Home > Reports > FRC Report on Auditor Independence 2007-08 - Short Guide to the Auditor Independence Requirements in the Corporations Act

Appendix E

Short guide to the auditor independence requirements in the Corporations Act⁶

Audit of annual financial report

A company, registered scheme or disclosing entity must have the financial report for a financial year audited in accordance with Division 3 of Part 2M.3 of the Corporations Act 2001 (the Corporations Act) and obtain an auditor's report (section 301).

A small proprietary company is not required to prepare a financial report unless it is directed to do so under section 293 (shareholder direction) or section 294 (ASIC direction).

Appointment of individual, firm or company as auditor

The Corporations Act allows a company or registered scheme to appoint an individual, or a firm, or a company, as its auditor (section 324AA).

The underlying policy rationale of the Corporations Act is to ensure that audit work for a company or registered scheme is carried out by or under the supervision of one or more registered auditors.

• It is an offence for an individual to consent to be appointed as an auditor, or to act as auditor, or to prepare an audit report, if the individual is not a registered company auditor (section 324BA).
• Where an audit firm is appointed as the auditor of a company or registered scheme:
  • all of the registered company auditors who are members of the firm are treated as auditors of the company (section 324AB(1)); and
  • at least one member of the firm must be a registered company auditor who is ordinarily resident in Australia (section 324BB(5)).
• The CLERP 9 Act permitted auditors to incorporate and to be registered as an authorised audit company:
  • a company appointed as auditor must be an authorised audit company (section 324BC); and
  • Part 9.2A, which establishes a system for the registration of authorised audit companies, requires that:
    • each director of the company is a registered company auditor (section 1299B(a));
    • the audit company be controlled and majority owned by registered company auditors (section 1299B(c)); and
    • ASIC is satisfied that the company has adequate and appropriate professional indemnity insurance for claims that may be made against the company in relation to audits undertaken by the company under the Corporations Act.

A site map of the auditor independence provisions in the Corporations Act

Most of the auditor independence provisions are contained in Division 3 of Part 2M.4 of the Corporations Act. However, the requirements relating to the annual independence declaration and the disclosure requirements relating to non-audit services are contained in Divisions 1 and 3 of Part 2M.3 and the auditor rotation requirements are contained in Division 5 of Part 2M.4.

The general requirement for auditor independence

Australia has incorporated a general standard of independence as a cornerstone of its statutory requirements. The general requirement' for auditor independence is contained in Subdivision A of Division 3 of Part 2M.4 of the Corporations Act.

The general requirement obligations are framed around the question of whether a conflict of interest situation' has arisen (section 324CD). A conflict of interest situation' will arise where:

• an auditor is not capable of exercising objective and impartial judgment in relation to the conduct of an audit having regard to all relevant circumstances, including all relationships between the auditor and the audit client (the subjective test — independence in mind); or
• a reasonable person, with full knowledge of all relevant facts and circumstances, would conclude that the auditor is not capable of exercising objective and impartial judgment in relation to an audit, having regard to all relevant circumstance, including all relationships between the auditor and the audit client (the objective test — independence in appearance).

The inclusion of the general auditor independence requirement, in addition to recognising that an auditor must be independent in mind and appearance, also serves the purpose of ensuring that auditor independence is a comprehensive and continuing requirement in the sense that it applies to all circumstances relating to a particular audit, including all relationships between the auditor and the audit client.

Specific auditor independence requirements applying to employment and financial relationships

Subdivision B of Division 3 of Part 2M.4 of the Corporations Act contains the specific auditor independence requirements encompassing both employment and financial relationship restrictions for an individual auditor (section 324CE), an audit firm (section 324CF) and an authorised audit company (section 324CG).

The restrictions introduced by the CLERP 9 Act substantially implemented the relevant recommendations in the Independence of Australian Company Auditors Report (the Ramsay report) which described these specific restrictions' as a list of what can be regarded as core circumstances which, if they exist, necessarily mean that the auditor is not independent'.

There are three important aspects to the specific auditor independence requirements which must be recognised in order to fully comprehend how the provisions operate:

• the criminal liability aspects of the requirements;
• the content and scope of the specific restrictions; and
• the notification procedures.

The criminal liability rules

The specific requirements for individual auditors, audit firms and authorised audit companies are dealt with under separate provisions in the Corporations Act because different liability rules apply to individual auditors, firms and authorised audit companies.

The operation of the liability rules can be explained by reference to the requirements applying to audit firms under section 324CF of the Corporations Act. A fundamental principle of the criminal law is that only a natural person, a body corporate or a body politic can be held criminally responsible. An audit firm, being an unincorporated body, is not a legal person and thus cannot be prosecuted and it has been necessary to impose vicarious liability on the partners of the audit firm.

• A partner of an audit firm is liable to be prosecuted under a fault based offence (section 324CF(1)). For purposes of establishing a contravention under section 324CF(1), the evidential burden is placed on the prosecution to prove beyond a reasonable doubt each of the following elements of the offence:
  • the audit firm was engaged in audit activity' at a particular time;
  • a prohibited employment or financial relationship exists at that time;
  • the defendant was a partner of the firm at that time;
    • the fact that liability will fall on any partner of the firm who has knowledge of the independence breach, and not just a partner who is directly involved in the audit, encourages a firm wide culture of compliance;
  • the defendant knows about the breach (is or becomes aware that the firm was engaged in audit activity at the same time that a prohibited relationship exists); and
  • the defendant has not, as soon as possible after becoming aware of those circumstances, taken all reasonable steps to ensure that the audit firm does not continue to engage in audit activity in those circumstances.
• A strict liability offence for an inadvertent breach that provides a statutory defence which would allow the partner to escape liability by pointing to evidence that shows that he or she had reasonable assurance that the firm had in place a quality control system that provided reasonable assurance that the firm and its employees were complying with the auditor independence requirements section 324CF(2), (3) and (4).

Content and scope of the specific restrictions

The CLERP 9 reforms applied these restrictions on an all partner' basis, rather than just focussing on those persons in the audit firm with a close connection to the audit who would be able to influence the outcome of an audit (that is the professional members of the audit team). Following public consultation on the discussion paper Australian Auditor Independence Requirements: A Comparative Review (the comparative review), the Government decided to limit the restrictions in relation to financial investments to professional members of the audit team rather all the partners in the firm. This covered person' approach to the financial investment restrictions was implemented under the Corporations Legislation Amendment (Simpler Regulatory System) Act 2007 (the SRS Act).

The notification procedures

The CLERP 9 Act introduced notification procedures to ensure that there was a staged process in place before an auditor's appointment was terminated on the grounds of the auditor's failure to address a breach of a specific auditor independence requirement. It is important to emphasise that the operation of the notification procedure is quite separate from the criminal offence provisions in section 324CF(1) and (2). The staged procedures involve the following steps:

• An audit firm is required to notify ASIC within seven days if it becomes aware that there has been a breach of the independence rules that has not been resolved (subsection 324CF(1A) of the Corporations Act). Similar requirements apply to an individual auditor under subsection 324CE(1A) and to an audit company under subsection 324CG(1A) of the Corporations Act. No notification is required if the breach is resolved before the end of the seven day period. ASIC is required to give a copy of the notice to the audit client so that the company is put on notice that its auditor has an independence issue that needs to be resolved.
• After the firm has notified ASIC, the firm has a further 21 days (the remedial period) to resolve the conflict of interest situation (subsection 327B(2B)). Similar requirements apply to an individual auditor under subsection 327B(2A) and to an audit company under subsection 327B(2C) of the Corporations Act.
• An audit firm thus has a maximum period of 28 days after it becomes aware of a conflict of interest situation to rectify the conflict (the initial seven day period plus the 21 day remedial period).
• If the conflict of interest situation is not resolved at the end of the 21 day remedial period, the audit firm's appointment as auditor of the particular audit client automatically terminates (subsection 327B(2B)). Similar requirements apply to an individual auditor under subsection 327B(2A) and an audit company under subsection 327B(2C) of the Corporations Act.
• ASIC has been given the power to extend the remedial period of 21 days referred to in section 327B of the Corporations Act, in appropriate circumstances.

Cooling off period for former audit team partners

To deal with the threat to independence when a retired audit partner joins the board of an audit client, the Ramsay report recommended that there be a mandatory period of two years following resignation from the audit firm before a former audit partner could become a director of the client.

This recommendation was implemented by section 324CI of the Corporations Act which imposed a mandatory period of two years from the date of departure from the firm before a former partner of an audit firm, or a former director of an audit company, who was on the audit team can become an officer of the audit client. A similar restriction was imposed on the lead or review auditor of an authorised audit company under section 324CJ.

Following public consultation on the comparative review, the Government modified the way in which the two year separation period is calculated in the SRS Act by amending section 324CI(d) to ensure that the two year separation period commences from the date the auditor's report under section 308 (annual financial report) or section 309 (half year financial report) was made in respect of the latest audit in which the former partner or former director participated.

• For example, where a retiring partner had last worked on an audit of the audit client five years prior to the partner's departure from the firm, the partner would be able to become an officer of the audit client immediately after leaving the firm. Prior to the amendment made by the SRS Act, the retiring partner would have been required to wait for two years from the date of departure from the firm before joining the audit client.

A similar amendment was made in the SRS Act to section 324CJ(d) in relation to a former lead auditor or review auditor of an audit company.

Multiple former audit firm partner restriction

The HIH report recommended that in implementing the proposed CLERP 9 Act, the proposals for restrictions on employment relationships between an auditor and the audit client should include a prohibition on any more than one former partner of an audit firm, at any time, being a director of or taking a senior management position with the client'.

The HIH recommendation was implemented as part of the CLERP 9 Act reforms in section 324CK of the Corporations Act.

In its response to the Report of the Taskforce on Reducing Regulatory Burdens on Business, Rethinking Regulation, the Government announced that it would review the multiple audit firm partner restriction by the end of 2006. The Treasury progressed this review through its targeted consultation on the comparative review.

All the respondents agreed that the restriction in section 324CK serves a useful purpose, however there was also agreement that some changes should be made to address the perceived over reach of the existing requirement. The stakeholders proposed that former partners of an audit firm and former directors of an authorised audit firm who had departed from the firm or audit company for five or more years should be excluded from the restriction.

A minimum five year separation period was considered appropriate because the longer former partners have been out of the firm, the less likely they will be in a position to influence the current professional members of the audit team or be so familiar with the audit approach and testing strategy that they are able to circumvent them. A time limit is also easy to apply and enforce.

The SRS Act amended section 324CK(c) to limit the application of the restriction in section 324CK to a former member of an audit firm or former director of an audit company who becomes an officer of the audited body within a period of five years after the person ceased to be a member of the audit firm or a director of the audit company (as the case may be).

Auditor rotation

The auditor rotation requirements are contained in Division 5 of Part 2M.4 of the Corporations Act and were introduced as part of the CLERP 9 Act auditor independence reforms.

The rotation requirements only apply to audits of listed companies and listed registered schemes.

There are two basic auditor rotation requirements:

• The time out' rule in section 324DA(1).
  • The time out rule provides that an individual who has played a significant role in the audit of a particular client for five successive financial years is not eligible to continue to play a significant role unless the individual has not played such a role for at least two successive financial years. This means that:
    • where an individual auditor has been appointed as the auditor of the listed company or listed scheme, that individual and the review auditor (if any) must rotate; or
    • where an audit firm or authorised audit company has been appointed as the auditor of the company or scheme, only the lead auditor and the review auditor (if any) must rotate.
• The 5/7 rule' in section 324DA(1).
  • The 5/7 rule provides that an individual may not play a significant role in the audit of a particular audit client for more than five out of seven successive financial years. The 5/7 rule prevents an individual from avoiding the time out' rule, for example, in circumstances where an individual plays a significant role for four successive years, resigns from the audit for only one year and then resumes playing a significant role for another four successive years.

The rotation requirements do not require that the audit firm or the authorised audit company rotate.

ASIC has a limited power under section 342A of the Corporations Act to modify the rotation requirements. The relief power allows ASIC to:

• declare that the time out rule applies to an individual as if the references to five successive years were reference to six or seven successive years; or
• declare that the 5/7 rule applies to an individual as if the references to five out seven successive financial years were references to six out of seven successive financial years.

ASIC may only use its relief power if it is satisfied that, without modification, the rotation requirements would impose an unreasonable burden on:

• the individual registered company auditor (the lead auditor or review auditor in the case where an audit firm or audit company has been appointed the auditor of an audit client);
• the audit firm or audit company on whose behalf the lead auditor or review partner acts in relation to the audit; or
• the audit client.

Auditor's annual independence declaration

The CLERP 9 Act introduced a new requirement in section 307C of the Corporations Act that an auditor provide a declaration as to whether the auditor is aware of any contraventions of the auditor independence requirements of the Act or of any applicable codes of professional conduct. Where an audit firm or audit company has been appointed as the auditor of a company or registered scheme, the obligation to provide a declaration has been imposed on the lead auditor (section 307C(3)).

The SRS Act addressed a timing anomaly in the CLERP 9 requirements so that section 307C(5)(a) now provides that the declaration must either be given when the audit report is given to the directors of the company, registered scheme or disclosing entity or must satisfy the conditions in section 307C(5A).

For the purposes of section 307C(5A) a declaration must satisfy the following conditions:

• the auditor's independence declaration is given to the directors and the directors sign the report within seven days after the declaration is given to the directors;
• the auditor's report on the financial report is made within seven days after the directors' report is signed; and
• the auditor's report includes a statement to the effect that either the declaration would be in the same terms if it had been given to the directors at the time the auditor's report was made, or circumstances have changed since the declaration was given to the directors, and setting out how the declaration would differ if it had been given to the directors at the time the auditor's report was made.

Non-audit services

Australia opted not to impose a legislative ban on non-audit services. The Ramsay report considered whether non-audit services should be dealt with exclusively in either the Corporations Act or the ethical rules or whether a co-regulatory model might be appropriate. The Ramsay report concluded that the arguments favoured retaining the professional ethical rules, updated to reflect the IFAC Code requirements, as the basic guidance on maintaining audit independence when providing non-audit services to audit clients. In particular, the Ramsay report said that it had not uncovered any evidence to suggest that there were systemic failures within the accounting profession in complying with the ethical rules for providing non-audit services to clients.

The Ramsay report also recommended enhanced disclosure in a company's financial statements in relation to non-audit services provided by the external auditor, either as part of the accounting standards or as an amendment to the Corporations Act.

The Government adopted the basic approach recommended by the Ramsay report. The regulatory regime in Australia in relation to non-audit services comprises a matrix of requirements in the Corporations Act, the Accounting Standards and the professional accounting bodies' ethical rules:

• section 300(11B) of the Corporations Act provides that the annual directors' report of a listed company must disclose the fees paid for non-audit services provided by the auditor during the financial year, as well as a description of each service. In addition, the board of directors (in accordance with advice of the audit committee where applicable) is required under subsection 300(11D) to make a statement that they are satisfied that the provision of non-audit services is compatible with the general auditor independence requirement imposed by the Corporations Act and an explanation of why those non-audit services do not compromise auditor independence;
• the general auditor independence requirement imposed on auditors under the Corporations Act applies to any non-audit service arrangement between an audit firm and an audit client. This enables ASIC to challenge a particular non-audit service arrangement when it considers that the arrangement creates a subjective and/or objective threat to the auditor's independence;
• a non-audit service provider (defined in section 9) for an auditor conducting an audit is subject to a number of financial investment restrictions if the provider exceeds a maximum hours test relating to the provision of non-audit services (10 hours) either during the period to which the audit relates or during the 12 month period immediately before the audit commences (section 324CE(5), table item 5 (individual auditor); section 324CF(5), table item 6 and section 324CF(6) (audit firm) and section 324CG(9), table item 6 and section 324CG (audit company));
• the Accounting Standards (AASB 101: Presentation of Financial Statements: Aus 126.1 and Aus 126.2) also require disclosure by an entity and by a group of details of non-audit services provided to the entity and to the group; and
• the Code of Ethics for Professional Accountants (APES 110) implements the ethical rules adopted by the International Federation of Accountants (the IFAC Code) in relation to non-audit services.

APES 110 recognises that non-audit services may create threats to the audit firm's independence and requires auditors to evaluate the significance of any threat created by the provision of such services. APES 110 provides that in some cases it may be possible to eliminate or reduce the threat created by the application of safeguards. In other cases, no safeguards are available to reduce the threat to an acceptable level, and if this is the case, APES 110 requires either the audit services or the non-audit services to be refused (APES 110: paragraph 290.158).

---

⁶ This guide was prepared by the Treasury.