The content on this page has been converted from PDF to HTML format using an artificial intelligence (AI) tool as part of our ongoing efforts to improve accessibility and usability of our publications. Note:
- No human verification has been conducted of the converted content.
- While we strive for accuracy errors or omissions may exist.
- This content is provided for informational purposes only and should not be relied upon as a definitive or authoritative source.
- For the official and verified version of the publication, refer to the original PDF document.
If you identify any inaccuracies or have concerns about the content, please contact us at [email protected].
Feedback Statement and Impact Assessment - ISA (UK) 240 The Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements and ISA (UK) 570 Going Concern
The FRC does not accept any liability to any party for any loss, damage or costs howsoever arising, whether directly or indirectly, whether in contract, tort or otherwise from any action or decision taken (or not taken) as a result of any person relying on or otherwise using this document or arising from any omission from it.
© The Financial Reporting Council Limited 2026
The Financial Reporting Council Limited is a company limited by guarantee. Registered in England number 2486368. Registered Office: 13th Floor, 1 Harbour Exchange Square, London, E14 9GE
1. Introduction
1The Financial Reporting Council (FRC) is committed to acting as a proportionate and principles-based regulator that balances the need to minimise the impact of regulatory requirements on business, while working to support the delivery of high-quality audit and assurance work to maintain investor and wider stakeholder confidence in audit and assurance.
2The FRC is strongly supportive of alignment of the ISAs (UK) with the corresponding international ISAs, issued by the International Auditing and Assurance Standards Board (IAASB), 1 unless there is an overriding public interest issue which would indicate that the FRC should take a different path. Globally consistent standards help to facilitate the use of international audit methodologies, multi-jurisdictional group audits, and the ability of UK auditors to assert compliance with both UK and IAASB ISAs.
3Where necessary, the international standards are augmented with “UK pluses” for additional or amended requirements and application material which address specific UK legislative, cultural and/or business context.
4The IAASB issued revisions to the international versions of ISA 240 and ISA 570 in July 2025 and April 2025, respectively. These were approved by the Public Interest Oversight Board (PIOB) with effective date for audits of financial statements for accounting periods beginning on or after 15 December 2026.
5In October 2025, the FRC issued a public consultation 2 setting out revised ISA (UK) standards aligning with the international versions, augmented with a limited number of UK pluses many to deal with requirements in UK law or regulation. UK pluses no longer deemed necessary were proposed to be removed from the two standards.
6The feedback received during the consultation process has been used to revise the proposed standards, as set out below. The resulting standards have been issued alongside this feedback statement.
2. Summary of feedback and FRC response
7The consultation closed on 16 January 2026, receiving 19 responses. Below outlines the consultation questions, summary of the feedback received and the FRC's response to these.
ISA (UK) 240- The Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements
Question 1: Do you agree that ISA (UK) 240 (Revised May 2021) and other ISAs (UK) should be revised to adopt the revisions to the underlying international standard and the related conforming amendments to other ISAs? If not, please indicate why and explain what actions, if any, that you believe should be taken.
Summary of feedback
8Respondents were supportive of the alignment of ISA (UK) 240 and related conforming amendments with the international standards, noting that this supports public confidence in the audit requirements.
9Respondents highlighted areas where clarifications to the international standard may be needed for application in the UK:
Key audit matters relating to fraud
10Several respondents raised concerns over the wording of application material in A180, which sets out that it may be rare not to determine a key audit matter (KAM) relating to fraud in the audit of a complete set of general-purpose financial statements of a listed entity. Respondents noted this wording could drive the default inclusion of a KAM in the auditor's report and may lead to boilerplate reporting.
FRC response
11The FRC remains supportive of the IAASB's intention to enhance transparency in the auditor's report through inclusion of a "fraud lens” on the reporting of KAMs. The reporting of a KAM in relation to fraud continues to be a matter of professional judgement and should be tailored to the circumstances of the entity, reducing boilerplate language in the auditor's report. The FRC will continue to monitor the impact of the requirements and feedback to the IAASB as part of any post implementation reviews.
Ability to accept records as genuine
12Respondents noted that the IAASB's removal of extant paragraph 14, which includes the statement that unless the auditor has reason to believe the contrary the auditor may accept records and documents as genuine, could lead to the auditor performing additional audit procedures over documents being genuine. Respondents suggested that UK supplemental material could be used to reinstate the extant statement.
FRC response
13The FRC supports the IAASB's removal of extant paragraph 14 as the conditional requirement in paragraph 22 appropriately focuses on situations where conditions are identified that cause the auditor to believe a record or document is not authentic or has been altered, thereby requiring further investigation. The auditor is not required to design procedures (and therefore carry out extra work) specifically to identify conditions that cause the auditor to believe a record or document is not authentic or has been altered. The removal of extant paragraph 14 has not resulted in a change to the auditor's ability to accept documents as genuine unless they have reason to believe to the contrary as is still identified in ISA (UK) 200.3 Paragraph 22 and the related application material also support the auditor's responsibilities under ISA (UK) 500, including when considering the reliability of information intended to be used as audit evidence.
Scalability and technology
14Respondents noted concerns over the scalability of the revisions made to ISA (UK) 240, specifically noting increased reference to forensic experts which may not be readily available to all auditors.
15Several respondents specifically supported the international standards revisions to enhance material on leveraging technology. However, some respondents noted further examples could be useful for UK context.
FRC response
16The FRC do not believe that the increased reference to forensic or other experts reduces the scalability of the ISAs (UK). The additional references to the use of a forensic expert are included as application material, and not as a requirement to support the engagement partner's determination that the engagement team collectively has appropriate competence and capabilities, including appropriate specialised skills and knowledge to perform fraud risk procedures.4 In determining if additional engagement level resources are required, such as forensic experts, the engagement partner applies professional judgement, influenced by the nature and circumstances of the audit engagement.5
17The FRC continues to address scalability concerns in the ISAs (UK) and the proportionate application of the ISAs (UK) to smaller and medium-sized entities and is currently working with stakeholders on a Practice Note for those entities.
18The FRC notes that one of the main aims of the international revisions was to enhance material on technology use. The FRC is supportive of this being included in the revised ISA (UK) 240. Further, the FRC continues to develop materials on the use of technology, such as the 'Al in audit' guidance.6
Question 2: If you agree that the ISAs (UK) should be revised to adopt the revised ISA 240 and conforming amendments, do you agree that the limited UK supplementary material included in the exposure draft is sufficient? If not, please provide reasoning and explain what supplementary material you believe should be included.
Summary of feedback
19Respondents were supportive of the limited UK supplementary material augmented to ISA (UK) 240, commending the efforts to maintain alignment with the international standards through minimisation of supplementary UK pluses.
20However, one respondent noted that they did not support the inclusion of supplementary UK material for the UK business context, such as that maintained in paragraph 32-1 which requires the auditor to hold discussions with those charged with governance relating to fraud risk factors, including those specific to the entity's business sector.
FRC response
21The requirements in paragraph 32-1 of extant ISA (UK) 240 have been retained as to maintain the enhanced risk assessment procedures related to material misstatement of the financial statements due to fraud. This enhances the auditor's understanding of the fraud risks in the entity and helps to drive high quality audit work.
Post-close journal entries
22Respondents noted that the removal of extant material, which required the auditor to consider post-close journal entries in their response to the risk of material misstatement due to fraud related to management override of controls, results in a lack of clarity in the requirements. Respondents requested that the reinstatement of extant material over post-close journals be made in the revised standard.
FRC response
23Exposure draft ISA (UK) 240 implicitly retained the existing UK requirements on responding to fraud risks arising from management override of control, including work on post-close journal entries. As feedback highlighted that there was a lack of clarity over the inclusion of post-close journals, the UK supplemental material to explicitly include reference to post-close journal entries has been reinstated in paragraph 49 of the revised standard. This aims to enhance clarity but does not increase the expected work effort of the auditor.
Laws and regulations
24Respondents requested additional application material to consider other laws and regulations applicable in the UK, including the failure to prevent fraud offence under the Economic Crime and Corporate Transparency Act 2023 and Company duty to keep adequate accounting records that are sufficient under Companies Act 2006 requirements.
25Further, respondents highlighted a need for additional cross referencing, in paragraph 25, to remind the auditor that there may be legal restrictions on ongoing communications with management and those charged with governance (e.g. in relation to tipping off).
FRC response
26The FRC has not included supplemental UK material to reference other laws and regulations which the auditor may need to consider. The auditor has responsibilities under ISA (UK) 250 to consider laws and regulations in an audit of financial statements. The FRC considers there to be sufficient reference to the auditors' responsibilities under ISA (UK) 250 throughout the revised standard. Further, the application material in A195 highlights that the auditor may be restricted in their communications with management and those charged with governance due to law and regulation.
27However, following the feedback received a cross-reference has been included in paragraph 25 to remind the auditor that ongoing communications with management or those charged with governance may be restricted by UK law or regulation, including reference to A195-1 relating to tipping off offences.
Clearly inconsequential instances of fraud
28Respondents noted concerns over determining clearly inconsequential instances of fraud or suspected fraud, suggesting UK supplemental material could provide examples on determination of clearly inconsequential and work effort expectations.
FRC response
29The FRC has not included supplemental material on determining if an instance of fraud is clearly inconsequential. The determination of a clearly inconsequential instance of fraud is a matter of professional judgement, influenced by the qualitative and quantitative nature of the instance. Where there is uncertainty about if an instance of fraud, or suspected fraud, is clearly inconsequential, the fraud is not clearly inconsequential.
Auditor reporting
30Respondents raised concerns over possible duplication that may be caused through proposed revisions to ISA (UK) 701 for the auditor's report to explain to what extent the audit was considered capable of detecting irregularities, including fraud7 and the reporting of fraud related KAMs. Respondents noted this may lead to boilerplate language or the unnecessary extension of the auditor's report.
FRC response
31The audit's ability to detect fraud forms only one aspect of its broader ability to detect irregularities, and it should not be conflated with a fraud related KAM. Both sections of the auditor's report need to be tailored to the entity's circumstances to avoid boilerplate language. Where audit procedures overlap, cross-referencing can be used to minimise duplication and maintain clarity in the report.
Question 3: Is the proposed effective date, 15 December 2026, which is consistent with the effective date of the IAASB's revised ISA, appropriate? If not, please give reasons and indicate the effective date that you would consider appropriate.
Summary of feedback
32Respondents were in support of the proposed effective date of 15 December 2026. Respondents favoured the alignment of the effective date with the effective date of the IAASB's revised ISA and noted that it allows for adequate time to prepare for the revised requirements.
FRC response
33The effective date of 15 December 2026 is considered appropriate.
ISA (UK) 570 – Going Concern
Question 4: Do you agree that ISA (UK) 570 (Revised September 2019) and other ISAs (UK) should be revised to adopt the revisions to the underlying international standard and the related conforming amendments to other ISAs? If not, please indicate why and explain what actions, if any, that you believe should be taken.
Summary of feedback
34There is broad and consistent support for adopting the IAASB's revisions to ISA 570 (Revised 2024) and aligning the UK standard with the international baseline. Many respondents emphasise the benefits of global convergence, including improved audit quality, enhanced consistency across multinational audits, reduced duplication, more efficient training, and better mobility of audit professionals. Several respondents highlight that alignment strengthens public confidence, avoids unnecessary UK-specific divergence, and helps maintain a coherent global audit framework.
35Respondents also expressed concern about the proposed amendments to paragraph 34(b), which sets out the circumstances in which the auditor must explain, in the auditor's report, how they evaluated management's assessment of going concern. Respondents were concerned that removing the conditional element—which in the international standard limits this reporting to situations involving significant judgements—could broaden the requirement unnecessarily. They noted that this may lead to boilerplate reporting and reduce the clarity and emphasis intended where management's assessment involves significant judgement. These points are considered further in the next question, where they relate specifically to the UK supplementary material.
Auditor Must Cover Same Period as Management
36One area where several respondents expressed a desire to deviate from the international standard was in retaining paragraph 13-1 of extant ISA (UK) 570 which explicitly requires that the auditor's going concern assessment period matches the period used by management. Although the proposed standard implies this through paragraphs 6 and A48, respondents argue that this requirement is fundamental to the logic of the going concern assessment: if directors have considered events or conditions extending beyond the minimum 12-month period—sometimes significantly beyond—then the auditor must evaluate those same events to form an informed audit conclusion.
FRC response
37The requirements in the standard already make clear that the auditor is expected to design and perform audit procedures to evaluate management's assessment of going concern. Nothing in the standard suggests that the auditor may restrict their work to a shorter period where management has assessed a longer horizon; rather, the auditor's procedures must respond to the period covered by management's assessment in order to form an appropriate conclusion. As this expectation is inherent in the existing requirements, retaining the previous UK-specific provision is unnecessary. Nevertheless, to support clarity and consistent application, we have included additional application material at paragraph A34-1 to confirm that the auditor evaluates going concern over the same period as management, whether that is the minimum required period or a longer period where management has performed an extended assessment.
Question 5: If you agree that the ISAs (UK) should be revised to adopt ISA 570 (Revised 2024) and conforming amendments, do you agree that the limited UK supplementary material included in the exposure draft is sufficient? If not, please provide reasoning and explain what supplementary material you believe should be included.
Summary of feedback
38Across respondents, there is clear overall support for limiting UK-specific supplementary material, with strong agreement that the FRC should prioritise international alignment with ISA 570 (Revised 2024) and avoid unnecessary "UK-pluses.” Many respondents emphasise that duplication, boilerplate requirements, and local additions increase cost, reduce clarity, and undermine the benefits of a globally consistent standard. Several note that the UK standard was already closely aligned with the international version, so the removal of redundant UK material—particularly old requirements linked to the Corporate Governance Code—is welcomed as helping to declutter auditor's reports and remove unnecessary repetition.
39Several respondents raised targeted concerns regarding the proposed revisions set out in more detail below.
Extension of entities in scope of reporting requirement of how auditor evaluated management's assessment of going concern
40Paragraph 34(b) of ISA 570 (Revised 2024) requires that for listed entities, when significant judgements are made by management in concluding that there is no material uncertainty related to events or conditions that may cast significant doubt on the entity's ability to continue as a going concern (also known as a “close call”), the auditor should describe in the auditor's report how the auditor evaluated management's assessment of the entity's ability to continue as a going concern.
41In the UK, since the revision of ISA (UK) 570 in 2019, auditor's reports for all listed entities, public interest entities (PIEs), other entities that report on how they have applied the UK Corporate Governance Code and certain other large private and quoted companies are required to include an explanation of how the auditor evaluated management's assessment of the entity's ability to continue as a going concern, and where relevant, key observations arising with respect to that evaluation. Unlike the international standard, this explanation is included irrespective of whether significant judgments are made by management in concluding on material uncertainties.
42In adopting the international standard, we therefore proposed to remove the conditional aspect of the requirement to include the explanation only in instances where "significant judgements are made by management in concluding that there is no material uncertainty related to events or conditions that may cast significant doubt on the entity's ability to continue as a going concern". Further, the UK-specific scope has been retained to ensure continued transparency for a broader set of entities. As a result, the requirement applies not only to listed entities but also to public interest entities, Corporate Governance Code adopters, and certain large private entities. A substantial number of respondents expressed a preference to remove this UK plus and adopt the international version which requires the explanation only when significant judgements are made by management in concluding that there is no material uncertainty, arguing that it dilutes the communicative value of the auditor's report by obscuring the distinction between genuinely judgement-laden, borderline going concern assessments and routine scenarios.
43Several respondents also argued that the additional UK-specific scope in paragraphs 34(b) and 35(b)—which extends requirements beyond listed entities to PIEs, Corporate Governance Code adopters, and large private entities—should not be retained. Their central argument is that the international standard limits the requirement to listed entities, and the UK should do the same to maintain global consistency, proportionality, and reduce burdens. Furthermore, some respondents note that expanding the scope to a broader set of entities produces inconsistency within the standard.
FRC response
44The FRC does not consider it appropriate to adopt the IAASB's conditional requirement for auditors to include an explanation only where significant judgments are made by management in concluding on material uncertainties. Since 2019, the FRC has established a broader and more transparent reporting framework for going concern, applying enhanced disclosure expectations not only to listed entities but also to PIEs, Corporate Governance Code adopters, and certain large private and quoted companies. This framework reflects longstanding UK stakeholder expectations for clarity over the auditor's evaluation of management's assessment in all circumstances, not only for those involving significant management judgements. Several respondents acknowledged that the existing UK regime has operated effectively and that requiring auditors to explain how they evaluated management's going-concern assessment is already a familiar and well-understood expectation in the UK environment. Maintaining this existing UK requirement therefore preserves continuity of reporting practice and avoids reducing the level of insight currently provided to users.
45Nor does the FRC agree that the broader UK-specific scope for a wider range of entities in paragraphs 34(b) and 35(b) should be removed. The existing UK requirement has been embedded in ISA (UK) 570 since its 2019 revision and reflects longstanding UK expectations for enhanced transparency for public interest entities, Corporate Governance Code adopters and certain large private entities. Importantly, the IAASB's narrower scope would not align with the population of UK entities that are subject to heightened legal or regulatory obligations and would therefore fail to meet the level of transparency expected within the UK framework. Retaining the UK-specific scope continues to support proportionality and the needs of UK stakeholders.
46The FRC also does not believe that retaining the existing UK requirement will lead to more boilerplate reporting. Auditors have always been expected to tailor the level of detail in their explanation to the nature and significance of those risks. Where this tailoring is applied appropriately, disclosures remain specific to the entity and provide meaningful insight to users. Maintaining the obligation to explain how the auditor evaluated management's going concern assessment therefore continues to support entity-specific insight presented in a proportionate manner, rather than by limiting which entities must provide these disclosures.
47Finally, while we recognise concerns around comparability with international practice, we consider the enhanced UK disclosure requirements for an expanded set of entities—in place since 2019—to be an important and deliberate policy choice that responds to UK stakeholder needs. We therefore consider it both necessary and appropriate to retain the UK-specific approach to support the continued transparency expected by UK stakeholders.
48The internal inconsistencies identified by respondents—specifically the tension between the scope of entities required to apply paragraphs 34(b) and 35(b) and the wording in paragraphs 1, A2 and A82—have been addressed through revisions to ensure that the standard is now internally coherent within the UK framework.
Information Used in Management's Assessment
49Several respondents noted that paragraph 24-1 of ED-ISA (UK) 570 (Revised)—which requires the auditor to “consider whether any additional facts or information have become available since the date on which management made its assessment”—is unnecessary. They argued that the requirement is already fully encompassed within paragraph 24 of the proposed ISA (UK) 570, which obliges auditors to consider all relevant information of which they are aware, inherently covering any additional facts arising after management's assessment.
FRC response
50The FRC has considered the arguments presented by respondents and agrees that the requirement in paragraph 24-1 does not add substantive value, given that paragraph 24 already obliges auditors to consider all relevant information of which they are aware, including any that emerges after management's assessment. In light of this, the FRC has removed paragraph 24-1 from the final standard. However, to assist auditors in considering all relevant information, application material has been added at paragraph A57-2.
Question 6: Is the proposed effective date, 15 December 2026, which is consistent with the effective date of the IAASB's revised ISA, appropriate? If not, please give reasons and indicate the effective date that you would consider appropriate.
Summary of feedback
51All respondents supported the proposed effective date of 15 December 2026, with firms and professional bodies consistently emphasising that alignment with the IAASB timeline is appropriate and desirable for global consistency and comparability. Many respondents noted that this timeframe provides sufficient lead-in for updating methodologies, systems, templates, and training, while avoiding the risks of premature or delayed adoption.
FRC response
52The effective date of 15 December 2026 is considered appropriate.
3. Impact assessment
53The revisions to ISA (UK) 240 and ISA (UK) 570 maintain support of the underlying international standards with supplemental requirements and guidance included to address specific UK-related issues. These supplemental requirements have been maintained from extant ISAs (UK).
54The revised standards are designed to be scalable and can be used to effectively design and perform a proportionate yet robust audit.
55ISA (UK) 240 and ISA (UK) 570 were revised in 2021 and 2019 respectively, resulting in a necessary divergence from the international ISAs in order to address UK-specific public interest considerations. Following the strengthening of the corresponding international ISAs, the FRC is now able to align the revised UK standards with the international framework. This re-alignment reduces compliance burdens for firms by supporting a more streamlined application of global methodologies.
56The extant UK standards helped shape the IAASB's revisions to the international standards, meaning UK firms are well placed to implement the revisions to the standards.
57The FRC recognises that there will be some costs to practitioners to embed the revisions. However, because the revised UK standards maintain alignment with the strengthened international ISAs, these costs are expected to be minimised. Firms will largely be able to incorporate the UK-specific updates at the same time as updating their methodologies for the international standards, rather than undertaking a separate UK-only implementation exercise. Such costs may include training and development, methodology updates, and/or communication requirements with clients. We, therefore, do not foresee considerable costs incurred through the revisions to ISA (UK) 240 and ISA (UK) 570.
58A post implementation review on the impact of the revisions to the standards will be considered in the future when sufficient evidence is available as to their impact.
59We have aligned the effective date of the UK revisions with the international revisions to minimise impact further.
4. Appendix
Respondents to the October 2025 FRC consultation on the proposed revisions to ISA (UK) 240 (Revised May 2021) and ISA (UK) 570 (Revised September 2019).
The consultation set out six questions in total, three relating to ISA (UK) 240 and three relating to ISA (UK) 570. Some respondents responded to only part of the consultation, as set out below:
| Respondent type | Responses received with feedback on ISA (UK) 240 | Responses received with feedback on ISA (UK) 570 |
|---|---|---|
| Academic | 1 | 0 |
| Audit Firm | 8 | 8 |
| Professional Body | 4 | 4 |
| Other | 6 | 6 |
| Total | 19 | 18 |
Financial Reporting Council
London office:
13th Floor, 1 Harbour
Exchange Square,
London, E14 9GE
Birmingham office:
5th Floor, 3 Arena
Central, Bridge Street,
Birmingham, B1 2AX
+44 (0)20 7492 2300
Follow us on LinkedIn
-
IAASB, Final Pronouncement: International Standard on Auditing 240 (Revised 2024), The Auditor's Responsibilities Relating to Fraud in an Audit of Financial Statements (July 2025); and IAASB, Final Pronouncement: International Standard on Auditing 570 (Revised 2024), Going Concern (April 2025). ↩
-
Full details of the consultation can be found at: Proposed Revisions to ISA (UK) 240 and ISA (UK) 570 ↩
-
ISA (UK) 200 (Revised June 2016), Overall Objectives of the Independent Auditor and the Conduct of an Audit in Accordance with International Standards on Auditing (UK), paragraph A24 ↩
-
ISA (UK) 240 (Revised March 2026), paragraph 23 ↩
-
ISA (UK) 240 (Revised March 2026), A38 ↩
-
Al in Audit, June 2025 ↩
-
Proposed ISA (UK) 701 (Revised 2026), Communicating Key Audit Matters in the Independent Auditor's Report, paragraph 16-1 ↩