New audit reporting requirements will have a significant impact on how claims and inquiries are conducted.
Our Accounting integrity and conduct team specialises in investigating or providing expert opinion on allegations of accounting irregularities, negligence and misconduct. We expect the extended audit reporting requirements to have a significant impact on how claims and inquiries, particularly those involving auditors, are conducted.
Historically the audit report has comprised a boiler plate report providing a standard form opinion on the company’s financial statements, except where there was a modification to the audit opinion. More recently, audit reports for FTSE listed entities are required to provide bespoke information about the auditor's key judgements in arriving at the opinion such as their considerations of risk areas and levels of materiality.
These extended audit reports (EARs) have been signed for all FTSE listed entities since their 2013/14 year ends and similar requirements will apply to all AIM listed companies from 2017/18.
We expect EARs to have a significant impact on how cases involving financial misstatement are investigated because details of the auditor's key judgements are publicly available to relevant parties (which may include a combination of claimant, defendant company/management, defendant auditor and regulators).
This information will be available for relevant parties at the earlier of; release of the financial statements to the market; or their filing at Companies House. Previously detailed information of this nature would only have been known when parties either had access to the auditor's working papers and/or had access to the auditor's communication to those charged with governance. This would not normally be obtained by third parties (such as claimants against the company and/or regulators) until many months (or even years) after an allegation or dispute arises.
The EAR is now an important part of the initial analysis of a potential claim. It will assist a potential claimant in deciding whether to bring a case and how to formulate a claim prior to seeing audit working papers. The availability of information in the extended audit report will also impact on the formulation of a defendant’s strategy/case.
The extended audit reporting requirements
The FRC introduced requirements in 2012 (effective for years ending on or after 1 October 2012) which prescribe that auditors of 'Full list'1 entities provide extended audit reports detailing information on key decisions made by the auditor. The extended audit report was required to include an overview on the following matters:
- the risks of material misstatement identified as having the greatest effect on the overall audit strategy, the allocation of resources in the audit and directing the efforts of the engagement team
- the application of the concept of materiality, including the threshold selected by the auditor as being material to the financial statements as a whole
- an overview of the scope of the audit.
The impact of these requirements was to significantly increase the volume and detail of information provided by auditors to readers of financial statements. Previously the audit report was principally comprised of non-entity specific information in a pre-set format. The only exception was in situations where the auditor modified their audit opinion, in which case the auditor was required to explain why they had modified their report. Following the implementation of these requirements, audit reports must include audit information specific to the entity, replacing standard form statements.
Market practice has developed such that auditors are now going beyond the bare requirements set out above and are providing further information within audit reports. For example, the findings of the work completed by the auditor to address each assessed risk of material misstatement are occasionally included in the audit report.
The FRC has completed two reviews of the implementation of the extended auditor reporting requirements and has published reports on each review dated 2 March 20152 and 28 January 20163, including views they gathered from investors on this matter.
The FRC found that investors welcomed the additional information in the audit report and investors considered that auditors were providing them with relevant non-generic descriptions. The FRC also noted areas where investors would welcome further information including more explicit commentary on the auditor's view on the appropriateness of management estimates and greater insight on the auditor's assessment on the quality of an entity's internal controls.
In the case of the 28 January 2016 report, the FRC reviewed approximately 80% of the audit reports issued for FTSE 350 companies. The report also sets out where enhancements can be made by auditors to meet best practice. These enhancements include more frequent inclusion of commentary about what the auditor has found as a result of the work done on risks of misstatement.
Future developments in extended audit reporting
In its 'Development in Audit 2015/16'4 report issued on 15 July 2016, the FRC set out that similar requirements are expanded further with the adoption of ISA (UK) 700 (Revised June 2016) ‘Forming an Opinion and Reporting on Financial Statements’ and ISA (UK) 701 ‘Communicating Key Audit Matters in the Independent Auditor’s Report’, which contain similar requirements to extended audit reporting, being implemented for all public interest entities (PIEs), including credit institutions and insurance undertakings, and other listed entities, for years commencing on or after 17 June 2016.
The FRC has widened its definition of ‘listed entities’ to include any entity whose shares, stock or debt are quoted or listed on a recognised stock exchange, which includes any company in which the public can trade shares, stock or debt on the open market, and so includes companies listed on AIM and ISDX Markets.
The PCAOB, which regulates the audits of companies with listed securities in the US, has been consulting on the adoption of extended audit reports for entities under its jurisdiction and it is possible that what the PCAOB term "critical audit matters" may be required in the US for certain entities in the future.
The impact of extended audit reporting on dispute cases
In the past, when a potential claim is considered, there has been very little useful information available on the work of the auditor to a potential claimant/regulator in order to assess their case, unless they had access to the auditor’s communications to those charged with governance.
Since the introduction of the extended audit report there is significantly more information in the public domain for FTSE listed companies on the work and key judgements of the auditor. In the case of an allegation of financial misstatement, a number of matters can be considered which previously would only have been addressed after disclosure of the audit papers. In many previous cases a potential claimant may not have even got to that stage.
From a relevant party’s (claimant, defendant, auditor and regulator) perspective
The questions which the relevant parties could gain initial insight include the following:
- What was the auditor's performance materiality and how did they determine this threshold?5
- Did the quantum of the alleged misstatement exceed the materiality threshold disclosed by the auditor? E.g. why was materiality benchmark selected, and the particular percentage applied to that benchmark?
- Was the breach or misstatement in an area identified by the auditor as having a greater risk of misstatement? What was the auditor's approach to addressing this risk and what procedures did they perform? Should this work have identified the alleged misstatement?
- If the auditor did not consider the area where the breach or misstatement occurred as an area at greater risk of misstatement, is this judgement explained?
Where a dispute arises from alleged financial misstatement, the audit report will become an important part of the initial analysis of a potential claim. It will assist a potential claimant decide whether to bring a case and furthermore how to formulate their claim prior to seeing any audit working papers. The availability of information in the extended audit report will also impact on the formulation of a defendant’s strategy/defence.
Summary of the extended audit report requirements and their impact:
- Extended audit report is required for all entities whose equity is FTSE listed from 2013/14 year ends
- Similar extended audit reporting will be required for entities whose equity is listed on AIM from 2017/18
- Details of the auditor's key judgements such as their risk assessment and materiality considerations are publically available; and
- more information is available at an earlier stage for a relevant party (claimant / Defendant / regulator) to assess whether a claim would have merit prior to seeing the audit working papers
- Entities who are required to apply the UK Corporate Governance Code and those that chose voluntarily to report on how they comply with the Corporate Governance Code
- FRC finds good take-up of new auditor reporting requirements
- Investors welcome continued improvements in auditor’s reports
- Report on Developments in Audit
- Previously this could only be estimated based on generally accepted benchmarks and a judgement made on which benchmark and percentage under that benchmark was most appropriate for the entity in question