The passage of the Corporations Legislation Amendment (Audit Enhancement) Act 2012 had significant implications for the functions of the FRC. The Audit Enhancement Act replaced the FRC's auditor independence oversight role with a strategic oversight role regarding audit quality more broadly. As such, the report on the FRC's auditor independence function covers the period from 1 July 2011 to 27 June 2012, the date the Audit Enhancement Act entered into effect. ASIC is the key regulator under the Corporations Act and responsibility for the surveillance, investigation and enforcement of the financial reporting requirements of the Corporations Act, including the enforcement of auditor independence and audit quality requirements.
For this period, the ASIC Act provided that the FRC's functions included monitoring the effectiveness of auditor independence requirements in Australia and the provision of reports and advice about this matter to the Minister. This part of the report has been prepared in accordance with the repealed section 235BA of the ASIC Act as effective until 27 June 2012, which required the FRC to give the Minister a report each year on the performance by the FRC of its auditor independence function.
Australia has comprehensive legislative and professional requirements concerning the independence of auditors. The principal requirements are:
- divisions 3 and 5 of Part 2M.4 of the Corporations Act, which set out the requirements that have to be satisfied by the auditors of those entities that are subject to the audit requirements of the Act;
- auditing standard ASA 220 Quality Control for an Audit of a Financial Report and Other Historical Financial Information;
- auditing standard ASQC 1 Quality control for firms that perform audits and reviews of financial reports and other financial information, and other assurance engagements;
- section 290 of the Code of Ethics for Professional Accountants (APES 110); and
- APES 320 Quality control for firms.
Under the Corporations Act, all disclosing entities, public companies (except some companies whose members' liability is limited by guarantee), large proprietary companies and registered schemes are required to prepare financial reports and have them audited. These audits must be conducted by auditors or audit companies registered by ASIC for that purpose.
To complement legislative and professional auditor independence requirements, appropriate institutional arrangements are in place to monitor compliance with those requirements and, where necessary, take appropriate follow-up action. The principal organisations making up these institutional arrangements are Australian Securities and Investments Commission (ASIC), the Australian Securities Exchange (ASX), The Institute of Chartered Accountants in Australia (ICAA), CPA Australia, the Institute of Public Accountants (IPA), the Accounting and Professional Ethics Standards Board (APESB), the Companies Auditors and Liquidators Disciplinary Board (CALDB) and the FRC.
4.2 Systems and processes of Australian auditors
The ASIC Act required the FRC to monitor and assess the nature and overall adequacy of the systems and processes used by audit firms to ensure compliance with auditor independence requirements.
During the period under review, the FRC performed this function by gathering information from ASIC under the terms of its Memorandum of Understanding (MOU) with that body, by reviewing reports published by the ICAA, by requesting information from the professional accounting bodies under the terms of its MOUs with those bodies and consulting other appropriate bodies with interests in these matters. Whilst ASIC has identified areas for improvement within certain audit firms on the basis of its work during the period covered by this report, the FRC did not become aware of deficiencies in the underlying systems and processes used by audit firms to ensure compliance with auditor independence requirements.
4.2.1 Report from ASIC
The MOU that the FRC has entered into with ASIC provides for periodic consultation and information sharing between the two bodies to assist them in undertaking their respective responsibilities under the law. ASIC's 2011‑12 report to the FRC summarises ASIC's observations and findings in relation to the independence systems and processes of selected firms where inspections were either in progress on 1 July 2011 or commenced after that date and were substantially completed by 30 June 2012. As in past years, the report by ASIC constitutes a key source of information for the FRC with respect to its responsibilities in this area during 2011-12.
The last ASIC audit inspection program report was issued in June 2011 and covered findings from the inspection of 21 firms completed in the period between 1 July 2009 and 31 December 2010. The next audit inspection program report will be released in November or December 2012, and will cover the period between 1 January 2011 and 30 June 2012. For the purposes of ASIC's report to the FRC on the 2011-2012 audit inspection program, ASIC has divided Australian accounting firms into three broad groups:
- larger national firms that audit numerous listed entities and are national partnerships or authorised audit companies and members of a global network with multiple offices;
- other national and network firms that are national partnerships or authorised audit companies that audit many listed entities and are members of a national or international network; and
- smaller firms that audit a limited number of listed entities and have a small number of partners.
During the period ending 30 June 2012, ASIC completed inspections of 11 selected firms: three were larger national firms, three were other national and network firms and five were smaller firms. With the exception of the five smaller firms, the firms inspected during the period have been previously inspected at least once, with a large number of these firms being inspected a number of times. One of these inspections was conducted jointly with the Canadian Public Accountability Board (CPAB) and two were conducted jointly with the US Public Company Accounting Oversight Board (PCAOB).
ASIC has informed the FRC that its inspection approach varies between different firms.
- For firms that have been previously inspected a number of times, ASIC focuses on significant changes to independence systems, policies and processes and actions taken by the firms in response to its previous inspection observations and findings.
- Firms visited for the first time are subject to a full review of key quality control systems, policies and processes relating to auditor independence.
- In the case of smaller firms, ASIC's consideration of their compliance with the independence requirements of the Corporations Act is limited to high-level enquiries with the firms' leadership and independence‑related matters specific to the audit engagement files selected for review.
Summary of ASIC's inspection findings
ASIC has informed the FRC that the firms it had inspected previously continued to maintain or improve their quality control systems, demonstrating their commitment to auditor independence.
Firms have implemented quality control systems to ensure compliance with the independence requirements of the Corporations Act and professional quality control and ethical standards. The extent and complexity of these systems vary depending on the size and nature of the firm.
However, ASIC has also advised the FRC that it continues to have concerns about the number of findings at inspected firms about independence processes and about contraventions of the rotation and other independence requirements of the Corporations Act.
Larger national firms
Three larger national firms were inspected by ASIC during 2011-12. In ASIC's view, the firms inspected have established adequate independence policies and processes to facilitate compliance with auditor independence requirements of the Corporations Act and professional standards. Across the firms inspected, leadership remains committed to an appropriate 'tone at the top' that emphasises the importance of audit independence. ASIC observed findings for the larger national firms from ASIC inspections indicate areas for continued improvement in the application of established policies and procedures.
ASIC found two instances of potential perceived threats to independence at one larger national firm.
- One instance concerned the decision to change the engagement partner for an ASX listed client and the provision of non-audit services to another ASX listed client. At a minimum, these cases raised concern at ASIC about the appearance of independence.
- At another larger national firm ASIC was advised of two rotation breaches where the Engagement Quality Control Reviewer (EQCR) played a significant role for more than five years.
Other national and network firms
Three other national and network firms were inspected by ASIC during 2011-12. ASIC found that those firms that have been inspected more than once generally made improvements to their quality control systems. However, ASIC reports that it continues to have concerns about the number of findings at some firms in respect of their independence policies and processes.
In ASIC's opinion, independence is fundamental to the conduct of a quality audit and the leaders of these firms need to ensure that they give strong and clear messages about the importance of independence to set an appropriate 'tone at the top'.
Specific observations made by ASIC as a result of these inspections include:
Independence policies and processes:
- ASIC generally found that the other national and network firms it inspected have policies and processes in place to facilitate compliance with the independence requirements of the Corporations Act and professional standards. However, it noted that the completeness and adequacy of the independence policies and processes varied across the firms inspected, reflecting the nature or maturity of the network structure of some of these firms. ASIC has informed the FRC that the independence policies and processes of these firms need improvement to ensure that their policies and processes are consistent with the Corporations Act and professional standards and are applied consistently across the member firms. Specific observations made by ASIC as a result of its inspections of other national and network firms included that:
- one firm needed to update the independence policies and procedures to ensure they reflect all the changes in the revised APES 110 issued in December 2010;
- one firm did not have a clear process to document the factors (including independence) impacting on remuneration of its directors;
- the member firms of one network do not have a consistent approach to independence oversight and in some cases do not have a dedicated independence monitoring resource;
- one firm needs to improve its policies and practices to ensure that all member firms undertake and document independence consultations;
- one firm should consider implementing a formal system to record relevant relationships and financial interests of partners and senior staff to enable testing of the accuracy and completeness of the annual independence declarations of partners and senior staff; and
- one firm did not adequately document its consideration of the threats and safeguards to its appearance of independence where a director from the firm appeared at a public hearing, creating a potential advocacy threat which could impact upon the firm's independence.
Testing independence systems
- One of the three other national and network firms inspected during the period did not test their independence systems and processes, including the declaration of financial interests, to ensure that they are meeting the requirements of the Corporations Act and professional standards. ASIC has expressed the view that, without an appropriate testing program, firms can only place limited reliance on the effectiveness of their independence systems and processes. It is of the view that where firms are testing their independence systems and processes, the communication of the results of the testing process to all personnel can send a strong and clear message about the importance of independence.
Five smaller firms were inspected by ASIC during the period. ASIC has also informed the FRC that, in conducting its inspections and in determining its observations and findings in respect of the smaller firms, it is conscious of their size and nature. However smaller firms undertaking audits are still required to comply with their legal and professional obligations.
ASIC found that most of the smaller firms inspected had a basic level of independence policies and processes in place. However, its inspections showed areas that could be improved to ensure that the firms are complying with the legal and professional independence requirements.
ASIC observed that one smaller firm had breached statutory auditor rotation requirements for two listed audit clients, where both the audit partner and the EQCR had acted in their roles for more than five years. For another three listed audit clients, the approaching deadline for rotation means the smaller firm was in danger of further breaches if action was not taken.
ASIC also observed that another smaller firm had not considered or put into place appropriate plans to prepare for impending auditor rotation in order to meet the requirements of the Corporations Act.
Other auditor independence matters noted by ASIC
ASIC has also provided the FRC with information about other auditor independence issues that it became aware of outside its regular inspection program. In brief, these issues included:
Conflicts of interest
- ASIC has provided the FRC with an update on two conflicts of interest matters mentioned in its 2011 report to the FRC:
- In one matter, immediate family members of an auditor (a partner of a smaller firm) held a substantial amount of shares in the company at the time that the auditor signed the audit report. ASIC has referred this matter to the Commonwealth Director of Public Prosecutions (CDPP).
- In another matter, ASIC noted that an auditor from a smaller firm held financial interests in and owed amounts to an audited body. A brief of evidence on this matter has been provided to the CDPP in regard to auditor independence breaches and it is expected that charges will be laid against the auditor.
- At one larger national firm, three auditor's independence declarations were qualified, each and separately due to the larger national firm remunerating a consultant who became a director of an audit client. Subsequent to the larger national firm entering into the consulting arrangements, the three respective individuals became directors of audit clients. These matters were disclosed in the firm's Transparency Report 2011 and reported to ASIC.
Consent to resign as auditor
- ASIC received 16 applications from auditors (eight from smaller firms, six from other national and network firms and two from larger national firms) seeking consent to resign from an audit during the period where the auditor claimed to have lost independence as a result of one of the conflict of interest situations identified in the Corporations Act or professional standards.ASIC consented to the resignation of the auditor in 11 cases. In the other five cases (three where the audit firm was suing for outstanding fees, one case where the audit firm accepted an engagement to provide non-audit services, and one case where the partner of an audit partner became an officer of the audited body), the audit appointment ceased because of the expiry of the 21 day period specified in subsection 327B(2B) of the Corporations Act. ASIC has informed the FRC that firms need to be aware that creating a deliberate conflict of interest situation is an offence under section 324CM of the Corporations Act.
Auditor rotation requirements
- In April 2012 ASIC accepted an enforceable undertaking from an auditor who had been previously included in ASIC's reports as having played a significant role in an audit client for more than five successive years.
Relief from the auditor rotation requirements
- Under subsection 342A of the Corporations Act ASIC is able to extend the rotation period by one or two years on application by the auditor. ASIC will only grant an extension of the period in exceptional circumstances. ASIC has informed the FRC that during the period it received two applications from auditors seeking an extension of the rotation period under the Corporations Act:
- In one case, the application was granted on the grounds that the circumstances were exceptional and requiring the auditor to meet the auditor rotation requirements of the Corporations Act would have created unreasonable burden on the audited body.
- In the second case, the application was refused because no exceptional circumstances were noted.
4.3 Quality review programs and disciplinary procedures of professional accounting bodies
Under the ASIC Act, the FRC is required to monitor and assess:
- the nature, overall adequacy and effectiveness of: the systems and processes used by the professional accounting bodies for planning and performing quality assurance reviews of audit work undertaken by Australian auditors to the extent that those reviews relate to auditor independence requirements;
- the action taken in response by auditors who have been subject to such reviews; and
- the action taken by the professional accounting bodies to ensure that auditors are responding appropriately.
In addition, the FRC is required to monitor and assess the nature and overall adequacy of the investigation and disciplinary procedures of the professional accounting bodies as those procedures apply to Australian auditors.
During 2011-12, the FRC continued to meet these requirements by seeking relevant information from the professional accounting bodies and reviewing publicly available material issued by those bodies.
During the year, the FRC did not become aware of any deficiencies in either the systems or processes used by the professional accounting bodies for planning and performing quality reviews of audit work, or in the overall adequacy of their investigation and disciplinary procedures.
4.4 Quality review programs
ICAA members who hold a Certificate of Public Practice (CPP) are required to undergo the Quality Review Program in accordance with the policies and procedures governing the operation of the Program. The ICAA has informed the FRC that the Program has been designed to assess whether members in public practice have the appropriate quality control policies and procedures in place to comply with professional standards and regulatory requirements.
All practices that sign off on audits requiring registered company auditor (RCA) registration are reviewed at least once every three years. All other practices (including those with an RCA but not conducting RCA audits) are reviewed once every five years. Information provided by the ICAA indicates that during the year ended 30 June 2012, it completed reviews of 412 practices with 76 per cent of total review reports recording either no departures from professional standards or departures from professional standards that are not classified as serious.
The ICAA divides the group of practices that conduct audits into two key types: those that conduct audits under the requirements of the Corporations Act; and those that conduct other types of audits. The reviews conducted during 2011-12 found that two per cent of the practices that conduct Corporations Act audits had no departures from professional standards. All other practices of each type had departures from professional standards, although these departures were not classified as serious for 67 per cent of the practices that conduct Corporations Act audits and 78 per cent of the practices that undertake other types of audits.
For the purpose of its quality review program, the ICAA divides its members' practices into five size categories: sole practitioners; practices with two of four practitioners; non-mid-tier practices with five or more practitioners; mid-tier practices and the Big 4. The key focus of the Quality Review Program in 2011-12 was the review of audit practices of five major firms. The ICAA has advised the FRC that, as the Audit Quality Review Board1 (AQRB) has completed its mandate, ICAA reviews of the major firms have recommenced.
The ICAA has informed the FRC that, during the year, it continued to see a trend of members either specialising in audit, or resigning from all audit engagements as members recognise that auditing is an advanced technical skill. The ICAA has expressed the view that this trend reflects the increasing complexity of practice and regulation of audit, requiring a significant investment of practice resources to maintain audit competence.
The ICAA also has informed the FRC that, although overall compliance with the auditing standards continues to improve, based on the results of the 2011-12 reviews its main concern continues to be a lack of documentation in relation to the audit opinion issued or insufficient documentation in a particular audit area.
In the area of auditor independence, the following areas of non-compliance with the requirements of APES 110 Code of Ethics for Professional Accountants were noted:
- no documentation or inadequate documentation when considering threats to independence (11 per cent of the 412 practices reviewed);
- appropriate safeguards were not adequately applied when carrying out auditing and accounting functions for a client (10 per cent of practices reviewed); and
- auditing the SMSF of a partner in their practice (2 per cent of practices reviewed).
4.4.3 CPA Australia
CPA Australia has advised the FRC that as at 30 June 2012, 5,807 of its members held a CPA Australia Public Practice Certificate (PPC) while 1,076 held an ICAA Practice Certificate. All members who hold a PPC are subject to CPA Australia's Quality Assurance (QA) program. A total of 1,173 members are RCAs.
CPA Australia's QA program adopts a cyclical, risk assessment approach to selecting members for review. Member selection is defined by the following criteria:
- members who receive an unqualified report ('accept report') are reviewed after four years except where they are RCAs, in which case they are reviewed after three years;
- members who are required to provide assurances prior to acceptance of the report ('assurance report') are reviewed after three years; and
- members who are subject to a further review because of non‑compliance issues are reviewed in the following year.
Every type of public accounting service offered by a member is reviewed by a specially trained QA Reviewer using questionnaires specific to the particular type of service as part of the file review process. QA Reviewers participate in ongoing face-to-face training programs supported by regular updates on standard changes and observations from the program. All questionnaires and working papers that form the basis of a review program are updated regularly to reflect changes to auditing and assurance standards, professional standards and relevant legislation and regulations.
In 2011-12, the reviews conducted under CPA Australia's QA program found that 81 per cent of those reviewed were either fully compliant or had only minor departures from professional standards.
During 2011-12, 58 breaches of auditor independence requirements were identified, with the vast majority relating to audits of SMSFs.
For the 2012 calendar year, over 1,178 members (including 60 RCAs) are expected to complete a QA review. In addition, 129 follow-up reviews (including 17 of RCAs) are expected to be completed.
From 1 July 2011, CPA Australia members were required to adhere to the revised APES 110 Code of Ethics for Professional Accountants. The updated code aligns Australia's professional requirements with international standards and includes Australian specific requirements relating to inadvertent violations and multiple threats to auditor's independence.
No issues related to the revised code were identified in the APESB six monthly review process in February 2012 and CPA Australia has not identified any issues subsequently. The code will be reviewed again in February 2013.
The IPA has informed the FRC that it requires all members who are issued with a PPC to undertake a Public Practice Quality Assurance Review (PPQA) every three to five years. Members who are Australian auditors must be reviewed every three years.
In the period 1 July 2011 to 30 June 2012, the IPA undertook over 500 PPQA reviews of PPC members. The IPA has advised that, to the best of its knowledge, none of the reviews undertaken during this period involved an Australian auditor.
The IPA has also informed the FRC that it has a policy that any joint members (that is, those who are a CPA Australia or ICAA member) who have been subject to a PPQA by their other body in the last two years are exempt from the IPA PPQA. The purpose of this is to avoid the member being excessively audited on the same issue.
For the financial year 2011-12, all reviews were conducted in part using an online data collection program in relation to member practice and their client base. Reviews are still undertaken in a face to face situation and members must provide proof of their compliance with professional and ethical requirements of the IPA. The IPA has advised the FRC that it anticipates the new system will assist it in reporting on members, including Australian auditors.
4.5 Disciplinary procedures
The professional accounting bodies have provided the FRC with the following information concerning disciplinary matters for the year ended 30 June 2012:
- The ICAA has informed the FRC that during the year ended 30 June 2012 there were no disciplinary cases involving a breach of the ICAA's auditor independence requirements. No ICAA members were referred to the CALDB for issues relating to auditor independence during the reporting period.
- CPA Australia has advised that its Disciplinary Tribunal made three adverse findings against members relating to auditor independence. All of these adverse findings related to audits of SMSFs by non-RCAs. There were no disciplinary actions taken against RCAs in respect of auditor independence. The outcomes of all professional conduct complaints heard by a Disciplinary Tribunal have been published on CPA Australia's website. No CPA Australia members received an adverse finding from the CALDB during the reporting period.
- The IPA reports that it has not taken any disciplinary action in 2011-12 against any members who have identified themselves as Australian auditors. The IPA also reported that it did not investigate any complaints about members who are Australian auditors in relation to a breach of the IPA's independence requirements.
- None of the professional accounting bodies are aware of the referral of any members to the CALDB during the year ended 30 June 2012 for a breach of auditor independence requirements.
4.6 Teaching of ethics by the professional accounting bodies
The ASIC Act requires the FRC to promote, and monitor the adequacy of, the teaching of professional and business ethics by, or on behalf of, the professional accounting bodies to the extent to which the teaching of those subjects relates to auditor independence.
During 2011-12, the FRC monitored the adequacy of the teaching of ethics by obtaining relevant information from the professional accounting bodies. On the basis of the information supplied by the bodies, the FRC considers that the teaching of ethics by each of the bodies continues to be adequate.
4.7 Audit-related disclosure requirements
Before the legislative changes, the FRC was required by the ASIC Act to monitor the overall compliance by companies, registered managed investment schemes and disclosing entities with audit-related disclosure requirements of the Corporations Act and the accounting standards. A summary of these requirements is provided in Appendix E.
The MOU between the FRC and ASIC provided for ASIC to give the FRC regular reports identifying matters arising from its financial reporting or auditor surveillance activities in relation to compliance by auditors and companies with the independence disclosure requirements in Part 2M.3 of the Corporations Act. The MOU with the ASX also provides for that body and the FRC to exchange information.
ASIC has informed the FRC that, as part of its financial reporting surveillance program, it examined independence declarations under section 307C of the Corporations Act for 480 listed entities for financial years ended on 30 June 2011 and 31 December 2011. Section 307C independence declarations were also examined as part of its audit inspection program. ASIC has reported that no auditor independence issues were noted from these reviews.
In addition, ASX informed the FRC that its technical review of financial reports lodged with it included an examination of the form and location in the financial reports of the auditor independence declarations required under section 307C of the Corporations Act and disclosed by directors under subsections 298(1) and 306(2) of the Act. The ASX's June 2010 and December 2010 reviews found that the preferred format continued to be for the declaration to be presented as a separate attachment to the directors' report.
4.8 International developments in auditor independence
Until the entry into force of the legislative amendments on 27 June 2012, paragraph 225(2B)(e) of the ASIC Act provided that the FRC was to monitor international developments in auditor independence, assess the adequacy of the Australian auditor independence requirements provided for in the Corporations Act and the codes of professional conduct in the light of those developments and give the Minister, and the professional accounting bodies, reports and advise on any additional measures needed to enhance the independence of Australian auditors.
The FRC undertook this function through the monitoring and consideration of general media reports about audit independence issues, as well as material placed on the internet websites of key overseas oversight and standards setting bodies and other regulatory agencies.
During 2011-12, the FRC has observed with interest a range of developments in Europe and North America that have implications for both auditor independence and the broader issue of audit quality. The more significant of these developments include:
- The UK Financial Reporting Council updates to the UK Corporate Governance Code in response to consultation in April 2012 continues to apply on a 'comply or explain' basis. Included in the amended Code is the requirement that FTSE 350 companies put the external audit contract out to tender at least every ten years; more informative reporting by audit committees, including on the process for appointing the external auditor will be encouraged; Boards will set out in the annual report why they consider the report to be fair, balanced and understandable; and audit committees will expressly advise boards on this issue.
- The IAASB Invitation to Comment Improving the Auditor's Report, in June 2012. The IAASB's paper was issued in June 2012 and sets out proposals for improving the usefulness of the auditor's report with a view to implementing revised final auditing standards in mid-2014.
- The European Commission (EC) legislative proposal to improve the quality of audits of public-interest entities in November 2011. The proposal was released on 30 November 2011 and follows consultation on the EC's Green Paper Audit Policy - Lessons from the Crisis, which sought to address shortcomings in the European audit system identified by the Global Financial crisis. The proposals in the paper could have global implications in relation to the regulation of audit firms and the way that those firms conduct their practices. The EC process is still in its early stages, and the final legislation is not expected for a couple of years.
- The US Public Company Accounting Oversight Board (PCAOB) released a concept release dated 16 August 2011 on auditor independence and audit firm rotation in August 2011.
- The PCAOB is expected to finalise in 2012 its proposed auditing standard related to communications with audit committees which addresses certain areas for which no corresponding requirements exist in international auditing standards namely; significant issues discussed with management in connection with the auditor's appointment or retention; the auditor's evaluation of the quality of the company's financial reporting; and expanded discussions regarding significant and unusual transactions, the auditor's work with respect to going concern, and uncorrected and corrected misstatements.
The FRC will maintain a watching brief on these developments to determine whether to respond to these developments and will actively engage with stakeholders in its 2012-13 overseas trips.
1 The AQRB was established in December 2005 to act as an independent review body. The AQRB's primary purpose was to monitor the processes by which participating audit firms seek to ensure their compliance with applicable professional standards and legal obligations in relation to independence and audit quality with respect to financial statement audits of publicly listed entities. Participation in the program was voluntary and available to all Australian audit firms which audited listed companies. The AQRB completed its three year charter in February 2009.