Included in this issue of our Governance & Compliance Update: Brydon review into the quality and effectiveness of audit; FRC updates Ethical Standard and Auditing Standard and more...
Brydon review into the quality and effectiveness of audit
The recommendations of the report focus on improving the audit standards of "public interest entities", which predominantly focus on UK companies with debt or equity securities admitted to trading on a regulated market, such as the main market of the London Stock Exchange. Brydon suggests that, in the interests of proportionality, some recommendations should apply initially only to those in the FTSE 350.
The recommendations include:
- In order to address the "audit expectations gap", the following statement should be endorsed and adopted by the Audit, Reporting and Governance Authority (ARGA) (the proposed successor body to the Financial Reporting Council (FRC)) and enshrined in the Companies Act 2006 (2006 Act): "The purpose of an audit is to help establish and maintain deserved confidence in a company, in its directors and in the information for which they have responsibility to report, including the financial statements".
- ARGA should create a new profession of corporate auditing to encompass today's auditors and others with appropriate education and authorisation, governed by overarching Principles of Corporate Auditing (Principles)
- The Principles should include a statement that auditors act in the public interest and should have regard to the interests of the users of their report beyond solely those of shareholders.
- Each audit report should contain a statement to the effect that in conducting the audit, the auditor has acted faithfully in accordance with the Principles.
- Auditors should be free to include original information materially useful to a wide range of users in their audit report and at the AGM, and not be confined to commenting on that which has already been stated by directors.
- The existing obligations of an auditor to read and consider other information in an annual report and to report if they consider it to be materially misstated should be extended to information outside the annual report that is used in investor presentations and RNS announcements.
- Directors should actively seek employee views regarding audit scope and report back to them on how they have taken their views into account.
- Shareholders should be given a formal opportunity to propose matters they wish the audit to cover.
Auditor effectiveness and independence
- Audit firms should ensure a clear separation between the team which negotiates the audit fee and the team which carries out the audit(s).
- Firms should publish the profitability of their audit work, and also the remuneration of their Senior Statutory Auditors and the performance measures related to that remuneration.
- Auditors should disclose the hours spent on each audit by each grade within the audit team.
- Audit Committees should agree an annual assurance budget, within which they have primary responsibility for negotiating and agreeing audit fees, and which sets a framework for company spending on any other assurance work. There should be greater transparency on audit fees.
More say and information for shareholders
- The Audit Committee should publish a three-year rolling "Audit and Assurance Policy" which should be put to an annual advisory vote of shareholders at the AGM. The Policy should indicate the approach to auditor appointment, the scope and materiality of all auditing and the assurance budget.
- A standing item should be added to AGM agendas enabling questions to be put to the chair of the Audit Committee and the auditor.
- Clear reasons should be given for any auditor resignation, dismissal or decision not to participate in a retender, and auditors and companies should answer relevant questions in a general meeting in certain circumstances.
- Audit Committees should publish minutes of their meetings with a time-lag of 12-18 months and with appropriate redactions.
Internal control and "resilience"
- The Government should consider mandating a UK "Internal Controls Statement" – akin to the US equivalent - consisting of a signed attestation given by the CEO and CFO to the board that an evaluation of the company's internal controls over financial reporting has been completed and a statement as to whether or not they were effective. The statement should be provided 28 days before the accounts of the company for the relevant financial period are signed. Companies should disclose any material failure of their internal controls, with such disclosed failure leading to the CEO / CFO attestation being subject to audit for the following three reporting years.
- The board should make a "Resilience Statement" that would replace the current going concern and viability statements. The Resilience Statement would include a short-term going concern opinion, a medium-term statement of resilience and long-term consideration of the risks to resilience. In turn, auditors should report to the board if they have encountered any information in the course of their audit which leads to an anxiety about the resilience of the business not reflected in the Statement.
- ARGA should make it clear that it is the obligation of an auditor to endeavour to detect material fraud "in all reasonable ways". It should establish an independent Auditor Fraud Panel to which it would refer the results of investigations into auditor failure to detect material frauds. The Panel should be equipped to levy sanctions on auditors as appropriate.
- Directors should report on the actions they have taken to fulfil their obligations to prevent and detect material fraud against the background of a fraud risk assessment.
Public Interest Statements
- As part of the strategic report in an annual report, directors should set out in a "Public Interest Statement" how they view the company's legal, financial, social and environmental responsibilities to the public interest and how the company has acted to meet this public interest over the previous period.
"True and fair" and the Audit report
- The company law concept of "true and fair" should be replaced with "present fairly, in all material respects", to reflect the difficulty in using the former term given the increasing use of estimates in corporate reporting.
- The Audit Report should state the extent to which the audit has yielded sufficient evidence of consistency between the content of the Public Interest Statement and the annual report taken as a whole. The auditor should state whether, based on the evidence reviewed, the Public Interest Statement is "presented fairly in all material respects".
- Alternative Performance Measures, KPIs used for the purpose of calculating executive remuneration and, to a certain extent, company supplier payment practices should be subject to audit. Disclosure of payment practices should be brought into the annual report.
- Audit reports should include a new section in which the auditor states whether the company's section 172 statement is based on "observable reality".
- Audit reports should also state that the work performed to conclude whether the directors' statement regarding the actions they have taken to prevent and detect material fraud is appropriate and what steps the auditor has taken to assess the effectiveness of the relevant controls and to detect any such fraud.
- Dividends - When proposing a dividend, directors should make a statement that the payment in no way threatens the existence of the company in the ensuing period and the dividend is within known distributable reserves. Where distributable reserves are deemed ‘similar’ in size to a proposed dividend, directors should only be able to recommend that dividend if the level of the distributable reserves is established and payment of the dividend is consistent with the directors’ obligations under the 2006 Act and with the company's Resilience Statement. Such distributable reserves would be subject to audit.
- Auditor liability – Company law should be amended to provide that use of Liability Limitation Agreements by company boards, proposed in good faith, do not represent a breach of directors' responsibilities.
- Brydon suggests that a follow-up review take place in 2025 to assess how the recommendations in his report, those from Sir John Kingman (see our G&C update Issue 136) and those from the Competition and Market Authority’s report on proposed reforms to the statutory audit market (see our G&C update Issue 141) have been implemented.
FRC updates Ethical Standard and Auditing Standard
The FRC has published major changes to its Ethical Standard and Auditing Standard in order to encourage auditor independence, stop conflicts of interest and increase investor protection. The changes include provisions prohibiting auditors from providing recruitment and remuneration services or playing any part in management decision-making, and state that auditors of public interest entities can only provide non-audit services which are closely linked to the audit itself or required by law or regulation.
The changes are intended to "dramatically reduce" the risk of damaging conflicts of interest, where the commercial interests of an auditor are perceived to be the most important factor in an audit relationship, rather than the focus being on high quality audits.
The revisions build on existing changes made to the Standards in 2016, which according to the FRC have seen audit firm fee income from non-audit services provided by auditors to the entities they audit fall by 8 per cent.
The revised Standards can be found here.
FRC updates Practice Aid for Audit Committees
The FRC has updated its Practice Aid for Audit Committees. The Practice Aid provides guidance on audit quality evaluation to help Audit Committees with their assessment of the external audit process.
The update takes account of developments since the first edition was issued in 2015, including revisions of the UK Corporate Governance Code, the requirement for all public interest entities to conduct a tender at least every 10 years and rotate auditors after at least 20 years, and increasing focus generally on audit quality and the role of the Audit Committee. It also takes account of commentary from Audit Committees suggesting how the Practice Aid could be more practical in focus and more clearly presented.
The framework set out in the Practice Aid focuses on understanding and challenging how the auditor demonstrates the effectiveness of key professional judgments made throughout the audit and how these might be supported by evidence of critical auditor competencies. New sections have been added addressing the audit tender process, stressing that high-audit quality should be the primary selection criterion, and matters to cover in Audit Committee reporting.
As well as illustrating a framework for the Audit Committee’s evaluation, the Practice Aid sets out practical suggestions on how Audit Committees might tailor their evaluation in the context of the company’s business model and strategy; the business risks it faces; and the perception of the reasonable expectations of the company’s investors and other stakeholders. These include examples of matters for the Audit Committee to consider in relation to key areas of audit judgment, and illustrative Audit Committee considerations in evaluating the auditor's competencies.
ESEF taxonomy published in Official Journal
All issuers listed on regulated markets in the EU must prepare their annual financial reports containing financial statements for financial years beginning on or after 1 January 2020 in the European Single Electronic Format (ESEF). The European Commission has published a Delegated Regulation (EU) 2019/2100 which updates the taxonomy to be used for ESEF reporting purposes. The core taxonomy used for the ESEF is based on the IFRS taxonomy, which is updated annually. Delegated Regulation (EU) 2019/2100 updates the ESEF taxonomy to account for these changes.
FCA revises Handbook provisions
The Financial Conduct Authority (FCA) has published Handbook Notice 72 which covers changes to the FCA Handbook including those made by the Listing Rules and Disclosure Guidance and Transparency Rules (Miscellaneous Amendments No 2) Instrument 2019 (Instrument). The Instrument updates references to the UK Corporate Governance Code and also introduces a new rule to the Disclosure Guidance and Transparency Rules Sourcebook - DTR 4.1.14 R - to ensure that the requirements for annual corporate reporting in the ESEF have been implemented in the UK. The changes to the FCA Handbook are now in force.
FRC announces 2020/21 thematic reviews of corporate reports and audits
The FRC has announced that it will undertake thematic reviews of the following aspects of corporate reports and audits in 2020/21:
- IFRS 16: review of disclosures in the first year of implementation – this will follow up on the FRC's recent report on IFRS 16 in interim reports;
- cash flows and liquidity disclosures – among other issues, this will explore the themes of the FRC Reporting Lab’s recent report which considered disclosures on the sources and uses of cash;
- IFRS 15: a deeper dive – the FRC will consider further findings from its recent review into the application IFRS 15; and
- the effects of the decision to leave the EU on companies’ disclosures.
In addition to these topics, the Corporate Reporting Review team will also contribute to a planned FRC-wide project focusing on climate change, by reviewing the relevant disclosures given in companies’ annual reports.
AIM Good Governance Review analyses governance disclosures
The Quoted Companies Alliance (QCA) has published the AIM Good Governance Review 2019–20. This analyses the governance disclosures of 50 AIM companies. The Review is divided into five specific areas dealing with the strategic report, stakeholder engagement, board dynamics, board expertise and succession planning. The Review also includes the views of leading small & mid-cap fund managers.
PERG publishes annual report on disclosure and transparency in PE
The Private Equity Reporting Group (PERG) has published the twelfth annual report on disclosure and transparency relative to the Guidelines for Disclosure and Transparency in Private Equity (Guidelines), formerly the Walker Guidelines. PWC has also published its latest Good Practice Reporting Guide for portfolio companies.
The annual report contains the results of a review of 55 portfolio companies that fall within the scope of the Guidelines and the 47 private equity firms, and those operating in a private equity-like manner, that back them. Key findings include:
- In 2019 (as in 2018), all portfolio companies reviewed in the sample complied with the disclosure requirements in the annual report this year, compared with 79% in 2017, but only 80% and 68% published an annual report and mid-year updates respectively in a timely manner on their website, which is down on the 2018 figures.
- Of a sample of 17 portfolio companies, only 53% prepared disclosures to a good standard in 2019, compared with 73% of 15 portfolio companies in 2018. PERG notes that this demonstrates that PE firms must spend further time with their portfolio companies to ensure knowledge of the Guidelines is embedded in the annual reporting cycle
Financial services - Risk Coalition publishes guidance for board risk committees and risk functions
The Risk Coalition has published guidance for board risk committees and risk functions in the UK financial services sector. The guidance provides a set of good practice principles supplemented with practical guidance on their implementation.