What are the five fundamental principles that are applicable to all auditors?
- Professional Competence and Due Care
- Professional Behaviour
An auditor must be straightforward and honest in all professional and business relationships
An auditor must not be biased, have a conflict of interest or allow undue influence to override professional and business judgments
Define Professional Competence and Due Care
An auditor has a duty to maintain their professional knowledge and skill at the level required to ensure a client or employer receives competent professional service. They should also act diligently and in accordance with applicable technical and professional standards.
An auditor must respect confidentiality of information acquired as a result of professional and business relationships. They should not disclose such information to third parties without the correct authority, unless there is a legal or professional right or duty to disclose.
Define Professional Behaviour
An auditor must comply with relevant laws and regulations and should avoid any actions that could discredit the profession.
What are the threats to objectivity?
Define the threat of self-interest
Self-interest is where an auditor has a beneficial interest in the clients performance. For example:
- the auditor or a family member could own shares in the client, where they could directly benefit from increase in share price and would be reluctant to raise concerns that could have an adverse affect on share price
- the firm could be dependent on a client for a large proportion of the total fee income, they may not raise issues for fear of losing the client
- the acceptance of gifts and hospitality could be perceived as bribery to not raise issues within the financial statements
Define the threat of self-review
Self-review is when an auditor has to review their own work, for example, if an auditor has prepared the financial statements and subsequently audited them. The risk is that they may not raise any issues for fear of a penalty (both financial and reputational)
Define the threat of advocacy
Advocacy is where the auditor is asked to promote or represent their client. This would result in the auditor being in a situation where they would be biased towards the client, such as promoting shares or representing them in court, when the auditor has to be objective
Define the threat of familiarity
Familiarity is where the auditor develops a close relationship with a client, affecting the objectivity and independence of the auditor. This additional trust between the two parties could result in the auditor not reviewing the work as thoroughly as they should, allowing material errors to go undetected. This can arise after a long association with a client
Define the threat of intimidation
Intimidation is where the client attempts to harass or bully the auditor into giving a positive audit report. They may use the audit fee as leverage. The auditor should not give in to such pressure and may choose to resign from the client
What safeguards are created by the profession?
- Education & training required to become an auditor
- Continual Professional Education & Development
- Legislation, i.e. UK Companies Act
- Corporate Governance Regulations
What safeguards are created by the individual?
- Complying with CPD regulations
- Keep in contact with other professionals, including auditors, legal advisors and professional bodies.
- Using an independent mentor
What safeguards are in the work environment?
- Firm-wide standards, obtained from professional codes of ethics
- Ethical standards relating to audit engagements
What specific safeguards should be employed by auditors?
- Monitor fees to ensure the firm is not over-dependent on a particular client; 10% from a plc, 15% from a ltd (max)
- Rotate senior audit staff on an engagement to reduce familiarity threat; 7yr for plc, 10yr for ltd
- Use seperate teams where additional services are offered to audit clients
- Use independent partners to review work where ethical threat is identified
- Don't accept gifts or hospitality, unless it's considered by a partner to be modest
- Don't engage in any business or financial relationship with a client
- Don't allow individuals with personal or family ties to a client to be involved in an audit
- Don't provide accountancy or internal audit services for listed audit clients
- Maintain an up to date engagement letter
- Where no safeguard is considered sufficient, resign from the client
Auditors have a legal right to access all information about the client. This information should be kept confidential to allow the client to trust the auditor not to disclose information that could be detrimental to their operations. As a basic rule, members of the audit team should not disclose any information to those outside the audit team.
What types of safeguards can be put in place to help prevent threats to the auditors?
- Safeguards created by the profession
- Safeguards in the work environment
- Safeguards created by the individual
Under what conditions can confidential information be disclosed?
- If the client has given their consent
- If there is an obligation to disclose, i.e. if the client is suspect of money laundering, terrorism or drug trafficking
- If it is required by a regulatory body, e.g financial services legislation
- If a court order has been obtained
- If a member of the firm has to defend himself in court / disciplinary hearing
- If it is in the public interest
What are the two types of Conflict of Interest?
- Firm vs Client - Any advice given should be in the best interest of the client
- Client vs Client - Clients in the same line of business
What steps should be taken in the event of a conflict of interest?
- Once a conflict is noted, advise all clients of the situation
- Reassure the client that adequate safeguards will be implemented, e.g. separate engagement leaders for each client, separate teams, 'Chinese Walls' to prevent the transfer of client information between teams and a second partner review
- Suggest they seek additional independent advice
- If safeguards can't be implemented, the auditor should resign
What are the three methods for obtaining an audit engagement?
- Direct request from the client
- Tendering (applying for the work)
What areas must be reviewed prior to accepting an audit engagement?
- Risk Analysis:
- Ethical Issues
- Appointment Legal Issues
- Practical Issues
What issues in the risk analysis could prevent the engagement from being accepted?
- Management integrity (obtain references)
- Past performance of the business (f/s)
- Internal controls environment
- Complexity of transactions
- Unusual transactions
- Money laundering risks
What ethical issues could prevent the engagement from being accepted?
- Changing auditor
- ask permission to speak to existing auditor and wait for clearance
- If no response, consider engagement carefully
What practical issues could prevent the engagement from being accepted?
- Staff (enough people to carry out the audit)
- Timing (is there enough time available with the staffing to complete the audit?
- Location (are the audit offices near the client, i.e. is the company based over-seas)
What preconditions need to be met to accept an audit engagement?
- Determine whether the financial reporting framework to be applied in the preparation of the financial statements is appropriate
- Obtain an agreement of management that it acknowledges and understands its responsibilities
What is the engagement letter?
This is the contract between the auditor and the client. It will include the following:
- Responsibilities (both Management and the Auditor)
- FR Framework
- Final Report
Should be reviewed every year to ensure it is up to date and reissued only if there are changes to the terms of engagement.