Remarks to the British Accounting and Finance Association's Audit and Assurance Conference (virtual)
Ladies and Gentlemen, dear Colleagues.
I am very happy to address the “Audit and Assurance” Conference today and I want to thank you for the kind invitation. Congratulations to the Organizers and especially Elias Basioudis for putting together yet another successful conference.
The International Ethics Standards Board for Accountants (IESBA) has been working very hard over the last years on a series of projects that have led to considerable changes to the International Code of Ethics, including the International Independence Standards. A comprehensive restructuring of the Code which we delivered in 2018, included a much strengthened conceptual framework; new standards such as NOCLAR, Provisions on Inducements, on Safeguards, on Long Association and on the Role and Mindset of professional accountants, have been added at the time of the Restructuring and since then, are examples of the projects that have cumulatively produced a large qualitative upgrading of the Code.
This major upgrading has pushed forward the central ambition of our strategy and workplan 2019-2023. It continues with other projects today. Among its goals has been the need to maintain and expand the relevance of the Code, its responsiveness to the evolving conceptions of the global public interest and to the needs of users of financial statements. Being aware of expectations about the contributions and responsibilities of auditors and other professional accountants and new technological realities that are changing fundamental parameters of professional practice has also been on our active agenda.
A central and most prominent feature of the International Code is of course the part dealing with Independence for audits and reviews which is itself based on the Code’s fundamental principles and the Conceptual framework for compliance with the Code. The importance of independence needs no special explanation in this audience. Suffice it to say that auditor Independence is the linchpin of credibility. It is the overall defining feature of a trustworthy external examination system of financial reporting presented by private or public entities that are seeking to raise capital and engage with a variety of stakeholders in our market economies.
Although a non-accountant, I know as an economist that informational asymmetry is a fact of corporate life, market competition and of entrepreneurial secrecy. It is a continuous challenge to capital market investors who are always thirsting for new, accurate and decipherable information. It can never be eliminated because of the importance of entrepreneurial and commercial pursuit of strategic advantage. But it can be mitigated by independent and credible examination of financial statements and other corporate disclosures.
The realities of corporate life and the pressures of the asymmetry of information have led to the evolution of a whole eco-system of professionals who make it their task to opine on companies’ condition, credibility and prospects, based on public or semi-public information, analysis and forecasting. Analysts, credit raters, financial press reporters, investment advisors, internet gurus and so on. Ethical issues exist and ethical requirements should be articulated for all of them, because they all play a role and bear responsibility for shaping opinions, expectations and decisions of others.
Within that eco-system the role of the auditor is special and also special are therefore the attendant ethical requirements. The value of transparency really depends on the quality and trustworthiness of the materials being disclosed. The auditor’s role is expected to function as a major safeguard of that quality and trustworthiness, which after all forms the basis of all analysis and forecasting. Hence the centrality of the ethical requirements on auditor independence, as articulated in the International Code of Ethics.
Having said all that, with which many of you are familiar, I can now tell what my focus will be today: the most recent major revisions of Independence provisions that the IESBA just completed last quarter, have been approved by our Oversight Board and have been published with an effective date of December 15 2022. These revisions address a pivotal issue regarding Independence: Limits, conditions and prohibitions on the provision of non-assurance services (NAS) to audit clients; principles for the transparency and the distinct separation of fees charged for audit and non-audit services and restrictions directed to limitation or elimination of fee-dependence of the auditor on a single client. All this is viewed by the new standards through the lens of impact upon independence in fact and independence in appearance.
From the perspective of global standard-setting these new provisions are path-breaking in several ways. Their greatest probable advantage is that they are future-focused and farsighted, as I will explain.
I will structure my remarks today as follows:
I will speak briefly about the genesis of these projects, including stakeholder needs and perceptions. Then, I will move to a description of the objectives, including the pursuit of a combined effect of provisions on both NAS and Fees, landing at market simultaneously. I will proceed with the key features of these provisions, showing the “IESBA SOLUTION”, i.e. the way in which IESBA chose to deal with principle-based requirements suitable for present and future global application.
I will end with a few concluding remarks about ongoing IESBA projects that relate with the application of our new NAS and Fees provisions and look to solidify the resilience of their benefits. It is my hope that you will be able to assess the comprehensive impact that will arise from these major changes.
The Genesis of the Projects
Concerns among stakeholders, especially from the regulatory and investor communities have been lingering for some time about the impact of NAS provision to audit clients on auditor independence.
The IESBA itself, when it was completing a review of its “safeguards” provisions and the related issues about how to identify, evaluate and manage threats to independence, came to an important conclusion that was reflected in the Code back in 2018: there were situations in which no safeguards could be applied to reduce threats to an acceptable level.
The extant Code does include prohibitions on the provision of NAS, in many cases subject to a materiality threshold which required the judgment of the auditor/audit firm. The safeguards project also had upgraded the importance of the use of a “Reasonable and Informed Third Party” test which implied that outsiders’ perceptions about independence in fact and appearance had to be considered in auditor judgments. All these previous steps of Code amendment facilitated and smoothed the way to the present bolder steps.
In broader terms, I must also note that the occurrence of corporate failures and the pressures of persistent crises led many to question whether independence could be maintained when NAS were becoming both a significant source of revenue to audit firms and an important and growing expenditure of corporate Boards. The deeper issue has been one of possible distortion of incentives, or, in the language of the Code, emergence of serious threats to independence: could a firm conduct an independent audit when the provision of NAS to the audit client was becoming a serious business relationship that could influence auditor judgments and objectivity? Were there potential situations when this distortion could not simply be corrected by safeguards? And was not this a matter that involved both the nature of NAS provided and the fees generated by the provision of NAS for the audit firm?
Confronted with these questions the IESBA, after internal deliberation, proceeded to extensive stakeholder outreach on the basis of a paper issued in May 2018 and titled “Non-assurance Services: Exploring Issues to Determine a Way Forward”. We also commissioned a review of academic papers relating to the importance and possible impact of fees on market perceptions about auditor independence.
The IESBA also studied, as a matter of course, the steps that some advanced national jurisdictions had taken in the direction of reinforcing independence. It was noted that “black lists” of prohibited NAS or “white lists” of allowed NAS to be provided to audit clients had made their appearance in national regulations. It was noted that fee disclosures and caps on types of fees were also used as an indirect constraint of the provision of NAS to audit clients. These national experiences clearly furnished a guidepost to the deliberations of the Ethics Board as to the direction of travel. Audit Firms themselves, sensitive to perceptions and regulatory pressure, had also been taking steps to reduce in fact and appearance the mixing of audit and non-audit services by instituting various forms of separating walls among their various business lines. Thus, both overwhelming evidence and wide perceptions pointed to the need for the global standard-setter to step in. And step in we did with the two simultaneous projects: NAS & Fees.
The overarching objective of the projects has been to strengthen the IIS by addressing public interest concerns about the perceived lack of independence when firms provide NAS to their audit clients and in certain fee-related situations.
The parallel supplementary objective, common to all Code provisions, is that the standards have to be applicable and operable globally, not being fashioned, in other words, for a few select jurisdictions. By and large this “applicability” objective implies the advancement of principles-based provisions which allow the possibility of supplementary provisions to meet local needs.
More specifically now, the work, consultations and deliberations that were done in order to execute these projects looked for conditions, limits, and prohibitions of the provision of NAS to audit clients; they also looked to mandating transparency of related fees paid by the audit client for both audit services and NAS, and to possible threats to independence that fee correlation between the two categories or fee dependency may give rise to.
It was clear in the specification of project objectives that the new independence provisions would be differentiated, depending on whether the client entity is a public interest entity (PIE) or not; this choice rests on the premise that, by definition, independence requirements need to be more stringent for PIEs, as their financial condition is much more relevant to a broad set of stakeholders and has higher potential impact on the public interest. This critical distinction between PIEs and non-PIEs already exists in the Code anyway, and provides an important and socially meaningful tool for scalability of requirements and provisions. It would be disproportional if SMEs and SMPs were, for example, subjected to strictures as severe as for large and more complex entities.
Key Features: the IESBA Solution - NAS
Let me offer a brief description of the “IESBA Solution” to all these queries and concerns. I will stay on key provisions and will discuss their broad significance. For those who would like to see the complete set of provisions for NAS and Fees, let me urge that you visit our webpage (ethicsboard.org) for a full review, details, responses to consultation commentary and justification of IESBA’s specific choices of standard architecture.
As many of you know, one of the structural elements on which the Code of Ethics is premised is the list of five fundamental principles followed by a conceptual framework that specifies threats to compliance and how to address them. The five threats are worth repeating here: Self-interest, Self-review, Advocacy, Familiarity, Intimidation. All of them may affect independence in various circumstances. And all, or most, of them become entwined with the provision of NAS and the payment by the audit client of fees for services offered by audit firms.
When we examine the black lists in jurisdictions that have regulated this matter we find a common – and powerful – denominator in the prohibited NAS: the distinct possibility that their provision creates a Self-Review threat. Self-review means of course reviewing in the course of an audit your own previous work; and this is the most evident and most damaging circumstance to both the substance and the appearance of independence. If you think about it for a moment, reviewing your own work signals the elimination of any critical perspective or skepticism, it undermines independence or even leads to its complete disappearance. I would add upon reflection that of all threats the S-R threat is by far the most damaging both in fact and in perception.
So the IESBA’s global solution has not been yet another black list. It has gone to the heart of the issue and has mandated a prohibition of any service that might give rise to self-review. This is a novel approach both in the Code and in relation to various national regulatory regimes.
Let me note here that the new standard is efficient, stringent and objective. It is efficient because with one principles-based prohibition it in fact prevents the provision of a whole set of NAS to audit clients. It is stringent because it eliminates not simply all NAS that give rise to a SRT but all NAS that might give rise to a SRT, i.e not just the fact but even the mere possibility of a SRT occurring. It is objective because, as specified in the revision, the prohibition does not depend on a materiality threshold. So it is not a matter of judgment whether the prohibition will bite or not. It will bite for PIEs.
But besides being efficient, stringent and objective the prohibition based on the SRT has one more powerful advantage: it covers possible future services, especially embedding new technologies that may present new forms and opportunities for the SR threat to surface. In our world of technology-driven innovation this is an advantage as compared to lists of presently defined and known NAS. In short the SRT prohibition is farsighted and future-proof.
The centerpiece prohibition of services that might give rise to a SRT is complemented by a series of other provisions that enhance independence. For one, the new standards elevate very significantly the role of those charged with Governance within the client entity. They have to concur to the provision of any NAS and they approve the fees, as well. Communication of the auditor with TCWG is an important feature we have included because it empowers these parties to play a very significant role in the process, to express an opinion on the question of independence and to act on this opinion. This too is a significant novelty in this group of standards.
By virtue of the Code’s “related entity” provision, the SRT prohibition of NAS extends to cover related entities of the PIE client. For a listed client in particular, this will include related entities under direct or indirect control of the listed entity, its parent entity as well as its sister entities. A noteworthy supplement to the standard is that the provision of NAS not otherwise subject to the SRT prohibition to certain members of the PIE’s corporate family, especially the parent entity, must also be disclosed to TCWG of the PIE by the audit firm so that they take these into account when assessing independence and concurring with (or rejecting) the provision of the NAS.
These core provisions prohibiting the S-R threat apply to PIEs, as I already explained. In the case of other entities, non-PIEs, the provisions are scaled down but still involve a strengthening of evaluation and review of the S-R threat and the application of appropriate safeguards by the auditor. So, I would say that, on the whole, the new standard represents a general clarification and enhancement of independence requirements with respect to the S-R threat. Mind you, this does not mean that other threats are disregarded or omitted. There is ample consideration, requirements or application material for the management and reduction of other threats. I would single out IESBA’s focus on the advocacy threat to independence which is frequently closely related to the S-R threat and which can also undermine independence. The new standard places serious limitations on provision of NAS such as legal services or tax-planning services, for example, precisely in order to prevent the erosion of confidence in the auditor’s ability to exercise skepticism and independent judgement.
Key Features: the IESBA Solution - FEES
Let me now turn to the new provisions on Fees. The Board and the extant Code recognize the wide acceptance and practice of the audit client payer model. We also however recognize that the payment of fees on the basis of that model may give rise to considerable threats to independence, especially the self-interest threat and the intimidation threat. It has been therefore a clear project objective of the Fees project to raise the awareness of audit firms on these threats as risks to independence and to put together provisions reducing those threats to an acceptable level or eliminating them altogether. Again, as in the case of NAS provisions, the execution of this project acknowledged and followed the distinction between PIEs and non-PIEs for the same reasons of proportionality and scalability that I explained earlier.
Approaching the question of Fees, the Board stayed away from any attempt to determine what the proper level of fees should be. The Code acknowledges that this is in the domain of business decisions and depends on a variety of real-life business factors. However, the new provisions flagged several important elements of principle. First, that the audit fee should be sufficient for fulfilling the needs of competence and quality of the audit services. Second, that the audit fee should be determined on a stand-alone basis and not be connected or correlated to fees paid for non-audit services. Third, the Board also flagged that very high or very low fees might affect adversely perceptions of independence or quality.
A very significant factor in ensuring that these conditions are met has been recognized explicitly by the Board: the corporate governance of PIEs. TCWG, such as audit committees, who make decisions about audit and non-audit services must be fully informed on the determination of fees and services involved, on the basis of the requirements and strictures of the Code that I mentioned above. As in the case of NAS provisions, the explicit recognition, elevation and empowerment of TCWG in the assessment and enhancement of independence has also been enacted in the Fees provisions.
But beyond elevating the role of TCWG, the new provisions go further: they mandate transparency via the public disclosure of fees paid by the client to the audit (network) firm separately and distinctly for the audit and the non-audit services provided. We firmly believe in the power of transparency which enables market participants to make comparisons and draw their own conclusions about the trustworthiness of external examinations, audits, reviews and assurance.
I would note in this connection – as some may ask the question – that the IESBA has considered at length the specification of a “fee-cap” as some jurisdictions have chosen to do in order to limit the relative size of fees for non-audit versus audit services. We have concluded that this is only an indirect constraint on the provision of NAS to audit clients that may simply be redundant when the Code has already included direct constraints by the prohibition of S-R threats. We have also chosen not to grapple with specific numbers and percentages, given that the International Code is principles-based, and should be fit for application in a variety of jurisdictions. The empirical evidence of fee-cap regulations across some advanced jurisdictions does not indicate some sort of “central” or “equilibrium” value of the percentage limitation itself. Furthermore, the Board has also been aware of evidence that the clear disclosure of fees by category of service – audit and non-audit – has created strong incentives towards the reduction of the magnitude of non-audit fees. Thus, we concluded that the fee cap was neither appropriate nor necessary in a principles-based International Code.
A last feature of the Fees provisions is very important to mention here, as it relates to “fee dependency”. This is a condition that is already described in the extant Code and relates to situations where an auditor or an audit firm operates with a high concentration of business with and revenue from one audit client. This is a situation where “self-interest” and “intimidation” threats come to play. The new provisions seek to banish fee dependency by flagging that in the case of PIEs the appearance of revenue concentration to over 15 percent from single client must lead to corrective measures. These include, undertaking measures to reduce the concentration, public disclosure of the fee dependence if it is for two consecutive years and final disengagement from the audit client if the concentration persists for more than five years. In the case of non-PIEs again, as with NAS provisions, the Code prescribes a less stringent but still enhanced use of additional safeguards.
Ongoing Complementary IESBA Projects
I would be remiss in my responsibility to inform this audience as fully as possible on IESBA’s work, if I did not mention two ongoing projects that will have a bearing on how the NAS and Fees provisions are applied around the world. Two ongoing projects of IESBA are of direct relevance: the work on revising the definition of PIE in the Code, and the work on enriching and adjusting the Code with insights from our Technology project that looks very carefully into ethical implications of disruptive technological innovations that surround us.
Let me first turn to the work we are doing to revise the definition of PIE. In the extant Code this definition basically includes “listed firms” and whatever local laws and regulations specify in additional categories. This extant specification encompasses by construction a lot of variety, as local circumstances and idiosyncratic factors matter a lot in which entities would be characterized as PIEs by local authorities. This variation is of course acknowledged in the ongoing work for revision of the definition, but it also sought to specify some steering indications of what features PIEs should have so that local decisions are brought into greater global consistency.
Thus, the “PIE” project (on which we have issued an exposure draft) states an overarching objective which is the focus on the financial condition of entities that has a higher impact on the public interest. Based on that our current proposal contains listed firms and several categories of financial intermediaries; and beyond that lists factors that should be considered for local/national definitions. This is ongoing work of course and we are just receiving consultation responses, so I will not expand on this any further. I will only point out that this project is closely coordinated with the IAASB since inception, so that we can work towards a common definition. And also point out that in this case as in NAS and Fees, the Code openly promotes engagement with local authorities by suggesting factors to be considered, asking that those local authorities refine the Code’s categories by size thresholds, for example, and creating pressure for more consistency in an area where national divergences are wide. The revised definition of PIE will notably affect the implementation of NAS and Fees provisions, as it will move the boundary between PIEs and non-PIEs.
Lastly, a few words about our technology initiatives and their relation to NAS and Fees. Our technology initiatives are looking broadly on the impact of innovations on ethical standards and ethical behavior. The first item I would like to note is that a comprehensive review of the Code’s fundamental principles, taking into account current technological inroads via algorithms, AI tools and related innovations has convinced us that the Code’s fundamental principles are solid, comprehensive and clear in their coverage of new services and new configurations of technologically-supported human practice and human judgment. Specifically in the case of NAS and Fees, we therefore plan to undertake the composition of helpful non-authoritative guidance, for the usability of the new NAS and fees provisions in a context of dense technological applications. In addition, we are actively looking to develop additional application material that would refresh guidance – as cases and examples – that would better illustrate the resolution of ethical dilemmas in the new tech environment. Finally, issues such as complexity, accountability and embedded bias, are now and will remain important in the ethical enhancement of practice and the protection of independence in our menu of future undertakings.
A few concluding remarks centered on the global application and use of the Code now and in the future.
First of all, and as I have already stated repeatedly in previous remarks, a principle-based Ethics Code with clear guidance for application continues to be the best option for globally consistent application of ethical precepts and requirements.
Secondly, Code pronouncements must be comprehensive and remain relevant not only in the context of new technologies but also in another context: the pressing needs for more informative and more standardized non-financial reporting, which will require an extension of the system of external examination in the form of audits, reviews and assurance.
Thirdly, and equally important: advancements in ethical codes – analogous to the International Code of Ethics for professional Accountants - across the entire eco-system of corporate professions, both within and around corporate organizations. I remain a very strong proponent of a generalized elevation of ethical standards of behavior across the actors who move and energize the economy. The International Code furnishes a very good example.
That is why I also would encourage all of you to reflect about expanding the name of your excellent conference series to “Audit, Assurance and Ethics”!
Thank you very much.