ASIC has reported on its audit inspection findings (“the report”) for 12 months to 30 June 2020.
How have auditors performed?
ASIC found that auditors did not obtain reasonable assurance that financial reports were free from material misstatement in 27 per cent of the 179 key audit areas.
These shortcomings were particularly observed in the audit of asset values – specifically impairment of non-financial assets and the audit of revenue. ASIC states that in most cases this did not appear to be done intentionally, but rather the auditor did not have a sufficient basis to support their opinion on the financial report.
Shortcomings were also observed in the auditing of investments and financial instruments, inventory and cost of sales, expenses and payables, and taxation.
ASIC Commissioner Cathie Armour said, “Audit firms need to work on improving audit quality and significantly reducing the number of instances where auditors do not obtain reasonable assurance that a financial report is free of material misstatement.”
The report covers findings from reviews substantially completed in the 12 months to 30 June 2020, the last being the audit of 31 December 2019 year-end financial reports. The findings therefore do not reflect the impact of COVID-19, which presented unique challenges to ensuring audit quality due to factors such as remote working arrangements.
What can be improved?
The report includes a number of recommendations relating to conflicts of interest, governance, accountability and root cause analysis. These recommendations are based on ASIC’s review of the largest audit firms during the six months to 31 December 2019.
Conflicts of interest
ASIC reviewed the approaches of the largest four audit firms to possible conflicts of interest related to providing non-audit services to audited entities, and cross-selling. The recommendations for the firms include:
- Ensure independence when considering the provision of non-audit services to audited entities. Document consultation with the firm’s independence experts.
- Evaluate the threats from providing specific non-audit services to audited entities, and perform quality control reviews of these evaluations to ensure compliance with independence requirements.
- Assess whether the level of total fees earned from non-audit services compared to audit fees for an audited entity, as well as the nature of those services, cause a potential conflict.
Instances in which ASIC identified conflicts of interest during the reporting period that could compromise an auditor’s independence include where:
- An audit firm was the largest trade debtor of the audited entity.
- An auditor’s fees for non-audit services were over nine times the audit fees and included tax advisory work that supported figures in the financial report.
ASIC reviewed the approaches of the largest six firms to corporate governance and outlined the following recommendations in the report:
- Have at least one experienced independent external person on internal governing boards, or form an advisory board with experienced independent persons to advise on audit quality initiatives at a high level.
- Clarify processes for escalating audit quality concerns. This may include establishing an independent group to receive, investigate, assess, and deal with matters.
- Clarify the role of internal governing boards for audit quality, including their authority to hold partners and staff accountable for audit quality deficiencies.
ASIC reviewed how the largest six firms hold audit partners accountable for deficiencies and made the following recommendations relating to internal and external quality reviews:
- Have clear measures for partner performance goals and plans.
- Ensure sufficient sanctions are imposed on audit partners for adverse findings, and that the consequences for deficient audits are transparent to the group.
- Hold quality control reviewers and firm experts/specialists with oversight responsibilities accountable for adverse findings.
- Firm leaders should seek feedback on audit quality from the audit committees and directors of audited entities.
- Audit partners should not be remunerated for selling non-audit services to audited entities.
Root cause analysis
ASIC found that the largest four audit firms were generally not performing root cause analysis where audited entities had made material changes to reported net assets and profit following ASIC inquiries.
ASIC recommends that firms should conduct root cause analysis to identify actions needed to improve audit quality in all instances where there are material changes to an audited entity’s financial reporting, whether following ASIC inquiries or otherwise.
How is ASIC enforcing compliance?
In its 2019-23 Corporate Plan, ASIC outlined its acceleration of enforcement and tougher penalties for corporate and financial crime.
ASIC created a dedicated Office of Enforcement to centralise decision making and drive its “Why not litigate?” operational discipline. In applying this approach to ensuring auditor independence and audit quality, ASIC examines adverse audit review findings and considers whether a matter should be referred to the courts, the Companies Auditors Disciplinary Board, or whether other enforcement action should be taken.
ASIC also works with regulators in other countries to promote audit quality for corporations that operate across borders.
In its report, ASIC states that “Enforcement of auditor matters is a priority for ASIC and a number of matters are currently being considered for possible action.”
ASIC’s latest report indicates that audit firms have a lot of work to do in maintaining auditor independence and audit quality, and ensuring that financial reports are free of material misstatement. These shortcomings will need to be addressed to pass the audit inspection process and avoid potential enforcement actions.