all AQR-scope audits where credit risk is a significant risk

Case B

A listed company failed to include the necessary post balance sheet disclosures that were relevant to the assessment of whether there was a material uncertainty in relation to going concern.

Our enquiries identified several deficiencies in the audit work performed in this and other aspects. These arose from a lack of awareness or understanding of PIE-specific and more general audit and financial reporting requirements; a lack of appropriate professional judgement being applied in the acceptance and continuance process; a lack of effective methodology and audit procedures, and insufficient understanding of requirements regarding documentation of key judgements.

The Constructive Engagement process resulted in the firm:

Establishing or enhancing its policies, procedures and audit programmes to better align with requirements of the ISAs (UK) and the Ethical Standard, including those that apply to PIE and listed audits, in various areas. These included: acceptance and continuance procedures, going concern (particularly assessing letters of support used to support the going concern assumption) and Engagement Quality Reviews under ISQM (UK) 2.
Delivering a range of training events to the audit practice, including on ISA (UK) 540 (the audit of estimates), ISA (UK) 570 (going concern), subsequent events and ethical requirements.

The firm enhanced its policies, procedures and audit programmes to better align with requirements of the ISAs (UK) and the Ethical Standard

Certain actions agreed as part of the Constructive Engagement process, which are designed to improve audit quality, are similar to the non-financial sanctions imposed at the conclusion of enforcement action. While Constructive Engagement outcomes do not amount to a sanction, and are currently not individually published, they can result in significant additional requirements for audit firms.

The process requires full and open cooperation by audit firms. During the year, we were generally satisfied with the level of cooperation and the timeliness of responses.

The value of Constructive Engagement also depends on the extent new measures are appropriately followed by audit teams in practice. This is monitored by a firm's dedicated Audit Firm Supervisor within the FRC's AFS team. Where appropriate, the Supervisors work with the FRC's AQR team to conduct follow-up activity. CA also monitors whether similar matters are identified in audits conducted by the same firms and recurring issues will be considered when deciding whether to refer a matter to the Conduct Committee to consider opening an investigation.

The extent to which new measures are appropriately followed by audit teams is monitored by a dedicated Audit Firm Supervisor

No further action

There were 28 cases closed in the year by the Case Examiner with no further action.

Of these, 22 involved statutory audit firms and statutory auditors that were considered under the AEP. We consider all such cases carefully to identify whether there may be underlying issues relevant to the work conducted by the statutory auditors. However, the information we examined did not support further enquiry into the audit. The reasons for this included one or more of the following:

We did not identify issues of concern such as financial reporting errors or misstatements in the entity's financial statements.
We did not identify a question as to a potential breach of auditing standards, or the matter was not considered to be sufficient to warrant further action.
There was ongoing supervisory work with the firm to address the issue.

The remaining six cases (all Scheme cases) were closed with no further action because there was insufficient evidence to demonstrate reasonable grounds to suspect Misconduct by the auditors, accountants or actuaries.

Where matters raised were outside of the FRC's remit, we directed complainants to other bodies that may be able to help. This year, the recipients of these referrals included the relevant Recognised Supervisory Bodies.

Oversight

For cases considered to be Referral Cases²⁵, the Case Examiner's recommendation of either Constructive Engagement, or no further action, is subject to additional internal assurance processes, which include referral to the Conduct Committee for a decision.

A summary including details such as the number, source and basis for cases opened, age profile of open cases, and number and outcome of cases closed in the period is reported to the Conduct Committee monthly.

Referral cases are subject to additional internal assurance processes, which include referral to the Conduct Committee for a decision

5. Investigations and Enforcement

Confidence in financial reporting, underpinned by high quality independent audit focused on the public interest, encourages investment, and drives growth for the benefit of society as a whole. Proportionate, risk-focused enforcement action contributes to the FRC's work in upholding such confidence through holding to account those who have fallen short to a serious or significant extent and through deterring similar behaviour.

The outcomes of enforcement activity, whether through targeted non-financial sanctions designed to prevent recurrence of breaches, or publication of breaches identifying their causes, have a key role in supporting and informing the vast majority of individuals and firms whose objective it is to deliver high quality. In these ways, enforcement outcomes contribute to the FRC's work as an improvement regulator enhancing the quality of financial reporting and audit.

Our approach to mandatory publications, including publication of outcomes, is one of the matters under consideration as part of E2E. This E2E review is considering governance structures, and decision-making processes to ensure that these continue to be efficient, effective and proportionate including in the context of their ability to deliver improvements in timeliness while continuing to meet regulatory objectives.

Investigations opened

Investigations opened in the year	2022/23	2023/24	2024/25
	10	6	8

8 investigations opened in the year

The Conduct Committee opened eight new investigations in the 12 months to 31 March

Seven were audit investigations under the AEP and one was an investigation into accountants under the Accountancy Scheme.

AEP investigations

The seven audit investigations concern a range of potential issues, including professional scepticism, audit planning, audit evidence and documentation, presentation and disclosure, revenue and revenue recognition, going concern, provisions, risk of fraud, compliance with the Ethical Standard and compliance with laws and regulations. Unusually, none²⁶ of the investigations followed referrals to the Case Examiner from the FRC's AQR team. This reflects the increased use of Constructive Engagement for some of the less serious breaches that have been identified as part of the AQR inspection process.

In line with the FRC's Publication Policies²⁷, not all investigations are announced at the outset, although if the case leads to enforcement action and the imposition of sanctions, the outcome will be published. The Conduct Committee makes the decision whether or not to announce a new investigation on a case-by-case basis. It will decide to announce if it considers publication is necessary in all the circumstances and that any potential prejudice to the subject in announcing an investigation is outweighed by the factors in favour of publication.

Five of the AEP investigations opened in the year have been announced.²⁸

Accountancy Scheme investigations

One investigation was opened under the Accountancy Scheme in 2024/25, which has been announced.

Actuarial Scheme investigations

No investigations were opened under the Actuarial Scheme in 2024/25.

Concluded cases

Outcome of investigations

	Closed with findings of Misconduct/ breaches and sanctions
Closed with no further action	Settlement	Independent Tribunal	Total
2024/25	2	9	-
2023/24	1	8	-
2022/23	7	11	1

9 concluded investigations resulting in sanctions

Eleven cases were concluded in the 12 months to 31 March 2025, including three legacy²⁹ cases opened in, or before, 2019/20³⁰ and two cases opened in 2023/24. For the fourth consecutive year, concluded cases exceeded the number opened in the same period, with a resultant decrease in the number of open investigations.

Cases concluded with sanctions

The FRC concluded nine investigations that resulted in sanctions being imposed on audit firms and individuals. The cases are listed below, and details of the facts, issues and points of note are set out in Appendix A.

Audit firm	Audited entity	Audit of the financial statements	Date Case Opened	Date of sanction
EY	Evraz plc	Year ended 31 December 2021	24 March 2023	23 May 2024
Crowe UK LLP	Akazoo Limited	Years ended 31 December 2016, 31 December 2017 and 31 December 2018	14 September 2021	23 August 2024
PwC	Wyelands Bank plc	Year ended 30 April 2019	15 June 2021	22 October 2024
EY	Stirling Water Seafield Finance plc	Year ended 31 December 2019	19 December 2022	12 December 2024
EY	Thomas Cook Group plc	Year ended 30 September 2018	27 September 2019	18 December 2024
EY	Thomas Cook Group plc	Year ended 30 September 2017	10 December 2019	18 December 2024
KPMG	Carr's Group plc	Year ended 28 August 2021	24 March 2023	25 February 2025
Accountant	Autonomy Corporation plc	Financial reporting between 1 January 2009 and 30 June 2011	1 January 2013	12 March 2024³¹
Accountant	Thurrock Council	Operations and investment activities for the financial years ended 31 March 2018 to 31 March 2022	23 November 2023	21 November 2024

We published six Final Settlement Decision Notices (FSDNs) in respect of AEP investigations, a Settlement Agreement in respect of the Autonomy investigation and a Particulars of Fact and Acts of Misconduct in respect of the Thurrock Council investigation (see Appendix A).

The range of cases reflected the wide scope of our enforcement work and the audits that fall within our remit. They included audits of FTSE 100 and FTSE 250 companies, an audit of a credit institution and an audit of a private limited company. Of the nine cases concluded with sanctions, two of the investigations had been opened following the relevant audit firm's self-reporting breaches of the FRC's Ethical Standard, underpinned by company law. Two investigations were opened as a result of information being provided by another regulatory body. The two investigations relating to Thomas Cook Group plc (Thomas Cook) had been opened following the entity entering into liquidation with significant amounts owed to individual investors, creditors and other stakeholders. One was opened as a result of horizon scanning by CA.

2 concluded investigations followed self reported breaches

Sanctions imposed under the Auditor Regulatory Sanctions Procedure³² and the Crown Dependencies' Recognised Auditor Sanctions Procedure³³ are not included in the Review as matters under these procedures are handled by AQR in conjunction with the Enforcement Committee.

Spotlight on the Ethical Standard

The Ethical Standard is an integral part of the suite of standards issued by the FRC to support delivery of high-quality audit and assurance work, along with ISQMs (UK) and ISAs (UK).³⁴ It is of central importance to ensuring integrity, objectivity and independence in audits.

While the professional bodies issue Codes of Ethics – including statements of fundamental ethical principles governing the work of all professional accountants – the FRC's Ethical Standard sets overarching principles and supporting ethical provisions for audit in both the private and public sectors.

The Ethical Standard is a Relevant Requirement in itself, and auditors are obliged, under ISA (UK) 200, to comply with it.³⁵ ³⁶

Responsibility for setting the Ethical Standards for auditor independence transferred from the professional bodies to the FRC³⁷ in 2004, in a government-led drive to improve the quality of audits, following financial scandals such as Enron and WorldCom. Since first being issued in 2004, there have been a number of iterations of the Ethical Standard, including significant revisions in 2009, 2016, 2019 and the current version published in

The revisions have enabled the Standard to keep up with developments in audit, align with international standards, respond to audit failures like BHS and Carillion and address issues that arise in the audit sphere (such as over-reliance on fees from entities controlled by a single party). Revisions to the Ethical Standard are also designed to ensure the requirements imposed are targeted and proportionate.

The Ethical Standard is vital to ensuring the independence of audits, which in turn drives confidence in audits and therefore trust in financial reporting essential ingredients for growth and a healthy capital market. The Ethical Standard is therefore fundamental to the FRC's purpose of serving the public interest and supporting economic growth.

Part A of the Ethical Standard sets out the overarching principles of integrity, objectivity and independence, together with supporting ethical provisions.

Part B sets out specific requirements relevant to certain circumstances that may arise in audit and other assurance engagements. The approach of the Ethical Standard is to focus on the identification and management of any potential threats to independence (including those from financial, business, employment and personal relationships; or through long association with engagements and entities related to engagements). Auditors must be alert to the risk of threats to independence, such as familiarity and self-interest, and provide safeguards to eliminate the threats or reduce them to an acceptable level. If such threats cannot be adequately mitigated, the engagement should not continue. The Ethical Standard also places requirements on firms to maintain proper systems, processes and record-keeping with respect to ethics.

The 'objective, reasonable and informed third party' test, applied by the Ethical Standard, is designed to make sure that auditors step back and consider the perceived risks of an engagement from the perspective of an objective outsider, for example, to consider the risk that acting in a certain way would lead an objective, reasonable and informed third party to conclude that the auditor's independence has been compromised.³⁸

The Ethical Standard is fundamental to the FRC's purpose of serving the public interest and supporting economic growth

Firms are obliged to report breaches of the Ethical Standard on a six-monthly basis to the FRC. The FRC's Supervision Division oversees the firm's compliance with the Ethical Standard and will consider the appropriate response to any breaches as part of its ongoing supervisory activities, including passing the matter to the Case Examiner to consider whether or not to refer the matter to the Conduct Committee.[^39]

Over the past decade, the FRC has investigated and sanctioned a number of firms and individuals for breaches of the Ethical Standard (some of which were self-reported and some identified by the FRC's other regulatory work). These cases include:

An audit firm's failure to ensure employees made timely disposal of shares in entities that the firm audits.
The appointment of recently retired senior audit firm employees (in the chain of command) accepting non-executive roles at audited entities.
Fees for non-audit services exceeding those for audit by a wide margin.
A contingency fee model for non-audit services (which is prohibited by the Ethical Standard).
A firm's loss of independence in relation to an audit, when it had provided non-audit services to the same audited entity, which posed an unacceptable self-review threat.
The provision of prohibited accounting services to listed audited entities.
Failures to document the reasoning behind the firm's decision to provide non-audit services, including documenting identified threats to independence, safeguards adopted and communications with those charged with governance.
Inadequacies in audit firms' control environments and policies and procedures in relation to the application of the Ethical Standard.

This year, four of the concluded cases involved sanctions for breaches of the Ethical Standard:

In EY's FY2018 audit of Thomas Cook, a lack of documentation regarding the independence of a member of the audit team (who had a long association with the audited entity and a long-standing and close business relationship with the Chief Financial Officer (CFO) of the audited entity) led to admitted breaches of the Ethical Standard 2016.
In EY's FY2021 audit of Evraz plc (Evraz), there were breaches of the 2019 Ethical Standard due to the firm exceeding the 70% fee cap on non-audit services.
In EY's 2019 audit of Stirling Water Seafield Finance plc (Stirling Water), there were breaches of the 2019 Ethical Standard at the firm and engagement level due to the firm exceeding the mandatory firm rotation (MFR) requirement.
In KPMG's 2021 audit of Carr's Group plc (Carr's), there were breaches of the 2019 Ethical Standard due to insufficient work to ensure the independence of a component audit firm.

More details of these cases can be found in Appendix A.

Six of the 27 open audit investigations concern potential breaches of the Ethical Standard.

4 concluded cases involved sanctions for breaches of the Ethical Standard

Closed cases

One investigation under the AEP and one under the Accountancy Scheme were closed without enforcement action, when it became apparent the threshold for taking enforcement action (including whether enforcement action was proportionate in all the circumstances) was not met.

Common issues from cases concluded in the year

Consistent with previous years, breaches sanctioned in concluded cases concerned failure to exercise professional scepticism, failure to obtain sufficient appropriate audit evidence and failures in audit documentation. However, cases concluded this year also included issues relating to the compliance with ethical requirements, compliance with laws and regulations; presentation and disclosure; and matters relating to going concern.

2 investigations closed without Enforcement action

Spotlight on Thomas Cook Group plc

The effective performance of an audit requires the auditor to adopt an enquiring mindset and to robustly challenge management. Similarly, an auditor must obtain sufficient appropriate audit evidence before drawing reasonable conclusions on which to base their opinion. Deciding how far to challenge management and the evidence to rely on are matters of judgment. In each case, however, the amount of work performed and the scrutiny applied to evidence, must reduce the audit risk to an acceptably low level. The Thomas Cook case examines these themes.

Goodwill impairment – what constitutes adequate challenge of management?

In both the FY2017 and FY2018 audit years, management's goodwill impairment model resulted in headroom across each of the Group's cash generating units (CGUs). In FY2017, in particular, there was significant headroom across all of the CGUs. The Auditor took comfort from the level of headroom in FY2017 and resolved that the impairment testing was not particularly sensitive to changes in the assumptions being made by Thomas Cook. Moreover, given the headroom generated under management's model, the Auditor concluded that any reasonable change in assumptions would not cause an impairment.

In all the circumstances, there was not adequate challenge of management's goodwill impairment model. The level of headroom in each of the CGUs was the product of the assumptions that had been made by management. The Auditor needed to understand and challenge the assumptions and estimates underlying the future cashflows in management's goodwill impairment model. This was necessary to ensure the purported headroom could be justified on an objective basis and to address the risk that the assumptions might be unreasonable. In fact, there was insufficient audit evidence to support the reasonableness of the cashflow assumptions.

Critical assumptions included projected revenue growth well in excess of that forecast by independent market experts. It was incumbent on the Auditor to challenge management as to how this growth would be achieved. For example, by assessing how realistic it was for Thomas Cook to increase passenger volumes and to assume customers would also pay increased prices.

In addition, there were certain aspects of Thomas Cook's profile that raised questions as to whether the growth forecast was reasonable. Its UK Tour Operator business was loss-making and the Group as a whole was only minimally profitable in FY2017 and made an overall loss in FY2018.

A further key feature of management's growth forecasts was the inclusion of significant projected cost savings. The Auditor should have challenged management to provide evidence to support the specific cost-saving measures. The Auditor needed to form a view on whether the cost-saving measures were practicable and how they had been quantified.

There was a clear risk that the forecasts were not reflective of the current state of the business and its ongoing performance. This was especially important when considering the risk to impairment of goodwill; the value attributed to goodwill was £2.6 billion that comprised approximately 40% of the Group's total assets.

In view of the risk factors and evidence available to the Auditor, significant further work and challenge of management was necessary to obtain reasonable assurance that the goodwill balance was not materially misstated.

Going Concern – evidence to properly form a view on whether a material uncertainty exists

Thomas Cook experienced a deterioration in its financial performance during FY2018. The Auditor concluded it was reasonable to expect Thomas Cook to recover during FY2019. Management's going concern assessment involved scenarios where the worst case was a repeat of the prior year performance. Avoiding breaches of covenants in this scenario relied on the availability of cost mitigations. The poor performance during the year had impacted the level of liquidity headroom. Management's going concern assessment indicated that, on the basis the forecast budget was met, it should not run out of cash.

These matters formed part of the basis for the Auditor's opinion that a material uncertainty did not exist relating to events and conditions that could cast doubt on Thomas Cook's ability to continue as a going concern. However, there was a considerable amount of information and contradictory audit evidence that was not properly considered by the Auditor. These matters, as outlined below, should have been carefully evaluated especially given the audit of going concern was identified as a significant audit risk.

Thomas Cook had a history of poor forecasting accuracy. This was inconsistent with management's approach of modelling sensitivities comprising flat levels of growth (rather than a decline in growth), which assumed a high degree of confidence in their forecasting accuracy and/or indicated possible management bias. However, even in this scenario, covenant headroom was barely above zero for part of the going concern period.
The Auditor should have challenged management to model a sensitivity that represented a decline in performance compared to FY2018. All of management's and the Auditor's sensitivities modelled better performance in the business for FY2019 than Thomas Cook's actual performance in FY2018. They were not therefore, ‘severe but plausible downside scenarios'.
The Auditor should have challenged management on the lower performance levels for the first month of FY2019, which were known before the FY2018 Auditor's Report was signed. Earnings before interest and taxes was down on the current budget and on prior year like-for-like results. The Auditor should have obtained details of how Thomas Cook planned to mitigate the poor performance and/or perform further modelling in light of those results.
The Auditor should have substantiated whether certain 'cashflow benefits' that were modelled by management were in fact likely to materialise and to improve Thomas Cook's net debt position.
The Auditor should have carried out sensitivity testing of cash/liquidity headroom where there was a decline in performance. In not properly considering these and other matters, the Auditor was not in a position to conclude to the level of reasonable assurance whether a material uncertainty existed. The Auditor's lack of scepticism was particularly serious given they had upgraded going concern to a significant audit risk in November

Accordingly, the Auditor should have applied even greater challenge and scepticism to the audit work in this area.

Ongoing cases at 31 March 2025

As of 31 March 2025, there were 32 open investigations.³⁹ Twenty-seven investigations concern audit and five concern professional accountants working in business.⁴⁰ This is a reduction not only in the number of investigations open at 31 March 2024 (35), but also in the number of very large and complex investigations. It results from our ongoing focus on timely conclusion of investigations, combined with a lower than average⁴¹ number of investigations opened during the year.

Of the 27 audit investigations, two are under the Accountancy Scheme and the remaining 25 under the AEP. Twenty-one have been announced and are included in the list of current enforcement cases on the FRC's website.⁴² These cover a wide range of financial statement areas and audit issues, including:

Our open investigations into audits cover a range of financial statement and audit issues

Financial statement areas	Audit issues
Goodwill	Understanding the control environment
Going concern	Audit planning
Presentation and disclosure	Application of professional scepticism and judgment
Cash	Group audits – including oversight of component auditors
Costs and liabilities	Compliance with the RSBs' Codes of Ethics and the FRC's Ethical Standard
Provisions	Audit documentation
Fixed asset impairments	Use of experts
Related party transactions	Setting of materiality levels
Revenue recognition
Compliance with laws and regulations
Fraud

The information gathered and relied upon by Enforcement for audit investigations continues to be primarily the audit files, communications, and interview evidence. We are seeing an evolution in the nature of communications evidence as firms rely on a wider variety of digital platforms used by audit teams which can provide a rich seam of evidence, often giving insight into how audits have been planned, monitored and reviewed that has not been fully captured on the audit file. In recent investigations, firms have also provided communication evidence not available elsewhere that has supported a firm's position that audit work was done, although not formally recorded. We remind firms to retain all forms of electronic communications as part of their compliance with the requirements of ISA (UK) 230.

Three of the five open Accountancy Scheme investigations concerning professional accountants working in business, are linked to audit investigations (some current; others concluded) and therefore concern many of the same issues. Of the five investigations, three have been announced and can be found in the list of current enforcement cases⁴³ on the FRC's website.

We remind firms to retain all forms of electronic communications in compliance with ISA (UK) 230

6. Sanctions

Introduction

We report in this section on the financial and non-financial sanctions that were imposed during the year. This includes both a summary of the key overall facts and trends, and the details of sanctions imposed in individual cases. Sanctions continue to be imposed in accordance with our published Sanctions Policy and Guidance.⁴⁴

Sanctions summary for FY2024/25

Numerous factors impact on the amount, number and nature of sanctions imposed in each year. Such factors include the number, nature and total amount of sanctions in the year and the financial strength/resources of those subject to sanction.

Sanctions were imposed in nine concluded cases this year, all of which were resolved by way of settlement. A settlement involving sanctions was also agreed with one subject in an investigation that remains ongoing against others.

This year the highest financial sanctions⁴⁵ were imposed on EY and a former Audit Engagement Partner in relation to the serious failures identified in the firm's audits of Thomas Cook (£6.6 million adjusted to £5.0 million after settlement discount) and on PwC and a former Audit Engagement Partner in relation to significant deficiencies identified in the firm's audits of Wyelands Bank plc (Wyelands Bank) (£4.6 million adjusted to £2.9 million after settlement discount). Together, these represented the major proportion of the overall figure, both before and after the application of settlement discounts (£11.2 million and £7.9 million against overall FY2024/25 figures of £14.5 million and £9.7 million respectively).

£14.5m financial sanctions imposed of (£9.7m after settlement discounts)

The remaining audit matters sanctioned during the year were:

KPMG's audit of Carr's (FY2021), where a financial sanction of £1.3 million was imposed on KPMG and an Audit Engagement Partner (adjusted to £0.7 million after settlement discount).
Crowe UK LLP's (Crowe)'s audit of Akazoo Limited (Akazoo) (FY2016-18), where a financial sanction of £1.1 million was imposed on Crowe and an Audit Engagement Partner (adjusted to £0.5 million after settlement discount).
EY's audit of Stirling Water (FY2019), where a financial sanction of £0.6 million was imposed on EY (adjusted to £0.4 million after settlement discount).
EY's audit of Evraz (FY2021) where a financial sanction of £321,000 was imposed on EY (adjusted to £251,000 after settlement discount).

The level of discounts awarded in accordance with the Sanctions Policy (AEP) in settled cases ranged from 22 to 45%,⁴⁶ reflecting differences in the timing of admissions made and the extent of mitigation (including cooperation). In Crowe's audit of Akazoo, the 'starting point' financial sanction was reduced from £1.0 million to £650,000 to take account of a separate penalty imposed by the US Securities and Exchange Commission (US SEC) in relation to conduct that formed part of the FRC's case.⁴⁷ Severe Reprimands were imposed on all audit firms and engagement partners, which were sanctioned this year, save for one case where a bare Reprimand was imposed on the relevant firm reflecting the relatively contained nature of the sanctioned breach.

In one ongoing Scheme case, an extensive suite of non-financial sanctions was imposed on a former audit senior manager who acted with sustained dishonesty over a five-year period, including (among other things) by forging Partner signatures on numerous audit reports, many that were subsequently filed at Companies House. As well as imposing a recommended 20-year exclusion from the ICAEW, the individual is also subject to a condition that they shall not undertake any accountancy work for the same period.⁴⁸ While such onerous restrictions are rarely imposed, the case highlights our preparedness to take such steps to secure our sanctioning objectives (such as protection of the public) when required.

In relation to Members who were professional accountants in business or actuaries in the year to 31 March 2025, a recommended five-year exclusion from the Association of Chartered Certified Accountants (ACCA) was imposed on one individual in relation to Thurrock Council's operations and investment activities for the financial years ended 31 March 2018 to 31 March 2022.

	2022/23	2023/24	2024/25
Total financial sanctions imposed:
– Pre-discount	£40.5m	£48.2m	£14.5m
– Post-discount	£28.5m	£33.1m	£9.7m
Number of financial sanctions imposed	22	17	11
Number of non-financial sanctions imposed	49	40	32
Of which:
Exclusions	4	2	2
Requirements and undertakings	10	6	7

Total financial sanctions. Bar chart showing pre-discount and post-discount financial sanctions for 2022/23, 2023/24, and 2024/25. 2022/23: Pre-discount £40.5m, Post-discount £28.5m. 2023/24: Pre-discount £48.2m, Post-discount £33.1m. 2024/25: Pre-discount £14.5m, Post-discount £9.7m.

Financial sanctions imposed on audit firms

During the year, six financial sanctions were imposed on audit firms in respect of six audit cases. Together they totalled £14.1 million prior to the application of any settlement discount.

As noted above, the audit case settlements that attracted the highest financial sanctions in the year relate to the failures in EY's audit of Thomas Cook's financial statements in respect of FY2017 and FY2018 (£6.6 million adjusted to £5.0 million after settlement discount), and the failures in PwC's audit of Wyelands Bank financial statements in respect of FY2019 (£4.6 million adjusted to £2.9 million after settlement discount).⁴⁹

£14.1m financial sanctions imposed on audit firms

The details of the Thomas Cook matter can be found at page

In summary, in relation to FY2017, EY failed to adequately challenge Thomas Cook's goodwill impairment model. For FY2018, EY concluded there was not a material uncertainty that cast doubt on Thomas Cook's ability to continue as a going concern, in circumstances where there were a number of matters that meant the firm was not in fact in a position to conclude to the level of reasonable assurance as to whether a material uncertainty existed.

PwC admitted breaches in respect of its FY2019 audit of Wyelands Bank (a PIE) in relation to six areas of the audit: risk assessment; auditing of the Bank's compliance with laws and regulations; auditing of the Bank's related party transactions; auditing of the Bank's assessment of going concern; auditing of the Bank's loans and advances; and auditing of the Bank's provision for expected credit loss.

| ICAEW

Total financial sanctions

A bar chart showing total financial sanctions (pre-discount and post-discount) over three financial years.

Year	Pre-discount (Millions £)	Post-discount (Millions £)
2022/23	40.5	28.5
2023/24	48.2	33.1
2024/25	14.5	9.7

Financial sanctions imposed on audit firms

During the year, six financial sanctions were imposed on audit firms in respect of six audit cases. Together they totalled £14.1 million prior to the application of any settlement discount.

In summary, in relation to FY2017, EY failed to adequately challenge Thomas Cook's goodwill impairment model. For FY2018, EY concluded there was not a material uncertainty that cast doubt on Thomas Cook's ability to continue as a going concern, in circumstances where there were a number of matters that meant the firm was not in fact in a position to conclude to the level of reasonable assurance as to whether a material uncertainty existed.

Financial sanctions – audit firms

A bar chart showing financial sanctions imposed on audit firms (pre-discount and post-discount) over three financial years.

Year	Pre-discount (Millions £)	Post-discount (Millions £)
2022/23	39.4	27.7
2023/24	47.2	32.4
2024/25	14.1	9.5

	2022/23	2023/24	2024/25
Number of financial sanctions against audit firms	9	8	6

Financial sanctions against Audit Partners

Total financial sanctions imposed on Audit Partners in the period to 31 March 2025 amounted to £0.4 million (£0.3 million after settlement discounts and/or mitigation).

Financial sanctions – Audit Partners

Financial sanctions imposed on Audit Partners consider a number of factors, including the seriousness of the breaches, as well as relevant aggravating and mitigating facts and circumstances (which may differ from those applicable to the Audit Firm).

A bar chart showing financial sanctions imposed on Audit Partners (pre-discount and post-discount) over three financial years.

Year	Pre-discount (Millions £)	Post-discount (Millions £)
2022/23	0.96	0.74
2023/24	1.02	0.70
2024/25	0.42	0.26

	2022/23	2023/24	2024/25
Number of financial sanctions against Audit Partners	10	9	5

Sanctions against firms and accountants in respect of non-audit matters

Sanctions were imposed on one individual in respect of non-audit matters this year, namely the former CFO of Thurrock Council. In that role he was responsible for the administration of the Council's financial affairs for the financial years ended 31 March 2018 to 31 March 2022 and the Misconduct arose from his implementation of a "debt for yield” approach during this period by which the Council borrowed significant sums of money on a short-term basis and used it to make long-term investments, some of which failed.

The admitted Misconduct included, among other things, a failure to report on and manage the risks inherent in this approach and the reckless provision of misleading information about the strategy. He was found to have breached several of the fundamental principles governing the conduct of accountants including those relating to integrity, professional behaviour, and professional competence and due care. His conduct was considered to be fundamentally incompatible with continued membership of his professional body (ACCA) and he was therefore excluded from that body for a recommended period of five years. A financial sanction was not imposed having taken into account his existing financial resources and future employment prospects.

Non-financial sanctions

Non-financial sanctions continue to form a key role in the enforcement toolkit, providing targeted support to supervisory activity, and reflecting our ongoing focus on the quality of financial reporting and audits in the context of the growth agenda.

In the interests of proportionality, such sanctions are imposed where necessary, rather than as a matter of course. While the overall number of such sanctions imposed fell this year it is notable that the number of conditions/requirements increased notwithstanding the lower number of cases concluded. This reflects our focus on forward-looking sanctions which are carefully tailored to the breaches identified.

As well as the imposition of Severe Reprimands and Declarations that audit reports did not satisfy certain Relevant Requirements, non-financial sanctions published in the year included:

A root-cause analysis report to be prepared and presented to the FRC identifying the reasons for the breach and actions taken since, including in response to the wider issue around EY's handling of the approval and assessment of non-audit services, identified in the FRC's 2023 Audit Quality Inspection and Supervision Report.
A requirement for Crowe to conduct a root cause analysis to explain the causes of the breaches, to identify any measures taken since to prevent reoccurrence and assess the effectiveness of those measures, including by reference to an agreed sample of audits.
An order requiring PwC to take specified action designed to prevent the recurrence of the contravention, namely to (1) carry out an assessment of the effectiveness of additional improvement measures identified in, or as a result of, the root cause analysis in addressing the specific shortcomings in that audit; and (2) provide a report which: (i) sets out the results of the assessment, and (ii) either identifies any further measures PwC intends to take to address the shortcomings, or explains why no such further measures are necessary.
An order requiring EY to take specified action designed to prevent the recurrence of the contravention, namely to: (1) conduct a bespoke review and produce a report in relation to a selection of audits determined by the FRC, to evaluate the audit work performed for goodwill impairment and going concern; and (2) assess the efficacy of remedial actions implemented by EY in preventing the recurrence of breaches and report to the FRC on any deficiencies identified and any further remedial steps to be implemented. EY was separately ordered to review its current training programmes designed for responding to risks to independence and propose any changes necessary to guard against the breaches.
An order requiring EY provide a root cause analysis report to be prepared and presented to the FRC identifying the reasons for the breach, actions taken since and any further remedial action proposed by the FRC to be implemented as necessary.
A requirement that KPMG review a representative sample of Statutory Audits involving component auditors outside KPMG's network and report to its FRC supervisor on whether compliance with the independence requirements in the Ethical Standard has been achieved.
The exclusion of an audit senior manager from the ICAEW for a recommended period of 20 years and a condition they shall not undertake any accountancy work for the same period.
Exclusion as a Member of ACCA for a recommended period of five years.

Non-financial sanctions are a key element of our role as an improvement regulator

Number of non-financial sanctions	2022/23	2023/24	2024/25
Severe Reprimands	19	17	12
Reprimands	-	-	1
Exclusions	4	2	2
Conditions/requirements	9	6	7
Undertakings	1	-	-
Declarations	16	15	10
Total	49	40	32
Number of cases resolved with findings⁵⁰	12	8	9
Number of parties sanctioned⁵¹	23	18	12

Non-financial sanctions

A stacked bar chart showing the number of non-financial sanctions by type over three financial years.

Sanction Type	2022/23	2023/24	2024/25
Declarations	16	15	10
Undertakings	1	0	0
Condition/requirements	9	6	7
Exclusions	4	2	2
Reprimands	0	0	1
Severe Reprimands	19	17	12

7. Timeliness

We have noted in previous Reviews our longstanding commitment to timely investigative and enforcement action, to the extent operative factors are within our control. This continues to result in material improvements to our performance in this area with both KPIs met for the third consecutive year and the 2-year KPI exceeded by a significant margin. These results were achieved in the context of a further year of consolidation and a reduction in headcount.

In addition to continuing to seek improvements in timeliness of our investigations, timeliness is one of the matters under consideration as part of E2E. This E2E review is considering governance structures, and decision-making options, to ensure that these continue to be efficient, effective and proportionate including in the context of their ability to deliver improvements in timeliness throughout the process, from Case Assessment through to publication of outcomes, while continuing to meet regulatory objectives.

Time to service of PFC, IR or settlement or closure (if earlier)

For 2024/25, we report against the following KPIs:

12-year KPI: A period of two years between notification of the commencement of an investigation and service of either the PFC or IR (or closure or settlement if sooner) in 50% of cases in a financial reporting period (1 April to 31 March). In 2024/25, we achieved this in 90% of applicable cases and therefore exceeded the KPI by a significant margin.

23-year KPI: A period of three years between notification of the commencement of investigation and service of either the PFC, IR (or closure or settlement if sooner) in 80% of cases in a financial reporting period (1 April to 31 March). In 2024/25, we achieved this in 87% of cases and therefore exceeded the KPI.⁵²

KPI reporting

2-year 50% KPI

Ten investigations were opened between 1 April 2022 and 31 March 2023 and were measured against the 2-year 50% KPI. This year, 90% of investigations achieved their 2-year KPI. The table below sets out our performance against this measure.

90% of cases met their 2-year KPI

	Number of cases
PFC/IR served (or case concluded without PFC/IR) within two years	9
PFC/IR not served/case not otherwise concluded within two years due to:
Delays due to need to replace external advisers (legal Counsel)	1
Total	10

Delays caused by the need to replace external advisers meant it was not possible to meet the KPI in one case.

The table below sets out our performance over the past three years.

Financial year KPI falls due	2022/23	2023/24	2024/25
Percentage of cases meeting the 2- year KPI	75%	53%	90%

The year 2024/25 was the fourth consecutive year where we met the 2-year 50% KPI target.

3-year 80% KPI

Fifteen investigations were opened between 1 April 2021 and 31 March 2022 and fell to be measured against the 3-year 80% KPI. This year, 87% of cases achieved their 3-year KPI. The table below sets out our performance against this measure.

87% of cases met their 3-year KPI

	Number of cases
PFC/IR served (or case concluded without PFC/IR) within three years	13
PFC/IR not served/case not otherwise concluded within two years due to:
Delays due to need to replace external advisers (independent expert)	1
Complexity/size of case	1
Total	15

As noted in the table above, delays due to the need to replace external advisers and the exceptional size and complexity of the matters under investigation meant that it was not possible to achieve the 3-year KPI in two cases.

The table below sets out our performance over the past three years against this metric and shows that we have exceeded the 3-year KPI in each of these years.

Financial year KPI falls due	2022/23	2023/24	2024/25
Percentage of cases meeting the 3- year KPI	86%	88%	87%

Average time to service of PFC, IR (or closure or settlement if earlier)

The average length of time for cases reaching this milestone during the year is set out in the table below.

	2022/23	2023/24	2024/25
Number of cases where PFC/IR issued (or settled/closed, if earlier)	19	10	19
Average length of time to issuance of PFC/IR (or settlement/closure, if earlier) (in months)	34	25	28

It is noted that there are two remaining Legacy Cases, if they were excluded from this year's figures, the average length of time to issuance of PFC/IR/other resolution would have been 26 months.

Time to complete a case

The table below sets out average case lengths of cases that concluded this year and in the previous two years.

	2022/23	2023/24	2024/25
Average length of cases referred to Tribunal (months)	42	-	-
(Number of cases)	(1)	(-)	(-)
Average length of cases, excluding cases delayed for extraneous reasons, concluded as a result of settlement or service of undisputed Decision Notice (months)	31	37	33
(Number of cases)	(9)	(6)	(8)
Average length of all cases concluded as a result of settlement or service of undisputed Decision Notice (months)	35	42	45
(Number of cases)	(11)	(8)	(9)
Average length of cases closed with no further action (months)	48	9	27
(Number of cases)	(7)	(1)	(2)

As indicated in the first row of the above table, no cases were concluded at Tribunal stage for the second consecutive year.

No cases were concluded through Tribunal proceedings

The second row excludes cases delayed for extraneous reasons: in 2024/25, the settlement of the Autonomy case was stayed for a number of years pending the outcome of US criminal proceedings; in 2023/24, the settlement of two large and complex matters arising out of KPMG's audit of Carillion; and in 2022/23, the settlement of two investigations that were delegated to the ICAEW. As the Institute was not in a position to provide us with draft IRs within the agreed timeframe, there were consequential delays in reaching settlement with the Respondents. Excluding cases delayed for such reasons, the average length of cases concluded as a result of settlement or service of an undisputed Decision Notice in the year would have been 33 months.

The third row includes cases delayed for extraneous reasons. The average length of all cases concluded as a result of settlement or service of an undisputed Decision Notice in the year for was 45 months.

The final row of the table relates to two matters that were closed following Executive Counsel's decision that no enforcement action should be brought.

Average age of cases open at year end

The table below sets out the number and average age of cases that remain open at the year end, over the last three years. It shows the average age has increased slightly this year, in part due to a lower number of investigations opened in the last two years than in previous years, resulting in a smaller proportion of cases in their early stages in the overall case portfolio.

	2022/23	2023/24	2024/25
Number of cases open at year end	38	35	32
Number of cases opened in year	10	6	8
Average age of cases open at year end (in months)	23.8	28.8	29.0
Average age of cases open at year end excluding case paused due to parallel proceedings (in months)	20.3	24.5	27.5

The data shown below relates to the age profile of our cases at year end compared with year end 2023/24.

We have continued to make significant progress in resolving Legacy Cases with three such matters closed during the year (the year of opening of those matters ranging from 2012/13 to 2019/20). Two Legacy Cases remain open; one remains on hold pending resolution of parallel proceedings, while the other case is the large and complex Carillion investigation into Members in Business under the Accountancy Scheme.

3 legacy cases were closed during the year

Year investigation opened (to 31 March)	2013	2018	2019	2020	2021	2022	2023	2024	2025	Total
Cases open at 1 April 2024	1	1	1	2	3	12	9	6	-	35
Cases closed in year	1	-	-	2	-	3	3	2	-	11
Cases open at 31 March 2025⁵³	-	1	1	-	-	3	9	6	4	32

8. Looking forward

Systems and controls

Introduction

The transition from ISQC (UK) 1 to ISQM (UK) 1 represents a significant shift in the approach to quality management for firms that perform audits, reviews of financial statements and other assurance or related services engagements.

ISQC (UK) 1

ISQC (UK) 1, introduced in June 2005, focused on establishing and maintaining a system of quality control within firms. It required firms to have policies and procedures in place to ensure their engagements were performed in accordance with professional standards and regulatory requirements.

Since then, ISQC (UK) 1 has undergone several revisions to adapt to the changing landscape of audit and assurance services, key updates include:

June 2016: This update aimed to address emerging challenges in the audit profession and improve the effectiveness of quality control systems within firms. It included enhancements to policies and procedures related to leadership responsibilities, ethical requirements and engagement performance.
November 2019: This revision further refined the quality control framework, incorporating feedback from various stakeholders and addressing new regulatory requirements.

These revisions reflect the evolving nature of the audit profession and the increasing complexity of business environments.

Enforcement cases resolved where ISQC (UK) 1 breaches were admitted include the following:

Investigation 1

The primary breach in each of two audit years was the failure during the audit acceptance and continuance processes to ultimately identify (and so conduct the audits on the basis) that the entity was a PIE because although it had not listed its shares, it had listed bonds on the London Stock Exchange debt market. This failure led directly to further breaches of Relevant Requirements, including, in both years, provision of prohibited non-audit services and a failure to ensure that an Engagement Quality Control Review was performed before the Audit Report was signed, a breach of ISQC (UK) 1, paragraph 36R-1.

Investigation 2

The firm failed to take responsibility for ensuring an appropriate control environment that placed adherence to ethical principles and compliance with Ethical Standards and requirements above commercial considerations. In particular, its policies and procedures relating to compliance were defective, as well as being inadequately implemented and monitored. It failed to adequately resource its Ethics team and it did not have an appropriate enforcement regime whereby individual breaches of Ethical Standards were identified. The failures were repeated and prolonged over a course of three years and resulted in numerous breaches of Ethical Standards and requirements by the firm's partners and employees. These failings led to breaches of paragraphs 20, 21, 21(a), 48 and 49 of ISQC (UK) 1.

ISQM (UK) 1 represents a significant shift in the approach to quality management

Investigation 3

A former senior partner in a firm joined the Audit Committees of two entities that, at the time, were audit clients of the firm, while he was also engaged by the firm to provide services under a consultancy agreement. This created serious familiarity and self-interest threats and resulted in the loss of independence in respect of eight audits over the course of four years.

It was in this context that widespread and serious inadequacies in the control environment of one of the firm's offices over the period were identified, as well as firm-wide deficiencies in policies and procedures relating to retiring partners. These failings represented breaches of paragraphs 20 and 21 of ISQC (UK) 1.

Investigation 4

A firm's conduct fell significantly short of the standards to be reasonably expected of a Member Firm under the Accountancy Scheme, as it failed to ensure that a senior statutory auditor would be sufficiently competent in all material aspects of the audit services so that their conduct would not fall significantly short of the standards to be reasonably expected of a Member undertaking the role of statutory auditor for the entity. The firm also failed to ensure the audit team possessed sufficient skill and experience to undertake the audit competently and that the non-partner members of the audit team were sufficiently supervised in the conduct of the audit to ensure those services were performed in accordance with professional standards and regulatory and legal requirements. These failings led to breaches of paragraphs 28(b), 42(b), 44, 46 and 49 of ISQC (UK) 1.

Investigation 5

A firm failed to establish policies and procedures designed to provide it with reasonable assurance that the firm maintained independence where required by relevant ethical requirements. In particular it failed to establish policies and procedures that require the accumulation and communication of relevant information to appropriate personnel so that the firm and its personnel can readily determine whether they satisfy independence requirements, in breach of the obligation in paragraph 22(c)(i) of ISQC (UK) 1. In addition, the firm failed to assess whether the conditions for the duration of the audit engagement in accordance with the EU Audit Regulation were complied with, before continuing with the engagement for the FY2019 Audit, in breach of paragraph 27R-(2)(b) of ISQC (UK) 1.

A number of resolved cases included admitted breaches of ISQC (UK) 1

Summary

In each case, the Respondents failed to implement, monitor and/or enforce adequate policies, procedures and processes in relation to quality control. These failings allowed partners, employees and/or firms to breach Relevant Requirements in relation to independence, skill and competence, and/or review of work performed.

In many of these cases, had the quality control systems been effective and in compliance with ISQC (UK) 1, the ISA (UK) breaches found in relation to the specific audits would have likely been prevented. It was only during the course of investigation of the specific audits in most of these cases that the wider system and control failures came to light. In other words, it took the specific audit failures to occur before the failings in the quality control processes were identified and addressed.

New approach of ISQM (UK) 1

ISQM (UK) 1, which came into effect for periods commencing on or after 15 December 2022, represents a fundamental change in how audit and assurance firms approach quality management. The change from a quality control to a quality management perspective signifies an evolution from reactive quality checks to a proactive, comprehensive and risk-based approach to quality management.

The new standard mandates firms to establish a system of quality management that includes policies and procedures addressing eight components of quality management, ranging from the firm's risk assessment processes to monitoring and remediation activities.

ISQM (UK) 1 requires firms to take a risk-based approach; to identify and respond to risks that could affect the quality of their engagements. This approach encourages firms to consider both the nature and circumstances of their engagements and of the firm, and to tailor their quality management efforts accordingly. It is a shift that acknowledges the diverse and nuanced challenges faced by different firms, promoting scalability and flexibility.

Moreover, ISQM (UK) 1 places a greater emphasis on the role of leadership and governance in embedding a quality-oriented culture within the firm. Leaders are explicitly tasked with promoting an environment where quality is foundational and where all personnel understand and are engaged in their role in maintaining quality.

In terms of practical changes, ISQM (UK) 1 demands more rigorous processes for monitoring the effectiveness of the quality management system and for taking timely and appropriate actions when issues are identified.

There are as yet no concluded cases that include breaches of ISQM (UK) 1.

Future of Audit Firm Supervision

As explained in our Annual Plan and Budget and three-year strategy, the Future of Audit Supervision Project is undertaking a comprehensive review to evolve our Audit Supervision regulatory model. Our regulatory process will reflect the current and future challenges of the audit market as well as embrace the emerging opportunities in the market. There will continue to be a need for robust inspection and for the FRC to report on the performance of firms for public and investor interest. However, our Supervision team will also leverage the tools that already exist to enable firms to take greater ownership and accountability of their continuous improvement journey, such as their own systems of quality control and assurance (ISQM (UK) 1). The programme is considering the opportunities presented by the new standard of quality management (ISQM (UK) 1), the balance of types of supervisory activity and engagement between different groups of firms in the audit market, and the proportionality of supervisory focus between a Responsible Individual and an audit firm's leadership and management. We are engaging with all those involved in the UK audit landscape on how we can implement a regulatory approach fit for the future. Following targeted outreach in the spring and summer, we will be holding further conversations and engagement with stakeholders later this year.

In many cases, had the quality control systems been effective the ISA breaches would have likely been prevented

End-to-End Enforcement Process Review

E2E is another major ongoing project. As stated in our Annual Plan and Budget, the project will review, consult on and refresh our end-to-end enforcement processes and procedures, from initial CA to publication of outcomes. It will consider governance structures, decision-making processes and operational efficiency and effectiveness (including approaches adopted by analogous independent regulatory authorities). As such, the project straddles the work of Supervision, Enforcement and our Legal Services team. The aim is to make sure that our procedures and processes continue to be efficient, effective and proportionate (including in terms of offering a graduated range of regulatory responses). Proposals will be considered in the context of their ability to deliver improvements in timeliness while continuing to meet regulatory objectives. Targeted stakeholder engagement has already taken place and further outreach is expected in the Autumn, including formal consultation where appropriate.

Appendix A – summary of cases concluded and published with sanctions in 2024/25

EY/Evraz plc/AEP 54

On 23 May 2024, a FSDN was issued following admissions of a breach of Relevant Requirements by EY in relation to the statutory audit of the financial statements of Evraz plc (Evraz) for FY2021.

Sanctions imposed in respect of the breach, which arose from EY exceeding the 70% fee-cap on non-audit services, consisted of: disgorgement of profits, a financial penalty, a reprimand and a package of non-financial sanctions designed to prevent recurrence of the breach.

Points to note

This was the first FRC Enforcement case involving a breach of the 70% fee-cap on non-audit fees under the 2019 Ethical Standard.
It was also the first matter where a sanction involving disgorgement of profits was imposed.

Facts

Evraz is a multi-national mining group, headquartered in Moscow but incorporated in London and listed as a FTSE 100 company (its shares were suspended from trading in March 2022). EY has audited Evraz since its initial 2011 UK listing until it resigned as auditor in November 2022, following the imposition of new UK Government sanctions against Russia.

In FY2021, EY carried out non-audit work in connection with a proposed disposal of Evraz's coal-related interests. The work related to the provision of working capital reporting, assistance with correspondence with the Financial Conduct Authority, and a comfort letter.

The 2019 Ethical Standard imposes restrictions on the amount of non-audit services an audit firm may provide to a PIE. The cap on non-audit work is 70% of the average of the fees paid to the audit firm over the previous three consecutive years. The cap applies at both network level (e.g. members of the global EY network) and at firm level (EY LLP). EY LLP tested the fee ratio at network level but not at firm level, and so accepted and carried out non-audit work in breach of the 70% fee cap. The total fees for the non-audit work amounted to $535,000, significantly exceeding 70% of the average audit fee for the preceding three years ($280,00). The breach was discovered when EY was asked to carry out further non-audit services in

At that point EY conducted an analysis and identified the breach. EY disclosed the breach in an application to the FRC to grant a fee-cap waiver in order to carry out this further non-audit work. The request was denied, and EY formally reported the breach to the FRC in October 2021 as part of its biannual reporting on breaches of ethics requirements, as required by the 2019 Ethical Standard.

Since the imposition of sanctions, EY has provided a report to the FRC that identifies the cause of the breach and steps taken to prevent recurrence.

Issues

The firm accepted breaches of the 2019 Ethical Standard:

'When the audit firm... provides to a public interest entity that it audits, its parent undertaking or its controlled undertakings, non-audit services...(b) the total fees for such services provided by the audit firm shall be limited to no more than 70% of the average of the fees paid to the audit firm in the last three consecutive financial years for the audit(s) of the audited entity...'

Outcome

The following sanctions were imposed on EY:

A financial sanction comprising: i) £121,305 in respect of disgorgement of profits earned on fees in excess of the fee-cap; and ii) an additional £200,000 component. The additional component was discounted by 35% for admissions and early settlement to £130,000, so the total financial sanction was £251,305.
Non-financial sanctions as follows:
- A published statement in the form of a Reprimand.
- A root-cause analysis report to be prepared and presented to the FRC.
- Any further remedial action as proposed by the FRC to be implemented as necessary.

The disgorged sum represented the profits on non-audit work that EY earned from Evraz, over and above the fee cap, which it would not have earned had it complied with the 2019 Ethical Standard.

EY UK also paid the costs of Executive Counsel's investigation.

Since the imposition of sanctions, EY has provided a report to the FRC that identifies the cause of the breach and steps taken to prevent recurrence.

Issues

The firm accepted breaches of the 2019 Ethical Standard:

'When the audit firm... provides to a public interest entity that it audits, its parent undertaking or its controlled undertakings, non-audit services...(b) the total fees for such services provided by the audit firm shall be limited to no more than 70% of the average of the fees paid to the audit firm in the last three consecutive financial years for the audit(s) of the audited entity...'

Outcome

The following sanctions were imposed on EY: * A financial sanction comprising: i) £121,305 in respect of disgorgement of profits earned on fees in excess of the fee-cap; and ii) an additional £200,000 component. The additional component was discounted by 35% for admissions and early settlement to £130,000, so the total financial sanction was £251,305. * Non-financial sanctions as follows: * A published statement in the form of a Reprimand. * A root-cause analysis report to be prepared and presented to the FRC. * Any further remedial action as proposed by the FRC to be implemented as necessary. The disgorged sum represented the profits on non-audit work that EY earned from Evraz, over and above the fee cap, which it would not have earned had it complied with the 2019 Ethical Standard. EY UK also paid the costs of Executive Counsel's investigation.

Crowe UK LLP/Akazoo Limited/AEP

On 13 August 2024, a FSDN was issued following admissions of breaches of Relevant Requirements by Crowe UK LLP (Crowe) and the Audit Engagement Partner in relation to the statutory audit of the financial statements of Akazoo Ltd (Akazoo) for FY2016, FY2017 and FY2018.

Points to note

Breaches of Relevant Requirements were admitted in each of the three audit years relating to: * Failing to obtain a sufficient understanding of the business and the control environment and insufficient consideration of the risks of misstatement due to fraud. * Failing to obtain sufficient audit evidence relating to revenue and (in FY2018 only) failing to properly audit the implementation of the relevant accounting standard, IFRS 15. * Failures in the process of obtaining external confirmations of debtor balances and a failure to obtain sufficient audit evidence relating to the settlement of those balances. * Failing to maintain professional scepticism. * Failing to prepare adequate audit documentation recording the audit procedures performed, evidence obtained and conclusions reached. Further, in each of the audits, the Audit Engagement Partner failed to properly take responsibility for the direction, supervision and performance of the Audits as they failed to identify key audit risks and ensure appropriate procedures were performed and evidence obtained, and to provide assurance over those risks.

Facts Akazoo was a private limited company that purported to operate an online music streaming service, reporting significant growth and revenues exceeding €100 million in

In September 2019, Akazoo merged with a Special Purpose Acquisition Company, resulting in the formation of Akazoo SA, whose shares were listed on NASDAQ. In April 2020, an activist hedge fund alleged Akazoo was a fraudulent business with minimal revenue, few customers and no active streaming operations. Following these allegations, Akazoo SA initiated an internal investigation, which revealed that former management had materially misrepresented the company's business operations and financial results over multiple years. Akazoo SA was then delisted from NASDAQ in June
In September 2021, the SEC charged Akazoo with fraud and Akazoo ultimately settled, agreeing to pay $38.8 million in disgorgement to harmed investors. Consequently, the FRC initiated an investigation to determine whether Crowe and the Audit Engagement Partner had complied with Relevant Requirements.

Issues

The FRC identified several significant issues in Crowe's audits of Akazoo's financial statements: * Insufficient understanding and risk assessment: the audit team failed to gain an adequate understanding of Akazoo's business and control environment, neglecting to properly assess the risks of material misstatement due to fraud. * Inadequate audit evidence: there was a lack of sufficient audit evidence concerning revenue recognition. Specifically, in FY2018, the auditors did not appropriately audit the implementation of IFRS 15, the relevant accounting standard for revenue from contracts with customers. * Deficiencies in external confirmations: the process for obtaining external confirmations of debtor balances was flawed and the auditors failed to gather adequate evidence regarding the settlement of these balances. * Lack of professional scepticism: the auditors did not exercise the necessary professional scepticism, which is crucial for detecting potential fraud and ensuring audit quality. * Inadequate audit documentation: there was a failure to prepare sufficient audit documentation that recorded the procedures performed, evidence obtained and conclusions reached, compromising the audit's integrity and reliability. The breaches were not intentional, dishonest, deliberate nor reckless, but they were serious and spanned three audit years. Due to poor audit execution and a lack of professional scepticism, the auditors were ill-equipped to identify what appears to have been serious fraud perpetrated by management throughout the relevant period. Additionally, Crowe's unqualified audit opinions were relied on to support Akazoo's NASDAQ listing and the breaches thus contributed to substantial loss suffered by investors. The standards found to have been breached in the matters covered by FSDN were: * ISA (UK) 200: (Overall objectives of the independent auditor and the conduct of an audit in accordance with International Standards on Auditing (UK)). * ISA (UK) 220: (Quality control for an audit of financial statements). * ISA (UK) 230: (Audit documentation). * ISA (UK) 240: (The auditor's responsibilities relating to fraud in an audit of financial statements). * ISA (UK) 315: (Identifying and assessing the risks of material misstatement through understanding the entity and its environment). * ISA (UK) 500: (Audit evidence). * ISA (UK) 505: (External confirmations). * ISA (UK) 550: (Related parties). * ISA (UK) 580: (Written representations). * IFRS 15: (Revenue from contracts with customers).

Outcome

The following sanctions were imposed on Akazoo: * A financial sanction of £650,000 reduced from £1.0 million to take account of a separate penalty imposed by the US Securities and Exchange Commission (US SEC) and further discounted for admissions and early disposal by 30% to £455,000. * Non-financial sanctions, comprising: * A published statement in the form of a Severe Reprimand. * A Declaration that the FY2016, FY2017 and FY2018 audit reports signed on behalf of Crowe did not satisfy the Relevant Requirements. * An order requiring Crowe to conduct a root cause analysis to explain the causes of the breaches and to identify any measures taken since to prevent reoccurrence. * An order requiring Crowe to assess the effectiveness of those measures, including by reference to an agreed sample of audits. The following sanctions were imposed on the Audit Engagement Partner: * A financial sanction of £75,000, reduced from £100,000, to take account of a separate penalty imposed by the SEC and further discounted for admissions and early settlement by 30% to £52,500. * Non-financial sanctions, comprising: * A published statement in the form of a Severe Reprimand. * A declaration that the FY2016, FY2017 and FY2018 audit reports signed by the Audit Engagement Partner did not satisfy the Relevant Requirements. The Respondents paid a sum of £500,000 towards the Executive Counsel's costs of the investigation.

MiB/Autonomy plc/Accountancy Scheme

In March 2024, a Settlement Agreement was approved by an Independent Tribunal following admissions of Misconduct by a former CFO of Autonomy Corporation plc (Autonomy). The Misconduct related to the Respondent's conviction for fraud offences while CFO of Autonomy during the period FY2009 to FY2011, under proceedings commenced by the United States Department of Justice.

Points to note

Executive Counsel agreed to a stay of their disciplinary proceedings in November 2018, pending the outcome of the criminal process involving the Respondent in the USA. At the same time, the Respondent agreed by consent to an Interim Order of the Independent Tribunal suspending their membership of the ICAEW.
Following a final outcome in the criminal proceedings in the USA, Executive Counsel and the Respondent applied to lift the stay in order to enter into a Settlement Agreement.
The agreed Misconduct under the Settlement Agreement related solely to the Respondent's conviction for fraud offences in the parallel criminal proceedings decided in the USA. The Respondent accepted that their criminal conviction was conclusive evidence of Misconduct. They further accepted that such conduct was in breach of the Fundamental Principle of the ICAEW Code of Ethics to act with integrity.
The Respondent was excluded for a total period of 20 years.

Facts Autonomy's principal business was the development and licensing of software. It was a member of the FTSE 100 with a peak market capitalisation of £4.4 billion as at July

In October 2011, Autonomy was acquired by a subsidiary of Hewlett Packard for approximately $11 billion. In February 2013, the FRC's Conduct Committee opened an investigation into the Respondent, and others, in relation to Autonomy's published financial reporting between 1 January 2009 and 30 June
The FRC's investigation was carried out contemporaneously with parallel criminal and civil investigations, together with litigation in the UK and the USA, and involved assessing large quantities of evidence gathered from external parties in the USA, as well as in the UK. In May 2018, a Formal Complaint was served on the Respondent. Allegations of Misconduct were made, including in respect of the Respondent's conduct in preparing and approving Autonomy's Annual Report and Accounts for the years ended FY2009 and FY2010. As referred to above, that Formal Complaint was stayed in November 2018 to enable the Respondent to effectively engage in appeal proceedings following their conviction for fraud offences in the USA. The Respondent was convicted of (a) conspiracy to commit wire fraud, (b) wire fraud and (c) securities fraud. It was found that they had engaged with others in: 'a fraudulent scheme to deceive

Issues

purchasers and sellers of [Autonomy] securities about the true performance of Autonomy's business, its financial condition, and its prospects for growth'.⁵⁷

Interim Suspension

The matters to which the Respondent was indicted under the criminal proceedings in the USA, if proven, would have amounted to Misconduct. The Accountancy Scheme provides that, if a Member is convicted of an offence which would have constituted a criminal offence had the matter been prosecuted in the United Kingdom, such conviction shall be conclusive evidence of Misconduct by the Member. The Independent Tribunal noted that the Respondent was right to accept that an interim suspension of their membership of the ICAEW was required following their first instance conviction in the USA. Further, that if the Respondent did not overturn all of the convictions for dishonesty on appeal, they would be excluded as a Member of the ICAEW. The Interim Order of Suspension was therefore appropriate to maintain public confidence in the accountancy profession, to uphold proper standards of conduct and to meet the public interest.

Settlement

The Respondent's appeal against their criminal conviction in the USA was not successful. In view of the significant overlap of subject matter between the Allegations in the Formal Complaint and the findings made pursuant to the criminal conviction in the USA, Executive Counsel did not consider that it was in the public interest for an Independent Tribunal to decide upon those Allegations. Executive Counsel agreed terms of settlement with the Respondent, relying on the criminal conviction in the USA alone to establish Misconduct.

Outcome

The following sanctions were imposed on the Respondent: * Exclusion from membership of the ICAEW for a recommended period (including the period covered by the Interim Suspension) amounts to 20 years in total. This was a very serious case of Misconduct. The Misconduct was dishonest, deliberate and gave rise to criminal liability. It was so damaging to the wider public and market confidence in the standards of conduct of Members and in the accountancy profession, that a long period of exclusion was necessary to protect the public and safeguard the public interest. The Respondent was ordered to pay financial penalties of approximately $10 million following their criminal conviction. In view of that, and in accordance with the Accountancy Scheme Sanctions Guidance, Executive Counsel did not consider it would be proportionate or necessary, in light of the aims and objectives of the Accountancy Scheme, to impose any fine on the Respondent. The Respondent paid Executive Counsel's costs of the investigation.

PwC/Wyelands Bank plc/AEP

On 22 October 2024, a FSDN was issued following admissions of breaches of Relevant Requirements by PwC and the Audit Engagement Partner in relation to the statutory audit of the FY2019 financial statements of Wyelands Bank plc (Wyelands Bank).

Points to note

PwC and the Audit Engagement Partner admitted multiple breaches of Relevant Requirements in relation to six different areas of the audit. The breaches primarily stemmed from a single common cause, the failure of the audit team to properly understand Wyelands Bank's lending, and adequately consider the risks posed by its actual and potential exposure to related parties. The significance of these issues is highlighted by the fact that the related party disclosures note in the FY2019 financial statements was materially restated in FY2020 by the addition of £21.0 million in outstanding loans and £7.0 million in income. The audit team also failed to appreciate and act on the escalating level of concern expressed by the Prudential Regulation Authority (PRA) about Wyelands Bank's sustainability. In addition, the audit team failed to exercise appropriate professional scepticism in relation to a number of aspects of the audit. The breaches were particularly serious because they had the potential to adversely affect a significant number of people in the United Kingdom, because Wyelands Bank's lending activities were largely funded by deposits from retail customers. At the FY2019 year-end, Wyelands Bank held £727.0 million in customer deposits from more than 15,000 UK public savers.

Facts Wyelands Bank had been in existence since 1980, but was acquired by a new beneficial owner in December

As a result, it became part of the Gupta Family Group Alliance (GFG Alliance), an unconsolidated group of companies under common ownership, operating in a number of industries including steel, aluminium and renewable energy. By FY2019, Wyelands Bank's business was mainly in trade finance, primarily invoice discounting and an estimated 84% of its business had been introduced by companies in the GFG Alliance, which were related parties so far as Wyelands Bank was concerned. PwC was appointed as statutory audit firm for Wyelands Bank from FY2015 and continued in that role after the change of ownership. As a credit institution, Wyelands Bank was a PIE for audit purposes. The FY2019 audit opinion was signed in July
In September 2019, the PRA required Wyelands Bank to limit its exposures to related parties due to concerns that Wyelands Bank had an unacceptable concentration of risk. By March 2020, Wyelands Bank had stopped entering into new credit transactions

Issues

and commenced a wind down of its business. In March 2021, the PRA required Wyelands Bank to repay its depositors, which it has done. It is not alleged that the breaches by PwC and the Audit Engagement Partner caused or contributed to the closure of Wyelands Bank, and there was ultimately no loss to depositors. The breaches of Relevant Requirements in the FY2019 audit concerned six areas: audit risk assessment, audit of Wyelands Bank's compliance with laws and regulations, audit of Wyelands Bank's related party transactions, audit of Wyelands bank's assessment of going concern, audit of Wyelands Bank's loans and advances and audit of Wyelands Bank's provision for Expected Credit Loss. The standards found to have been breached in the matters covered by FSDN were: * ISA (UK) 200 (Overall objectives of the independent auditor and the conduct of an audit in accordance with international standards on auditing). * ISA (UK) 220 (Quality control for an audit of financial statements). * ISA (UK) 230 (Audit documentation). * ISA (UK) 250 Section A (Consideration of laws and regulations in an audit of Financial Statements). * ISA (UK) 315 (Identifying and assessing the risks of material misstatement through understanding the entity and its environment). * ISA (UK) 500 (Audit evidence). * ISA (UK) 505 (External confirmations). * ISA (UK) 540 (Auditing accounting estimates, including fair value accounting estimates, and related disclosures). * ISA (UK) 550 (Related parties). * ISA (UK) 570 (Going concern).

Outcome

The following sanctions were imposed on PwC: * A financial sanction of £4.5 million, adjusted by 5% for mitigation and a further 32.5% for admissions and early disposal to £2,885,625. * Non-financial sanctions, comprising: * A published statement, in the form of a Severe Reprimand. * A Declaration that the relevant audit report signed on behalf of PwC did not satisfy the Relevant Requirements. * An order requiring PwC to take the following action that is designed to prevent the recurrence of the contravention:

Carry out an assessment of the effectiveness of improvement measures identified by PwC in, or as a result of, a root cause analysis in addressing the specific shortcomings in the audit (the relevant additional improvement measures and the manner of the assessment having been agreed by the FRC in advance).
Provide a report (the 'Report') which: (i) sets out the results of the assessment, and (ii) either identifies any further measures that PwC intends to take to address the shortcomings or explains why no such further measures are necessary.

* Provide any further information or report, in connection with or as a result of the Report, as required by the FRC. The following sanctions were imposed on the Audit Engagement Partner: * A financial sanction of £55,000 adjusted by 10% for mitigation and a further 32.5% for admissions and early disposal to £33,412. * Non-financial sanctions, comprising: * A published statement, in the form of a Severe Reprimand. * A Declaration that the relevant audit report signed on behalf of PwC did not satisfy the Relevant Requirements. The Respondents also paid Executive Counsel's costs of the investigation.

MiB/Thurrock Council/Accountancy Scheme

On 21 November 2024, a settlement was approved following admissions of Misconduct by an individual in relation to their role in the operations and investment activities of Thurrock Council for FY2018 to FY2022.

Points to note

The individual was the CFO of Thurrock Council during the relevant period and was responsible for the administration of the Council's financial affairs. The individual admitted five allegations of Misconduct in relation to the implementation of a 'debt for yield' approach, by which the Council borrowed large sums of money on a short-term basis and used it to make longer-term investments, some of which failed. The most serious allegations concerned: failure to adequately manage and report on the risks inherent in the 'debt for yield' approach, even though it had been highlighted at an early stage by the Council's external treasury management advisers; failure to comply with the relevant statutory framework by not reporting that the Council was acting inconsistently with the relevant Code of Practice and statutory guidance; and failure to act with integrity by recklessly providing misleading information to Council members in relation to controversial aspects of the approach. The admitted Misconduct spanned a period of about five years and involved significant breaches of several fundamental principles governing the conduct of accountants. The individual held a senior supervisory position with fiduciary responsibility in respect of public funds. The Misconduct caused the loss of significant sums of money and adversely affected a large number of people. It also undermined confidence in the standards of conduct of the accounting profession generally. Events at the Council had already been the subject of considerable official scrutiny, including a statutory Best Value Inspection (BVI) ordered by the Secretary of State for Levelling Up, Housing and Communities. Given the public interest in achieving a swift and proportionate resolution of this matter, the FRC investigation focused on a number of specific instances of Misconduct apparent from the enquiries that had already been made, including the BVI. This is the first time that the FRC has imposed sanctions on a local authority CFO, or anyone working in local government finance.

Facts

In October 2017, Thurrock Council formally approved an Investment and Treasury Management Strategy document, which set out the 'debt for yield' approach. Under this approach, short-term borrowing and investments eventually exceeded £1 billion, more than six times the Council's annual budget. A number of the investments ran into difficulties from 2020, and the Council subsequently reported that the investment portfolio had lost more than a quarter of its value.

In September 2022, the Secretary of State appointed Commissioners to run the Council because of concerns around the 'debt for yield' approach and associated governance issues. In December 2022, the Council gave notice that its expenditure was likely to exceed its resources in that financial year, and extraordinary financial support was received from Central Government. In addition to agreed support in excess of £343 million, the Council has needed to make significant increases to Council Tax bills, as well as cutting services and has reported ongoing uncertainty as to the long-term financial position.

Issues

The individual's conduct fell significantly short of the standards reasonably to be expected of a member of their professional body (ACCA), in that they: * Failed to comply with restrictions on the exercise of delegated authority. * Failed to comply with the relevant statutory framework. * Failed to ensure that the Council had access to the necessary skills and experience. * Failed adequately to manage and report on the risks arising. * Recklessly provided misleading information to Council members, and therefore to the public. The relevant standards of conduct are the Fundamental Principles of Professional Competence and Due Care, Professional Behaviour and Integrity, as set out in the ACCA Code of Professional Ethics and Conduct.

Outcome

The following sanctions were imposed on the individual: * Exclusion as a Member of the ACCA for a recommended period of five years. * A Severe Reprimand. As a result of the Exclusion, the individual is no longer eligible to serve as CFO of a local authority.

EY/Stirling Water Seafield Finance plc/AEP

On 12 December 2024, a FSDN was issued following admissions of breaches of Relevant Requirements by EY and the Audit Engagement Partner in relation to the statutory audit of the financial statements of Stirling Water Seafield Finance plc (Stirling Water) for the year ended 31 December 2019 (FY2019).

Points to note

The breaches admitted concerned the requirements for audit firm rotation, commonly known as mandatory firm rotation (MFR), that are fundamental to ensure demonstrable independence of the statutory audit firm and Statutory Auditor. * EY failed to identify that it was ineligible to undertake the FY2019 Audit in breach of company law and the separate ethical obligation to comply with those statutory requirements. EY identified and reported the ethical breach to the FRC. * There were significant failings in relation to MFR requirements at both firm and engagement level, which led to the breach of MFR occurring. The Respondents failed to ensure appropriate procedures regarding continuance of the audit engagement had been followed. EY also failed to comply with its quality control obligations in relation to independence requirements. * The Respondents provided a good level of co-operation as required but not the exceptional level of co-operation that would amount to a positive mitigating factor. The size and financial strength of EY, the third-largest audit firm in the UK, was a relevant consideration when deciding the level of sanction against EY.

Facts

Stirling Water is a financing company and a wholly owned subsidiary of a UK parent company. It issues bonds to raise funds for the other group companies. The bonds issued by Stirling Water have been listed on the Main Market of the London Stock Exchange since July 2002. EY were appointed as auditors of Stirling Water in 2009, without a public tender process. They remained the statutory audit firm of Stirling Water for all financial years up to and including FY2019, without a public tender in any subsequent period. EY resigned the engagement for the FY2020 Audit on 29 April 2021.

Issues

The issues raised in this case were serious because MFR is an integral legal safeguard to provide assurance (and to support trust and confidence in UK corporate reporting and audit) that statutory audit firms and statutory auditors are demonstrably independent, by either rotating off a PIE audit engagement after ten years or taking part in a public tender to retain the audit. EY and the Audit Engagement Partner admitted breaches of Relevant Requirements in relation to the MFR requirements.

The Respondents conducted the FY2019 Audit even though EY had exceeded the maximum ten-year engagement period for audits of a PIE, without renewal via a qualifying public tender. EY failed to identify it was ineligible in breach of the statutory requirements and the separate obligation in the Ethical Standard to comply with those requirements. EY failed to establish policies and procedures that accumulate and communicate information about the duration of the engagement. EY failed to assess, before accepting the audit engagement in relation to FY2019, whether it satisfied the ten-year requirement. The Respondents failed to form an appropriate conclusion as to the MFR requirements that applied to the FY2019 Audit and therefore failed to ensure that the auditor's report was appropriate in all the circumstances. The statute and standards found to have been breached in the matters covered by FSDN were: * Sections 489C and 494ZA of the Companies Act 2006. * Article 17 of the EU Audit Regulation. * ISA (UK) 200 (Overall objectives of the independent auditor and the conduct of an audit in accordance with international standards on auditing). * ISA (UK) 220 (Quality control for an audit of financial statements). * ISQC (UK) 1 (Revised June 2016)⁶¹ (Quality control for firms that perform audits and reviews of financial statements, and other assurance and related services engagements). * The Ethical Standard 2016.

Outcome

The following sanctions were imposed on EY: * A financial sanction of £500,000, discounted for admissions and early disposal by 35% to £325,000. * Non-financial sanctions, comprising: * A published statement, in the form of a Severe Reprimand. * A Declaration that the FY2019 Audit Report signed on behalf of EY did not satisfy the Relevant Requirements. * An order requiring a root cause analysis report to be prepared and presented to the FRC identifying the reasons for the breach and the actions taken since, along with any further remedial action proposed by the FRC to be implemented as necessary. The following sanctions were imposed on the Audit Engagement Partner: * A financial sanction of £50,000 discounted for admissions and early disposal by 35% to £32,500.

Non-financial sanctions, comprising:
- A published statement, in the form of a Severe Reprimand.
- A Declaration that the FY2019 Audit Report, signed by the Audit Engagement Partner, did not satisfy the Relevant Requirements. The Respondents paid Executive Counsel's costs of the investigation.

EY/Thomas Cook Group plc/AEP

This comprises two investigations.⁶²⁶³ On 18 December 2024, a FSDN was issued following admissions of breaches of Relevant Requirements by EY and the Audit Engagement Partner in relation to the statutory audits of the financial statements of Thomas Cook Group plc (Thomas Cook) for FY2017 and FY2018.

Points to note

Breaches were admitted across two core areas of the FY2017 and FY2018 audits: * Goodwill (for FY2017 and FY2018). * Going concern (for FY2018). A breach was also admitted in relation to a failure to adequately consider a risk to EY's independence for FY2018.

Goodwill impairment

The goodwill balance amounted to £2.6 billion and comprised approximately 40% of Thomas Cook's total assets for both FY2017 and FY2018. It was necessary that the Respondents approached this audit area with sufficient scepticism to properly challenge and corroborate the assumptions and estimates in support of management's goodwill impairment model. The Respondents failed to do so for either of the FY2017 or FY2018 audits. The failings for the audit of goodwill in FY2018 are particularly serious given Thomas Cook's deteriorating trading performance, which presented the heightened risk that the goodwill balance for the UK Tour Operator (UKTO) cash generating unit may have been impaired.

Going concern

Going concern in FY2018 was rightly identified as a significant audit risk, however, the procedures performed by the Respondents in response were inadequate and there were serious audit failings as a result. The Respondents failed to adequately challenge management with regards to sensitivity testing and liquidity headroom and, on the basis of the evidence obtained, they were not in a position to properly conclude whether a material uncertainty existed. Given the known issues concerning Thomas Cook's forecasting accuracy and liquidity headroom, significant further work should have been performed by the Respondents, particularly in light of Thomas Cook's deteriorating trading performance and the issues identified with its forecast covenant compliance.

Facts

Thomas Cook was a prominent FTSE 250 listed company describing itself as one of the world's leading travel groups. From May 2018, it experienced a

Issues significant fall in financial performance, which continued during

Thomas Cook issued interim financial statements for the six months ended 31 March 2019 on 16 May 2019 in which management prepared revised forecasts for the full year, and the directors decided to fully impair goodwill in the UKTO, resulting in goodwill of over £1 billion being written off. The financial statements also included a 'material uncertainty related to going concern' paragraph in EY's Independent Review Report. The company entered into liquidation in September 2019, less than 12 months after the date of the 2018 Audit Report. While the FRC did not allege that the goodwill balance was misstated (and/or should have been impaired) or that the going concern accounting basis should not have been adopted, the failings were nonetheless serious. In both FY2017 and FY2018, the Respondents did not obtain reasonable assurance that the financial statements were not misstated. There was information available that indicated a particularly high risk in FY2018 that the goodwill balance may have been impaired. Given the risk of misstatement, the breaches had the potential to harm public confidence in the standards of conduct in statutory audit. The failures (which in respect of goodwill impairment were repeated over two audit years) included areas such as risk assessment, performance of audit procedures to obtain and evaluate audit evidence, disclosures and communication with those charged with governance. They also included a failure to adequately consider a risk to independence. They are serious in particular given: * In relation to goodwill impairment, there were certain aspects of Thomas Cook's profile that raised questions as to whether the growth forecast was reasonable. The UKTO business was loss-making and the Group as a whole was only minimally profitable in FY2017 and made an overall loss in FY2018. In these circumstances, the Respondents should have rigorously assessed the critical assumptions in support of management's impairment model, including revenue growth in excess of market forecasts and material uncorroborated cost saving plans. * In relation to going concern, the Respondents did not model a scenario that represented a decline in performance as compared to FY2018. All of the sensitivities modelled better performance in the business for FY2019 than Thomas Cook's actual performance in FY2018. Even under these scenarios, covenant headroom was barely above zero percent for part of the going concern period. Given the known issues with management's poor historical forecasting accuracy, the Respondents should have applied greater challenge and scepticism in this area. * In relation to independence, a partner from another division within EY who had a long association with Thomas Cook joined the audit team in 2018. That individual exerted direct influence over the FY2018 audit pursuant to their involvement in the audit of going concern. The Respondents failed to properly consider whether this situation amounted to a familiarity threat

within the meaning of the FRC Ethical Standard. However, there are no findings of an actual loss of objectivity or lack of integrity on the part of EY or any of its employees or partners.

The standards found to have been breached in the matters covered by the FSDN were:

ISA (UK) 200 (Overall objectives of the independent auditor and the conduct of an audit in accordance with international standards on auditing).
ISA (UK) 220 (Quality control for an audit of financial statements).
ISA (UK) 230 (Audit documentation).
ISA (UK) 260 (Communication with those charged with governance).
ISA (UK) 315 (Identifying and assessing the risks of material misstatement through understanding of the entity and its environment).
ISA (UK) 330 (The auditor's responses to assessed risks).
ISA (UK) 500 (Audit evidence).
ISA (UK) 540 (Auditing accounting estimates, including fair value accounting estimates and related disclosures).
ISA (UK) 570 (Going concern).
ISA (UK) 700 (Forming an opinion and reporting on financial statements).
The Ethical Standard 2016.

Outcome

The following sanctions were imposed on EY:

A financial sanction of £6.5 million, adjusted by 25% for admissions and early disposal to £4.875 million.
Non-financial sanctions, comprising:
- A published statement, in the form of a Severe Reprimand.
- A Declaration that the relevant Audit Reports signed on behalf of EY did not satisfy the Relevant Requirements.
- An order requiring EY to take specified action designed to prevent the recurrence of the contravention, namely to: (1) conduct a bespoke review and produce a report in relation to a selection of audits determined by the FRC, to evaluate the audit work performed for goodwill impairment and going concern; and (2) assess the efficacy of remedial actions implemented by EY in preventing the recurrence of breaches and report to the FRC on any deficiencies identified and any further remedial steps to be implemented. EY was separately ordered to review its current training programmes designed for responding to risks to independence and propose any changes necessary to guard against the breaches.

The following sanctions were imposed on the Audit Engagement Partner:

A financial sanction of £140,000 adjusted by 25% for admissions and early disposal to £105,000.
Non-financial sanctions, comprising:
- A published statement, in the form of a Severe Reprimand.
- A Declaration that the relevant Audit reports signed on behalf of the individual did not satisfy the Relevant Requirements.

The Respondents paid Executive Counsel's costs of the investigation.

KPMG/Carr's Group plc/AEP65

On 25 February 2025, a FSDN was issued following admissions of breaches of Relevant Requirements by KPMG and the Audit Engagement Partner (Respondents) in relation to the Statutory Audit of the consolidated financial statements of Carr's Group plc (Carr's) for the financial year ended 28 August 2021 (FY2021) (the Audit).

Points to note

The Respondents relied on the work of a component auditor, outside the KPMG network, for the purposes of the Audit. Accordingly, the Respondents were obliged, by paragraph 1.47 of the FRC's 2019 Ethical Standard to obtain sufficient appropriate evidence and be satisfied that the component auditor was independent of each entity relevant to the engagement.

The following ethical requirements were not complied with in FY2021:

The component Statutory Auditor in FY2021 had held that role for more than five years. Accordingly, paragraph 3.10 of the 2019 Ethical Standard prohibited him from participating as a Key Audit Partner (KAP) in the Audit.
The component Statutory Audit Firm provided to the component entity non-audit services of the type prohibited by paragraphs 5.71 and 5.120(a) of the 2019 Ethical Standard.

In these circumstances, the Audit Engagement Partner should not have signed the FY2021 Audit Report, on behalf of KPMG, whilst placing reliance on the work of the component Statutory Audit Firm.

The FSDN does not allege any breaches of relevant requirements by the component Statutory Auditor. Nor does it call into question the substantive audit work conducted by KPMG or the component Statutory Audit Firm.

Facts

Carr's is the parent company of a corporate group operating in the agriculture and engineering sectors. In FY2021 it was listed on the main market of the London Stock Exchange and was a PIE for the purposes of, among other matters, the application of the FRC's Revised Ethical Standard 2019 (the 2019 Ethical Standard).

Carr's FY2021 financial statements were prepared as group financial statements and incorporated the financial results of subsidiaries, joint ventures and associates of Carr's. These included an associate referred to herein as the 'component'.

The component's financial statements were audited by a separate Statutory Audit Firm outside the KPMG network.

The Respondents relied on the work of the component auditor for the purposes of the FY2021 Statutory Audit of Carr's. As a result, the Respondents were required by paragraph 1.47 of the 2019 Ethical Standard (in accordance with Supporting ethical provision A2.4) to obtain sufficient appropriate evidence and be satisfied that the component Statutory Audit Firm was independent of each entity relevant to the engagement. ⁶⁴ Press notice: Sanctions against KPMG and an Audit Engagement Partner

Issues

Because the Respondents intended to rely on the work of the component Statutory Audit Firm, the component Statutory Auditor was a KAP (as defined in the 2019 Ethical Standard). FY2021 was the component Statutory Auditor's sixth year in the role of component Statutory Auditor, exceeding the five-year participation limit for KAPs (2019 Ethical Standard paragraph 3.10).
In FY2021 the component Statutory Audit Firm provided to the component certain tax and accountancy services. Such non-audit services were prohibited in the event the Respondents relied on the work of the component Statutory Audit Firm for the purposes of the Audit (paragraphs 5.71 and 5.120(a) of the 2019 Ethical Standard).

Although in FY2021 the Respondents engaged with the component Statutory Audit Firm in relation to the applicable independence and ethical requirements, the Respondents failed to take any, or any proper, account of information that was given to them by the component Statutory Audit Firm regarding that firm's independence and compliance with ethical requirements.

The issues raised in this case were therefore serious. Furthermore, the Respondents missed a number of opportunities to establish the relevant facts and the non-compliance with the 2019 Ethical Standard.

The Respondents accepted that they were in breach of the following Relevant Requirements:

KAP participation: Paragraph 1.47 (in conjunction with A2.4) of the 2019 Ethical Standard, ISA 600.11 and ISA 600.19(a);
Provision of accounting services by the component Statutory Audit Firm: Paragraph 1.47 (in conjunction with A2.4) of the 2019 Ethical Standard, ISA 600.19(a) and ISA 600.42; and
Provision of tax services by the component Statutory Audit Firm: Paragraph 1.47 (in conjunction with A2.4) of the 2019 Ethical Standard, ISA 600.19(a) and ISA 600.42.

Outcome

The following sanctions were imposed on KPMG:

A financial sanction of £1.25 million, discounted for exceptional cooperation by 15% and further discounted for admissions and early disposal by 35% to £690,625.
Non-financial sanctions, comprising:
- a published statement, in the form of a Severe Reprimand.
- a Declaration that the FY2021 Audit Report did not satisfy the Relevant Requirements.
- a Requirement that KPMG shall, in respect of UK PIE statutory audits involving component auditors outside of KPMG's network, review a representative sample of such files, agreed with Executive Counsel and its FRC Supervisor and report to its FRC Supervisor within 6 months of the FSDN, on whether compliance with the independence requirements in the FRC's Ethical Standard has been achieved in those cases and, in cases of non-compliance, the action subsequently taken. The scope and process of the review shall be agreed with Executive Counsel and the firm's Supervisor. The firm's Supervisor may extend the reporting period for an additional year if the results of the review indicate that there have been failures to comply with the independence requirements in the FRC's Ethical Standard, or if the Supervisor has concerns about the review work carried out.

The following sanctions were imposed on the Audit Engagement Partner:

A financial sanction of £70,000, discounted for exceptional cooperation by 15% and further discounted for admissions and early disposal by 35% to £38,675.
Non-financial sanctions, comprising:
- a published statement, in the form of a Severe Reprimand.
- a Declaration that the FY2021 Audit Report did not satisfy the Relevant Requirements.

Notably, the Respondents provided an exceptional level of cooperation during the investigation, including:

self-reporting breaches of Relevant Requirements.
volunteering additional information which had not been specifically requested, in order to advance the case team's understanding of the facts.

The Respondents paid Executive Counsel's costs of the investigation.

The FRC does not accept any liability to any party for any loss, damage or costs, however arising, whether directly or indirectly, whether in contract, tort or otherwise from action or decision taken (or not taken) as a result of any person relying on or otherwise using this document or arising from any omission from it.

© The Financial Reporting Council Limited 2025 The Financial Reporting Council Limited is a company limited by guarantee. Registered in England number 02486368. Registered Office: 13th Floor, 1 Harbour Exchange Square, London, E14 9GE

Financial Reporting Council

London office: 13th Floor, 1 Harbour Exchange Square, London, E14 9GE

Birmingham office: 5th Floor, 3 Arena Central, Bridge Street, Birmingham, B1 2AX

+44 (0)20 7492 2300 www.frc.org.uk

Year ended 31 March 2025. ↩
No investigations into actuaries were opened during the year. ↩
A period of two years between the notification of an investigation and service of either the Proposed Formal Complaint or Investigation Report (or closure or settlement if sooner). Further details can be found in Chapter 7 of this Review. ↩
A period of three years between the notification an investigation and service of either the Proposed Formal Complaint or Investigation Report (or closure or settlement if sooner). Further details can be found in Chapter 7 of this Review. ↩
The Case Examiner determines that a matter is a Referral Case if they consider a decision to take no further action, or to pursue Constructive Engagement in respect of it, may be contentious, high-profile or may risk undermining confidence in the FRC's (or the wider) regulatory regime. ↩
Under the revised Audit Enforcement Procedure (June 2023). ↩
The Conduct Committee may reconsider the Case Examiner's decision to take no further action or to arrange Constructive Engagement in certain circumstances. ↩
Paragraph 10A Guidance for the Case Examiner. ↩
In certain circumstances a case may be delegated to the appropriate Recognised Supervisory Body to conduct the investigation. ↩
Audit Firm Supervision. ↩
Full time equivalent. ↩
Who can the FRC investigate and act against? ↩
Statutory publication obligations exist for the AEP. There is a presumption that such outcomes will be published under the Schemes (unless not in the public interest). ↩
'Referral Case' has the meaning given in the Guidance for the Case Examiner, which took effect on 30 June 2023. When the Case Examiner considers that a decision to take no further action or to pursue Constructive Engagement may be contentious, high-profile or may risk undermining confidence in the FRC's (or the wider) regulatory regime, the case is referred to the Conduct Committee, which will decide on the appropriate course of action. ↩
The enquiries and outcomes data comprises all cases passing through the CA process, including all audit matters dealt with under the AEP, and all Scheme matters referred to the Conduct Committee. ↩
The source category refers to the method a matter first came to the FRC's attention. It may be that matters we identify through horizon scanning activities are also subsequently the subject of complaints or external referrals. ↩
The time and progression of the matter is dependent on third party information. ↩
CA cases are closed when (i) they are referred for investigation by the Conduct Committee or (ii) the decision is taken by the Case Examiner (or by the Conduct Committee for Referral Cases) that the matter be resolved through Constructive Engagement or no further enquiry work needs to be undertaken. Individual CA outcomes are not published, except where they lead to the opening of investigations and in accordance with the Publication Policies, it is considered appropriate to announce that investigation. ↩
This figure includes eight investigations opened, as well as one continuation case added to an existing investigation. ↩
On 1 April 2023, the effective date of the CA restructuring, 10 cases were transferred to the Supervisor team within AFS. These were cases where the Constructive Engagement process was in progress. Therefore, the appropriate prior period comparative is 18 Constructive Engagement cases. ↩
No further action means no further enforcement action and that CA, where appropriate, pass the relevant information to other areas of the FRC, such as the Supervisor of a particular firm, to consider further supervisory action outside of enforcement. ↩
This figure includes eight new investigations opened and one case where an existing investigation was extended to a further audit year. ↩
Guidance for the Case Examiner (AEP), paragraphs 13 to 15 outline where a case may be suitable for Constructive Engagement. ↩
There may be multiple underlying issues connected to a single case. ↩
Where the Case Examiner considers a decision to take no further action or to pursue Constructive Engagement may be contentious, high-profile or may risk undermining confidence in the FRC's (or the wider) regulatory regime. ↩
In 2023/24, two investigations were opened following AQR referrals; in 2022/23, three investigations were opened following AQR referrals. ↩
Publication Policy (Accountancy and Actuarial Schemes), Publication Policy (Audit Enforcement Procedure) ↩
As a comparison, one AEP investigation was announced in 2023/24 and eight in 2022/23. Investigations that have been announced can be found at FRC investigations. ↩
A legacy case is one which has been open for five years or more. ↩
FRC year ended 31 March 2020. ↩
Following the death of the remaining subject, the FRC's disciplinary proceedings were terminated, and the case was closed on 6 September 2024. Prior to that date, a sanction was imposed on the CFO and a statutory director at Autonomy on 12 March 2024. ↩
The Auditor Regulatory Sanctions Procedure covers failures to comply with the Regulatory Framework for Auditing of major local audits. These are principally local authorities and health bodies other than NHS Foundation Trusts. Sanctions imposed under the Auditor Regulatory Sanctions Procedure ↩
Under the Crown Dependencies' Recognised Auditor Sanctions Procedure, the Audit Quality Review team has inspected a Recognised Auditor registered in one of the Crown Dependencies of Guernsey, the Isle of Man and Jersey. ↩
The Ethical Standard also applies to other public interest assurance engagements, such as assurance work on investment circulars, interim reviews under ISRE 2410 and client money engagements under CASS, as well as some other classes of assurance engagement, when following assurance standards issued by the FRC. ↩
Para 14 of ISA (UK) 200: The auditor shall comply with relevant ethical requirements, including those pertaining to independence, relating to financial statement audit engagements. (Ref: Para. A16-A19). ↩
Global firms must also apply the International Ethics Standards Board for Accountants (IESBA) code to all accountancy work. ↩
The first Ethical Standards were set by the Auditing Practices Board (APB) an operating board, which has since been assimilated into the FRC. ↩
Specific guidance on the application of the objective, reasonable and informed third party test was published by the FRC in January 2020: FRC Guidance - the objective, reasonable and informed third party test [^39]: If the audit firm does not audit PIEs, then the breaches should be reported to the relevant Recognised Supervisory Body. See ICAEW guidance: Reporting breaches of the FRC Ethical Standard ↩
An investigation will comprise one of the following: (1) an audit investigation into an audit firm and Audit Partner(s) (under the Accountancy Scheme or the AEP); (2) an investigation into professional accountant(s) working in business (under the Accountancy Scheme); (3) a non-audit investigation into professional accountant(s) and accountancy firms (under the Accountancy Scheme); or (4) an investigation into actuaries (under the Actuarial Scheme). Each investigation may include multiple subjects, and an investigation is not considered closed until concluded against all subjects. ↩
Further details of the FRC's remit and powers can be found in the enforcement regimes and information gathering powers on the FRC's website. ↩
Eight investigations were opened in the year to 31 March 2025. An average of 12 investigations per year were opened over the last eight years. ↩
Current enforcement cases ↩
Current enforcement cases ↩
Links to the sanctions policies are here: Sanctions Policy (Audit Enforcement Procedure) (effective from January 2022); Accountancy Scheme Sanctions Guidance (March 2021); Actuarial Scheme Sanctions Guidance (March 2021) ↩
2023/24 highest financial sanctions before discount were £30.6 million adjusted to £21.4 million after settlement discount. ↩
The maximum adjustment awarded for mitigation was 15% and the maximum discount for admissions and early disposal was 35%. As the early disposal discount is applied to the figure after mitigation, the overall discount in this case amounted to 45%. ↩
Press notice: Sanctions against Crowe UK LLP and an Audit Engagement Partner ↩
Press Notice: Sanctions against an Audit Senior Manager ↩
In 2023/24 the highest financial sanction was £30.6 million (adjusted to £21.4 million after settlement discount); sanctions were imposed on eight cases in the year. In 2022/23 the largest such sanction was £20.4 million (adjusted to £14.8 million after settlement discount); sanctions were imposed on 12 cases in the year. ↩
Excludes cases resolved with no further action. ↩
Count of firms and individuals sanctioned. ↩
The 3-year KPI is set at 80% in recognition that not all cases can be completed within three years, whether because, for example, the case is of exceptional size or complexity, or for reasons beyond our control, such as where there are parallel criminal proceedings. ↩
At 31 March 2025, all investigations opened before 31 March 2017 have been concluded. ↩
Press notice: Sanctions against Ernst & Young LLP ↩
Press notice: Sanctions against Crowe UK LLP and an Audit Engagement Partner ↩
Press Notice: Sanctions against CFO in relation to Autonomy Corporation Plc ↩
Paragraph 19 of the Indictment dated 4 May 2017. ↩
Press Notice: Sanctions against PricewaterhouseCoopers LLP and a Statutory Auditor ↩
Press Notice: Sanctions against a Member in relation to the operations and investment activities of Thurrock Council ↩
Press Notice: Sanctions against Ernst & Young LLP and an Audit Engagement Partner ↩
ISQC (UK) 1 (Revised June 2016) has now been succeeded by ISQM (UK) 1. ↩
Press Notice: Sanctions against Ernst & Young LLP and Audit Engagement Partner ↩
In September 2019, an investigation was opened in relation to the audit of the financial statements of Thomas Group plc for the year ended 30 September 2018. In December 2019, a second investigation was opened in relation to the audit of the financial statements of Thomas Group plc for the year ended 30 September 2017. Under the AEP issued in June 2016, a new investigation is commenced if additional matters are identified outside the scope of the initial investigation. In this instance, matters in an earlier audit year were identified, leading to a second investigation under the AEP. ↩
Press notice: Sanctions against KPMG and an Audit Engagement Partner ↩

File

Name Annual Enforcement Review 2025

Publication date 08 July 2025

Type Report

Format PDF, 2.9 MB

Download original

Annual Enforcement Review 2025

File

Is this page useful?