The Financial Reporting Council (FRC) has recently issued an updated version of its Ethical Standard for Auditors, which will be effective for audits of accounting periods commencing on or after 15 December 2024. This revision aims to enhance and clarify the principles of integrity, objectivity, and independence that auditors must adhere to. Additionally, it aligns with the changes in the Code of Ethics issued by the International Ethics Standards Board for Accountants (IESBA). This article delves into the objectives behind these revisions and discusses the significant changes to breach reporting requirements as presented in Edward Rands session: The Revised FRC Ethical Standard for Auditors.
Objectives of the Revision
The revised FRC Ethical Standard for Auditors is driven by three primary objectives:
- Enhance and Clarify Principles: The first objective is to enhance and clarify the principles underpinning the standard. This involves simplifying the requirements in several areas to make them more understandable and easier to comply with. Feedback from auditors who use the existing version of the standard indicated that some aspects were difficult to interpret and apply. By increasing clarity, the FRC aims to facilitate better compliance and ensure that auditors can more easily uphold the principles of integrity, objectivity, and independence.
- Maintain Alignment with IESBA: The second objective is to keep the FRC standard in line with, and in some cases beyond, the requirements of the international standard set by the IESBA. The FRC standard is based on the IESBA Code of Ethics, and periodic updates are necessary to reflect changes in the international code. Recent updates by the IESBA have tightened requirements in areas such as IT and tax services, recruitment and remuneration, and corporate finance. The FRC's revisions incorporate these changes to ensure that the UK standard remains consistent with global best practices.
- Reflect Inspection and Enforcement Findings: The third objective is to incorporate insights from the FRC's monitoring, inspection, and enforcement activities. The FRC regularly reviews audit practices and identifies areas where auditors either inadvertently or deliberately fail to comply with ethical standards. The updated standard addresses these issues by tightening requirements and providing clearer guidance on how to handle breaches. This ensures that audit firms maintain high ethical standards and reinforces the importance of timely and accurate reporting of breaches.
Changes to Breach Reporting
One of the most significant areas of change in the revised standard is the tightening of breach reporting requirements. The key changes are as follows:
- Prompt Reporting of Serious Breaches: Under the previous standard, audit firms were required to report any breaches of the ethical standard to their regulator every six months. However, the revised standard introduces a more stringent requirement for serious breaches. Audit firms must now establish mechanisms to identify and report breaches promptly. If a serious breach occurs, it must be reported immediately rather than waiting for the next semi-annual report. This change ensures that significant issues are addressed in a timely manner, maintaining the integrity of the audit process.
- Use of a "Reasonably Informed Third-Party" Perspective: The revised standard emphasises the use of a "reasonably informed third-party" perspective to assess what constitutes a reportable breach. This approach ensures that the assessment is objective and considers how an informed outsider would view the situation. This perspective helps to avoid biases and ensures that all significant breaches are appropriately reported and addressed.
- Evaluation and Consequences of Breaches: Once a breach is reported, it will be evaluated by the FRC or the relevant professional body. The outcomes of these evaluations can range from guidance on minor infractions to potential disciplinary actions for major breaches. This structured approach ensures that all breaches are taken seriously and that appropriate actions are taken to address them. For example, if an audit partner holds shares in an audit client, this would be considered a serious breach and could lead to disciplinary action.
- Accidental Breaches and Continuous Auditing: The revised standard clarifies that accidental breaches do not excuse continuous auditing without proper assessment and justification. Audit firms must carefully evaluate any breach, even if it was inadvertent, and determine whether they can continue the audit. They must document their thought process and ensure that their conclusions are justified. This change addresses concerns that firms might overlook serious issues by categorising them as inadvertent breaches.
- Controls and Timely Reporting: Audit firms are now required to have controls in place to identify breaches and ensure they are reported on a timely basis. While the six-month reporting requirement remains, firms must also report serious breaches as soon as they occur. This dual approach ensures that all breaches are captured and reported, maintaining high ethical standards across the board.
- Professional Judgment and Reporting: The revised standard acknowledges the role of professional judgment in determining what constitutes a sufficiently serious breach that requires immediate reporting. The standard provides guidance on this, stating that if the FRC or the competent authority would expect a breach to be reported immediately, then the firm should do so. This guidance helps firms navigate the complexities of breach reporting and ensures that serious issues are not overlooked.
The revised FRC Ethical Standard for Auditors represents a significant step forward in enhancing and clarifying the principles of integrity, objectivity, and independence. By aligning with the IESBA Code of Ethics and incorporating insights from inspection and enforcement activities, the FRC aims to maintain high ethical standards in the audit profession. The changes to breach reporting requirements, including the prompt reporting of serious breaches and the use of a "reasonably informed third-party" perspective, ensure that all significant issues are addressed in a timely and appropriate manner. These revisions reinforce the responsibilities of audit firms and contribute to the overall integrity of financial reporting.
For the full session, please click here. Edward Rands covers the following topics during this course:
- Background to the changes – why has the FRC considered them necessary?
- Anticipated change, but not yet! Likely removal of the “Other Entity of Public Interest” category;
- Strengthened breach reporting requirements;
- Clarified application of prohibitions to different categories of entity; and
- Tightened restrictions on the provision of non-audit services.
The contents of this article are meant as a guide only and are not a substitute for professional advice. The author/s accept no responsibility for any action taken, or refrained from, as a result of the material contained in this document. Specific advice should be obtained before acting or refraining from acting, in connection with the matters dealt with in this article.