Keep the audit committee on the ball

Saturday, 01 October 2022

    Current

    Ensuring good-quality audits is an exercise in good governance to promote investor/stakeholder confidence in financial reports. A joint AICD-AUASB guide for audit committees will help them to prepare, writes Tom Ravlic.


    The Australian Securities and Investments Commission (ASIC) recently launched its regulatory guide establishing what company directors can expect to be told if the regulator deems the firm auditing financial statements has failed to do its work properly — and that directors need to be told.

    Issues uncovered by ASIC inspection teams that will form a part of communication with a board of directors include: a failure of an auditor to obtain reasonable assurance an audit is free from material misstatement; concerns that auditors failed to meet independence requirements, including disclosures under the law; and “any other matter” the regulator believes a board, auditor committee or senior management of an entity should know.

    Information provided by ASIC to a board is aimed at assisting an audit committee or the board to fulfil governance obligations as well as ensure that they, as representatives of the shareholders, are getting bang for their buck with audit quality.

    How does the board use this?

    The answers to this question are provided in a new guide for audit committees titled Comprehensive Review of the External Auditor, a joint effort between the AICD and Auditing and Assurance Standards Board (AUASB). Setting out the obligations of a board where financial statements and audit are concerned, it is designed to help board members better understand audits and the work of an audit engagement team, so the questions they ask hold the audit engagement partner to account for their performance. 

    The guide states that while auditors have the primary responsibility for audit quality, it is best achieved in an environment where there is strong support from other participants in the financial reporting chain. Stakeholder and investor confidence may be enhanced by transparency of the process audit committees have in place to assess the quality of their auditor. Therefore, transparency and public disclosure is encouraged to assist with enhancing confidence in financial reporting

    AUASB chair Bill Edge says directors have an important role in ensuring the quality of financial reporting of the entity for which they have a governance responsibility. This can be achieved by board members and the auditor having a “robust two-way communication” about audit quality.

    “The AUASB believes all members of the financial reporting ecosystem can contribute to improved audit quality,” says Edge. “Directors and audit committees have primary responsibility for the quality of financial reporting, supported by high audit quality. A periodic comprehensive review of the auditor will enhance understanding of the auditor’s performance and promote greater engagement with the auditor, management and other personnel who interact with the auditor.”

    Edge says the new guide provides directors with the basis to conduct a deeper review of the performance of their auditor than they might do on an annual basis. “The guide is exactly as its name suggests — a guide. It can be used by boards and audit committees to the degree deemed appropriate. Its aim is to contribute to the continuous improvement of the audit, capitalise on strengths and not simply to focus on deficiencies. It will also clarify how the board and its audit committee can improve the effectiveness of their interaction with the auditor and make informed decisions about the quality of their auditor.”

    When to go in deep

    One of the key questions is when a board of directors should consider doing a comprehensive review of the audit work done by auditors, given there is an obligation to look at aspects of the audit each year. A likely focus of the annual review of an audit firm’s work will be the most recent audit done, whereas a deep dive or comprehensive review would have regard for the performance of an auditor across several reporting periods. This will be dependent on a range of factors, and a board or its audit committee will need to decide when the time is right to have a closer look at the work of auditors.

    “Audit committees may consider timing around engagement partner rotation, as a comprehensive review may be most effective once the current engagement partner has had a year or two to establish their own approach or style of working with the audit committee,” states the guide. “Timing might also be influenced by whether membership of the audit committee has changed recently and should consider factors such as the tenure of the audit committee chair.”

    The guide notes that the board and the audit committee must come to an assessment of audit quality and auditor independence in its own right, and that this responsibility cannot be delegated.

    Senior management might have input into a board- initiated process when a comprehensive review is undertaken, but the responsibility falls to the board. A board or audit committee doesn’t have to produce a score for the purposes of the comprehensive review. What matters is that the processes and questions outlined are used as prompts to review the relationship between board and audit firm.

    Planning a review

    A comprehensive review of the audit engagement will need its scope set out with key timelines and processes in place. Areas of focus should be decided and, for example, any referral to a board of directors of a company’s auditor by the corporate regulator might trigger a review. “The audit committee determines the scope, timing and process of the periodic comprehensive review,” states the guide. “This includes determining what period of time should be covered, what information is required from entity personnel, and what input is required from the audit firm. It also includes determining what questions the audit committee needs to consider in conducting the review.”

    Senior management and finance staff will have contact with the audit engagement team and should be consulted to provide input into the planning processes.

    “The audit committee obtains information from management, with potential questions for the CEO, CFO, internal auditors and others as considered necessary,” states the guide. “The audit committee will need to determine from whom input is required, the specific questions to be addressed, and whether the audit committee wishes to obtain input in writing or through discussions.”

    There is also a list of questions that the audit firm could be asked by the board of directors, given it is responsible for the quality of the financial statement audit. “When gathering information from the audit firm, the audit committee might seek the involvement of senior members of the audit firm, including the engagement partner and senior audit firm partners with firm leadership responsibilities, including quality control and audit quality,” states the guide.

    All of this information is reviewed by the audit committee members individually before they collectively agree on the review process outcomes.

    The end result

    A review of the work done by an audit firm by an audit committee will result in one of several possible outcomes:

    1. Board members might be satisfied with the audit engagement and it passes with flying colours.
    2. Tweaking of audit engagement arrangements could be recommended and an audit firm may be required to implement changes before a review is closed.
    3. An audit committee may decide, based on the facts presented before it and any concerns that arise, that it is time to put the audit out to tender. The existing audit firm could be asked to participate in the tender.
    4. Other actions could also be recommended to the board of directors as a whole. “The audit committee may decide that the next comprehensive review should be performed earlier than normal or that the next annual assessment of the external auditor should focus on evaluating the effectiveness of planned remedial actions,” the guide says. “The audit committee may also recommend changes to entity policies dealing with matters such as the hiring of audit firm staff or the provision of non-audit services.” A final step in the comprehensive review is the public disclosure of the results. The guide says that the board should include key details of the outcome of the review process and ensure it is published in some form for stakeholders.

    Latest news

    This is of of your complimentary pieces of content

    This is exclusive content.

    You have reached your limit for guest contents. The content you are trying to access is exclusive for AICD members. Please become a member for unlimited access.