2. Audit quality
The FRC has adopted a strategic advice role in relation to audit quality since the passage of the Audit Enhancement Act in 2012. This advice may include matters relating to the effectiveness of Corporations Act provisions relevant to audit, the review processes undertaken by the professional bodies to ensure that auditor skills and processes remain at a high level and disciplinary processes undertaken to address any weaknesses in these areas. These three areas are addressed in this Chapter.
Audit helps to maintain confident and informed markets by enhancing the quality of financial reports. Under the Corporations Act, all disclosing entities, public companies (except some companies whose members’ liability is limited by guarantee), large proprietary companies and registered schemes are required to prepare financial reports and have them audited. These audits must be conducted by auditors or audit companies registered by ASIC for that purpose.
Australia has comprehensive legislative and professional requirements concerning audit. The main legislative requirements are set out in the Corporations Act. ASIC is the key regulator under the Corporations Act and has responsibility for the surveillance, investigation and enforcement of the financial reporting requirements of the Corporations Act, including the enforcement of audit requirements. The Corporations Act also gives legal effect to the auditing standards developed by the Auditing and Assurance Standards Board (AUASB). The auditing standards further require that auditors adhere to the relevant ethical standards as issued by the Accounting Professional and Ethical Standards Board (APESB). The professional accounting bodies enforce professional standards and comprise the Chartered Accountants Australia and New Zealand (otherwise referred to as the ICAA),1 CPA Australia and the Institute of Public Accountants (IPA).
The Audit Quality Committee of the FRC is tasked with assisting the FRC through facilitating engagement with stakeholder bodies, reviewing international developments related to audit quality and providing input to the strategic advice provided to the Minister in relation to the matters noted above.
The FRC noted the results of the ASIC Audit Inspection Program Report 2012-13 (the ASIC Report) and welcomes the overwhelmingly positive response from major audit firms, who developed action plans in consultation with ASIC to improve the quality of audit in Australia. The FRC continues to monitor the action undertaken by ASIC and the six largest accounting firms, who comprise PricewaterhouseCoopers, KPMG, EY, Deloitte, Grant Thornton and BDO, following the development of these action plans.
During 2013-14, the FRC noted its support for the work undertaken by the professional accounting bodies to improve audit quality, including the review of guidance and training programs which are designed to drive improvement in audit quality among their members. The FRC notes that the audit quality review programs conducted by these bodies appear to be operating effectively to identify areas for improvement, however further work needs to be done in relation to the issues identified by the ASIC Report.
The FRC further supports the collaboration between the professional bodies to address audit quality issues more broadly.
The FRC also monitored the adequacy of the teaching of ethics as it relates to audit quality through regular meetings with the professional accounting bodies and engagement with the APESB by the Audit Quality Committee on matters of ethics. Following a review of the information that has been supplied, the FRC considers that the teaching of ethics by these bodies continues to be adequate.
The FRC and the Audit Quality Committee consulted widely with the audit profession during 2013-14 and received information on audit quality matters from ASIC and the professional accounting bodies. The FRC further informed its audit quality responsibilities through an ongoing review of releases from the professional accounting bodies, accounting firms, international audit regulators and other audit stakeholders.
The ASIC Report was released on 27 June 2014 and covered findings from its risk based inspections of 17 Australian audit firms in the period between 1 July 2012 and 30 December 2013.
The ASIC Report noted that while audit firms had made good efforts to improve audit quality these efforts were not yet reflected in its risk-based inspection findings. More information is provided about this report later in the Chapter.
During 2013, ASIC welcomed the responses of the six largest accounting firms to its request to prepare action plans to improve audit quality and the consistency of audit execution. However, the full impact of these plans is expected to be better reflected in the ASIC Report for the 18 months to 30 June 2015.
During the year, ASIC worked with audit oversight regulators in other international jurisdictions through the International Forum of Independent Audit Regulators (IFIAR) to encourage the largest global audit firms to improve audit quality internationally. ASIC also actively participates in the consideration of initiatives to improve audit quality as a member of a working group of the International Organisation of Securities Commissions (IOSCO).
ASIC continued to liaise with the AUASB in relation to proposed improvements to guidance related to auditing standards. ASIC also liaised with the IAASB and International Ethical Standards Board for Accountants (IESBA), both directly and through IOSCO, with a view to seeking improvements to international auditing and auditor independence standards due to their impact on Australian standards.
In March 2014, ASIC issued Information Sheet 196 Audit quality: The role of directors and audit committees to assist directors and audit committees in their role of ensuring the quality of the external audit of a financial report. The specific contribution that directors and audit committees should make to audit quality includes recommending audit appointments, ensuring that auditors receive reasonable fees to support quality audits, reviewing the resources devoted to the audit, ensuring that auditors are fully informed of risks that may impact on the audit, and ensuring that auditor independence is protected. ASIC has further suggested that directors and audit committee ask their auditors for any findings from ASIC audit firm inspections relating to the audit of their companies.
ASIC has worked closely with the professional accounting bodies and has suggested ways in which their firm quality review programs could be further enhanced, and has also suggested that the bodies provide additional training and workshops on core skills to assist auditors in exercising professional scepticism.
ASIC had 189 meetings with industry bodies during 2013-4 including audit committee forums and meetings with the professional accounting bodies and other stakeholders.
The ICAA reported its ongoing recognition of the importance of audit quality for its practices and its members.
During 2013-14 ICAA:
- Continued its research into the mindset of auditors and perceptions around the key drivers of audit quality in the major firms.
- Published an Audit Quality Infographic to raise awareness across the profession of potential areas for audit quality enhancement or focus.
- Funded research on how firms conceptualise and apply professional scepticism in an audit context.
- Continued to contribute to debates in relation to the IAASB, US Centre for Audit Quality, and US Public Company Accounting Oversight Board (PCAOB) activities and consultations on the Audit Quality Frameworks, Measurement and Audit Reporting projects and other audit quality matters.
- Ran two Audit Quality Forums during 2014 with the firms who prepared Action Plans with ASIC, and the next five largest audit networks in Australia.
- Ran Knowledge Sharing sessions in seven Australian states and territories. ASIC also presented at the ICAA Audit Conferences during the year and covered their areas of focus for audit quality.
Guidance and support
During 2013-14, ICAA:
- Updated the ICAA Audit Manual for Small & Medium Practices to provide practical assistance for applying standards and undertaking quality work. This update included an increased focus on professional scepticism (both its application and documentation).
- Released guidance on issues arising from quality reviews and how to apply the standards better in these areas.
- Introduced a new Fraud workshop to provide audit practitioners with knowledge, practical understanding and support to address fraud risk factors.
- Introduced new online training events for members, which have included Top 10 tips for audit, Risk Assessments, and Professional Scepticism under the Microscope.
- Maintained regular, relevant communications on audit quality matters through weekly electronic newsletters (which cover changes to standards) and regular articles in monthly member magazines.
Engagement with ASIC
During 2013-14 the accounting profession made an effort to address some of the weaknesses that were identified in the ASIC Report. ICAA discussed the best means to address many of these issues with the FRC and the AQC in late 2013, for example the practical guide on applying and documenting professional scepticism issued in conjunction with the Canadian Public Accountability Board (CPAB).
The Action Plans developed by firms in consultation with ASIC are the firm’s individual and specific program, designed to enhance their existing internal systems and processes to allow more consistent application of quality across audit engagements.
The publication Sharing experiences in audit quality at the end of 2013 drew out specific ideas, processes and options for enhancement which could be appropriate for smaller firms and was based on the Action Plans prepared by the six largest accounting firms. The initiatives were classified in terms of:
- Culture & accountability, including competencies, attributes and tone at the top;
- Experience & expertise, including training, scepticism, root cause analysis and tools; and
- Supervision & review, including coaching and time.
CPA Australia restated the importance of audit quality and the need for constant improvement for the profession, capital markets and other stakeholders.
During 2013-14, CPA Australia:
- Released the publication Professional Scepticism: looking both ways in a one way street, which highlighted the key insights from panel discussions and interviews with leaders of the audit profession, psychologists and behavioural scientists.
- Commenced a collaborative research initiative with the Accounting and Finance Association of Australia and New Zealand (AFAANZ) focused on going concern auditor reporting and professional scepticism.
- Collaborated with the AUASB and other stakeholders and hosted roundtables on the proposed international developments in auditor reporting standards.
- Initiated and hosted the inaugural Evolution of Audit forum, which sought to promote collaboration on key forward looking issues around audit quality. An international key note speaker, panel of leaders from the auditing profession and ASIC participated in this forum.
- Continued to support research to develop new ways of training and fostering professional scepticism for individuals, teams of professionals and audit firms, in collaboration with a team of academics chosen from AFAANZ. The resources developed in this initiative thus far have already been adopted by tertiary institutions to enhance how professional scepticism is taught in undergraduate and graduate programs.
Guidance and support
CPA Australia has implemented a broad range of ongoing activities and member requirements to promote audit quality, in addition to undertaking the following new activities focused on contemporary and forward looking issues:
- New audit webinar training and a series of online e-learning modules on audit quality topics including materiality, risk assessment, assessing controls and documentation.
- Auditing and assurance resources including guidance documents, factsheets, audit manual and competency standards.
- Audit training products including face to face learning, webinars, online e-learning modules and podcasts.
- Promoting better understanding in the community of the role of auditing and assurance and general financial literacy through publications and initiatives.
Engagement with ASIC
CPA Australia has worked closely with ASIC to determine how best to respond to the key focus areas identified in the ASIC Report. Many of the specific initiatives identified were being addressed in consultation with ASIC before the release of the Report on 27 June 2014. In particular, the following initiatives have been undertaken by CPA Australia during 2013-14:
- Communicating ASIC’s findings and key messages widely through a podcast interview with a senior ASIC official.
- Undertaking research to improve education and training in relation to professional scepticism.
- Incorporating the focus areas identified in the ASIC Report into training programs for auditors, the CPA Australia Advanced Audit and Assurance Professional Program Module and CPA Australia’s Small Entities Audit Manual.
CPA Australia supports the Action Plans developed by the largest six auditing firms as a positive, collaborative activity with a view to focusing on and improving audit quality. CPA Australia is especially supportive of the ‘example initiatives to improve audit quality’ outlined in the ASIC Report and encourages all audit firms to develop audit quality action plans with consideration of these factors.
The FRC monitors international developments to better evaluate the adequacy of Corporations Act provisions relating to the conduct of audit, the auditing standards and applicable codes of professional conduct. The FRC reviews general media reports about audit quality issues, as well as material from key overseas oversight and standard-setting bodies and other regulatory agencies.
During 2013-14, the FRC has observed with interest a range of developments in Europe and North America that potentially have implications for audit quality. The more significant international developments include:
- In July 2013, the US House of Representatives passed a bill preventing the PCAOB from imposing auditor term limits on its own. Further, the schedule of prohibited non-audit services, since implemented by the European Commission, parallels the restrictions placed on consulting work under the Sarbanes-Oxley Act 2002 in the United States.
- On 25 July 2013, the IAASB issued the exposure draft Reporting on Audited Financial Statements: Proposed New and Revised International Standards on Auditing. The Exposure Draft proposed a new standard requiring that auditors communicate Key Audit Matters in their published audit report. These matters would be selected from matters communicated with those charged with governance, amongst other proposals.
- In October 2013, the UK Competition Commission (UKCC) introduced the requirement for FTSE 350 companies to put their audit out to tender every ten years, with those that tender less frequently than five years required to report in which financial year they plan to put the audit engagement out to tender.
- The UKCC expects to release further rules in late 2014 that take account of proposed EC audit reforms.
- In February 2014 the IAASB issued the revised Framework for Audit Quality: Key Elements that Create an Environment for Audit Quality. It describes the key factors that are involved in ensuring high quality audits are consistently performed by practitioners and aims to raise awareness of quality issues.
- In April 2014, CPAB released its public report on audit inspections in 2013. The report revealed that inspections have improved over the prior year. Action plans developed by firms to address audit quality issues are responsible for much of the improvement noted in 2013 and 2012.
- In April 2014 IFIAR also released the findings of an audit quality survey conducted in 2013. The survey indicates the persistence of deficiencies in important aspects of audits between IFIAR member jurisdictions and that there is a basis for ongoing concerns with audit quality. Common areas of concern are:
- Fair value measurement, internal control testing, and adequacy of financial statements and disclosures (for audits of listed public-interest entities);
- Audit allowance for loan losses and loan impairments, internal control testing, and audit of the valuation of investments and securities (for audits of systemically important financial institutions); and
- Engagement performance, human resources, and independence and ethics requirements (for inspections of audit firms’ quality-control systems).
- In May 2014 the UK Financial Reporting Council (FRC-UK) released its Audit Quality Inspections Annual Report for 2013-14, which focuses on where improvements might be necessary. The FRC-UK noted that, generally, improvements in audit quality are achieved because action plans are developed with the firms to address the weaknesses identified in individual audit engagements and firm-wide procedures by inspectors.
- On 16 June 2014, new legislation to improve the quality of statutory audit across the European Union (EU) entered into force. Member states have two years from this date to adopt and publish the provisions to comply with this legislation. The new legislation includes the following:
- 10 year mandatory firm rotation for public interest entities (up to 20 years if put out to tender or 24 years if the firm undertakes a joint audit);
- A limit placed on fees chargeable for non-audit services and tax advice of 70 per cent of the value of audit fees, in addition to a schedule of prohibited non-audit services; and
- The coordination of auditor supervision in the EU through the Committee for European Audit Oversight. The European Securities and Markets Authority will play a role in the co-operation on audit oversight.
- The PCAOB held public meetings in April 2014 to discuss proposals to enhance the auditor’s reporting model. Proposals include the requirement to communicate ‘critical audit matters’ (similar to the IAASB’s Key Audit Matters), new requirements on disclosure of matters relating to auditor independence, audit tenure, and other information outside the financial statements, and enhancement to existing language in the auditor’s report related to the auditor’s responsibilities for fraud and notes to the financial statements.
The FRC will maintain a watching brief on these developments to determine how best to respond in order to improve audit quality in Australia.
The FRC published the Occasional Paper Audit Quality and the FRC’s responsibilities consequential to the Corporations Legislation Amendment (Audit Enhancement) Act 2012 on its website in August 2013. The paper was written by the Australian Auditing and Accounting Public Policy Committee (APPC) and discusses a number of areas related to audit quality in Australia including:
- Defining ‘audit quality’ — the importance of audit stakeholders taking a broad view of what constitutes audit quality, the Australian profession’s contributions to international debate on the definition of audit quality and the fact that there are both input and output factors to audit quality;
- Bridging the audit expectation gap — the need for acknowledgement that bridging the audit expectation gap is a shared responsibility of auditors, those charged with governance, regulators, standards setters, legislators and investors; and
- Financial reporting initiatives — the need for further discussions on whether financial reports should be more forward looking and on proposals to enhance auditor reporting.
Australia’s co-regulatory regime involves ASIC and the professional accounting bodies cooperating on the implementation of their auditor oversight processes. For example, the ICAA and CPA Australia accept each other’s quality review programs for the purposes of member compliance oversight.
In ASIC’s view, in 20 per cent of the total 454 key audit areas that it reviewed across 107 audit files at firms of different sizes, auditors did not obtain reasonable assurance that the financial report as a whole was free from material misstatement. This compares to 18 per cent for ASIC’s report covering the previous 18-month period, ending June 2012. These findings do not fully take into account the impact of action plans developed by the largest six audit firms, which were first implemented for financial statements for years ending on 30 June 2013. The results of these action plans are expected to be reflected in future ASIC reports.
ASIC adopts a risk-based approach in its inspection program and has cautioned that the findings should be viewed as an indication of how some firms address more challenging audit situations. Caution is needed before generalising the inspection results across the entire market. The findings reflect cases where, in ASIC’s view, the auditor did not have a sufficient basis to support their opinion on the financial report, rather than the findings necessarily implying that the relevant financial reports audited were materially misstated. ASIC further advised that they do not report on areas where auditors perform beyond the relevant standards and to that extent the report does not represent a balanced scorecard.
ASIC’s report outlines initiatives that auditors should consider to improve audit quality and the consistency of audit execution, as well as future focus areas for their audit inspections. Three broad areas continued to be specifically identified as requiring improvement by audit firms:
- the sufficiency and appropriateness of audit evidence obtained by the auditor;
- the level of professional scepticism exercised by auditors; and
- ensuring appropriate reliance on the work of experts and other auditors.
During 2013, the largest six audit firms responded to ASIC’s requests to prepare action plans to improve audit quality and the consistency of audit execution.
The ASIC Report noted that it may take some time for the results of the action plans to be reflected in ASIC’s risk-based inspection findings. This is because the firms commenced implementing key aspects of the plans for audits of financial reports for the year ended 30 June 2013, which was already 12 months into the 18-month period covered by the report. Further, the plans often concern matters such as the culture of focusing on audit quality within the firms, which can take time to have effect.
ASIC further encouraged firms to consider reviewing their staffing structures to ensure that sufficient and appropriate experience and expertise is available for increasingly complex entities and audits, which typically require increased good judgement.
ICAA members who hold a Certificate of Public Practice (CPP) are required to undergo the Quality Review Program (the Program) in accordance with the policies and procedures governing the operation of the Program. This includes those members who provide audit services, including registered company and Self-Managed Superannuation Fund (SMSF) auditors.
The ICAA has informed the FRC that the Program seeks to assess whether practitioner members have implemented appropriate quality control policies and procedures in their accounting practices. The overall assessment of a practice takes into account practice-wide control policies and procedures, in addition to the findings from the review of individual engagement files.
Practices with significant non-compliance issues are re-reviewed within one year. Practices that sign off on audits requiring registered company auditor (RCA) registration are reviewed at least once every three years. All other practices are reviewed at least once every five years.
During 2013-2014, 79 per cent of the practices reviewed were reported to have either met all of the professional standards and regulatory requirements as set by standard setters and regulators or showed levels of non-compliance that were not significant. These practices undertake Corporations Act and non-Corporations Act/SMSF audits. These practices have undertaken to address the areas of non-compliance.
For those practices showing an insignificant level of non-compliance, the ICAA requires the practice to confirm in writing that the issues identified during the review have been addressed. The remaining practices are required to develop an action plan within two months outlining how they will address the identified issues, and to undergo a follow-up review within 12 months. All practices that were re-reviewed had adequately addressed the areas of non-compliance, with one practice no longer conducting any engagements in the area of concern. The ICAA will continue to monitor this practice’s activities. Where an action plan is not provided or adequately implemented at the time of the follow-up review, a practice may be referred for investigation by the Professional Conduct team. This was not necessary during 2013-2014.
These results came from the review of audit engagements files constituting audits of a range of entities, summarised as follows: listed entities (2 per cent), Corporations Act, excluding listed entities (25 per cent), SMSF (48 per cent) and non-Corporations Act/SMSF (25 per cent).
The ICAA further informed the FRC that for practices reviewed during 2013-14 this was the first review of audit engagement files since the introduction of the Clarity standards. Practices are continuing to adapt their policies and procedures to the new requirements of the Clarity audit standards.
The ICAA is also enhancing its review approach for very small practices that conduct audit engagements to enhance audit quality at the smallest end of the profession. These practices will be subject to a more comprehensive review approach. Online questionnaires are being developed and will be piloted in the coming year. This initiative is part of the overall objective of enhancing audit quality at all levels, regardless of practice size.
CPA Australia’s QR program adopts a cyclical, risk assessment approach to selecting members for review. Member selection is defined by the following criteria:
- Public Practice Certificate (PPC) holders who are either a RCA or SMSF auditor are subject to review every three years; and
- All other members are reviewed on a four, three or one year cycle based on the outcome of their last review.
- members who receive a qualified report (assurance report) are reviewed after three years instead of four years; and
- members who are subject to further review (follow-up report) due to non-compliance issues are reviewed the following year.
For the year to 30 June 2014 the results of the QR Program were:
- 26.6 per cent Accept Reports with no departure from professional standards identified;
- 56.8 per cent Assurance Reports with minor departures from professional standards identified; and
- 16.6 per cent Follow-Up Review Reports where multiple departures from professional standards reported a breach of an audit standard identified. Any breach of an audit standard results in an automatic follow-up review the following year. Where breaches fail to be addressed, CPA Australia then treats the matter as a Professional Conduct matter which means an investigation is undertaken and disciplinary options may be pursued.
The majority of all auditing breaches identified by the QR Program related to audits of SMSFs. Education has been provided to members about the importance of perceived and actual independence, particularly with respect to compilation and audit engagements for SMSFs.
In the current review period (the 2014 calendar year) over 930 members are expected to complete a Quality Assurance review and 205 follow-up reviews are expected to be completed from the 2013 reviews.
Members considered to be low risk practitioners (i.e. do not perform audit or assurance engagements, insolvency or forensic work, and members who are not undergoing their first quality review), and members undergoing a follow up review are now performed by qualified in house staff rather than accredited contracted reviewers.
The IPA requires all members who are issued with a certificate of public practice to undertake a Public Practice Quality Assurance Review (PPQA) every three to five years. Members who are a registered company auditor or a self‑managed superannuation fund auditor are required to hold a certificate of public practice and must be reviewed every three years. All other members are reviewed every five years.
The IPA quality assurance review is designed to assist IPA public practitioners improve their work practices to best practice levels. This in turn ensures clients have security with the level of service and professionalism being provided.
The IPA undertakes a review of around 500 members in public practice every year. For the year to 30 June 2014, all reviews were conducted using an online data collection program in relation to member practice and their client base. Reviews are now undertaken as a desk based review and members must provide proof of their compliance with professional and ethical requirements of the IPA. A site visit and face to face review will only occur where evidence by the member has been considered insufficient to establish compliance with the standards, or if the IPA otherwise deems it necessary.
- 89 per cent of members reviewed met all professional standards and requirements or had minor non-compliance issues however they were resolved before the review was finalised.
- 11 per cent of members reviewed showed a level of non-compliance where follow up action was required.
- 21 members reviewed were self-managed superannuation fund auditors and met all professional standards and requirements and may have had minor non-compliance issues however they were resolved before the review was finalised.
- 1 member reviewed was a registered company auditor with a non-compliance issue (relating to continuing professional education records) requiring follow up action. This was resolved through contact with the member.
In undertaking its role in providing strategic advice on audit quality, the FRC is required to review disciplinary procedures. For this purpose, the FRC has sought information on the disciplinary procedures from ASIC and the professional accounting bodies. The FRC acknowledges and notes the work that is being completed by these bodies and will continue to assess the extent to which these procedures may impact upon audit quality.
During the year to 30 June 2014, ASIC obtained enforceable undertakings or orders from the Companies Auditors and Liquidators Disciplinary Board relating to the following auditors:
- Brian Kingston in relation to the audit of Wickham Securities Limited. Mr Kingston has been deregistered as a RCA;
- Anthony Hyndman in relation to the audits of Hargraves Secured Investments Limited, Webster Dolilta Finance Limited and Win Securities Limited. Mr Hyndman has been deregistered as a RCA;
- Wayne Wessels formerly of PKF’s East Coast Practice in relation to the audit of Kleenmaid Corporate Pty Limited. Mr Wessels was suspended as a RCA for 3 years;
- Martin Thompson and Alan Kwok of Wong and Mayes in relation to the audit of Boulder Steel Limited. Messrs Thompson and Kwok undertook to have an independent review of independence systems and staff training, and an independent review of three audits by Mr Thompson; and
- Warren Sinnott in relation to the audits of Banksia Securities Limited and related companies. Mr Sinnott has been deregistered as a RCA.
ASIC has also made arrangements to pass any of its draft Statements of Facts and Contentions concerning members of the ICAA and CPA Australia to those bodies to enable them to take appropriate disciplinary action.
The accounting bodies have provided the FRC with the following information concerning disciplinary matters for the year ended 30 June 2014:
- The ICAA Professional Conduct Tribunal heard five cases concerning auditors. Details are as follows, and subsequently will be made available on the ICAA website:
- 1 member, acting as the auditor of a public listed company, was referred to the Professional Conduct Tribunal after entering into an enforceable undertaking with ASIC.
- 2 members, acting as the external examiner of a legal trust account, were referred to ICAA by the Queensland Law Society.
- 1 member, acting as the auditor of a real estate trust account, was referred to ICAA by the Queensland Office of Fair Trading.
- 1 member, was referred to the Professional Conduct Tribunal following a decision of the Companies Auditors and Liquidators Disciplinary Board.
- No CPA Australia members holding a company auditor registration were referred to a Disciplinary Tribunal for audit breaches during the reporting period.
1 The Institute of Chartered Accountants Australia (ICAA) changed its name in July 2014 to Chartered Accountants Australia and New Zealand but as this report relates to the year to June 2014, references will be to the ICAA.