AUDITOR’S LEGAL, ETHICAL & PROFESSIONAL RESPONSIBILITIES PART 1
PROFESSIONAL AND ETHICAL RESPONSIBILTIES
ISA 200 sets out the general principles of an audit. The auditor should comply with the code of ethics for professional accountants issued by the International Federation of Accountants.
Accountants require ethics because people rely on them for their expertise in specific areas.
Both the International Federation of Accountants (IFAC) and the Institute of Certified Public Accountants of Rwanda (ICPAR) have issued a code of ethics of which the fundamental principles of both associations are very similar.
- Fundamental principles of ethical behaviour Potential threats to those principles
- Possible safeguards to counter those threats.
If the code of ethics is contravened, members may face disciplinary proceedings which could result in a fine, censorship, suspension or withdrawal of membership and with it possibly the right to practice.
The fundamental principles are as follows:
- A member should be straightforward and honest in all professional and business relationships.
- A member should not allow bias, conflict of interest or undue influence of others to override professional or business judgements.
- Professional competence and due care. A member has a continuing duty to maintain professional knowledge and skill at the level required to ensure that a client or employer receives competent professional service. If you are not up to the task, you shouldn’t take it on.
- A member should respect the confidentiality of information acquired as a result of professional and business relationships and should not disclose any such information to third parties without proper and specific authority unless there is a legal or professional right or duty to disclose. Any information acquired should not be used for the personal advantage of the member or third parties.
- Professional behaviour. A member should comply with relevant laws and regulations and should avoid any action that discredits the profession.
The circumstances in which members operate may give rise to specific threats to compliance with the fundamental principles. However, it is impossible to define every situation that creates such threats and to specify the appropriate mitigating action.
The Institute of Certified Public Accountants of Rwanda ( ICPAR) conceptual framework requires each member to identify, evaluate and address threats to compliance. ICPAR – Code of Ethics – Part A 100.2
If the threats are significant, then you need to identify and apply safeguards to eliminate the risk or to reduce it to an acceptable manner.
If no appropriate safeguards are available, then you need to eliminate the activities causing the threat or decline the engagement or discontinue it as the case may be.
It would be recommended to follow the relevant ethical pronouncements which the International Federation of Accountants (IFAC) outlines together with the auditor’s relevant professional body.
- Integrity, Objectivity and Independence
- Financial, business, employment and personal relationships
- Long association with the audit engagement
- Fees, remuneration and evaluation policies, litigation, gifts and hospitality
- Non-Assurance Services provided to an Assurance Client Integrity, Objectivity and Independence
An auditor should establish documented policies and procedures designed to ensure that in relation to each audit engagement, the audit firm and anyone in a position to influence the conduct and outcome of the audit should act with integrity, objectivity and independence.
The leadership of the audit firm should take responsibility for establishing a good control environment within the firm.
Independence needs to be considered at all stages of the audit process.
The audit partner should ensure that the directors of an entity are informed of all matters that affect an auditor’s objectivity and independence.
An auditor needs to be, and seen to be, independent. They must have independence of mind and independence in appearance. It is a fundamental principle.
Independence is a state of mind that permits the provision of an opinion without being affected by influences that compromise professional judgement, allows an individual to act with integrity and exercises objectivity and professional judgement.
An auditor needs to avoid facts and circumstance that are so significant that a reasonable and informed third party would reasonably conclude an auditor’s integrity, objectivity or professional scepticism had been compromised.
Public confidence in the operation of capital markets and in the conduct of public interest entities depends upon the credibility of the opinions and reports issued by auditors. What are the possible threats to independence?
Integrity, objectivity and independence are the principal types of threats.
- Self- interest.
A financial interest in a client, undue dependence on fees, close business relationship, concern over losing a client, potential employment with client or loans from client; anything which may cause the auditor to be reluctant to make decisions during an audit.
- Self -review.
Reporting on the operation of financial systems after you were involved in their design and implementation. Preparation of the accounts which are now being audited.
- Management threat.
Making judgements and taking decisions which are the responsibility of management, such as changing journal entries, approving transactions or preparing source documents. This can be linked to self- review.
- Acting as a legal advocate for a client in litigation or promoting shares in the company.
- Allowing close personal relationships to develop with client personnel through long association or a family relationship. The auditor may not be sufficiently questioning of the client point of view. Accepting gifts of significant value is also a sign of excessive familiarity.
- Threat of replacement due to disagreement, perhaps you want to qualify the accounts.
Possible Safeguards to independence
Safeguards that may eliminate or reduce threats to an acceptable level fall into two general categories:
- Safeguards created by the profession, legislation or regulation and
- Safeguards in the work environment whether within the auditor’s own systems and procedures or within the client company.
The first category includes:
- Educational, training and experience requirements for entry into the profession.
- The existence of a clear and robust Code of Ethics
- Continuing professional development requirements.
- Corporate governance regulations and Professional standards.
- Professional or regulatory monitoring and disciplinary procedures.
The second category would include for example: Firm wide safeguards
- Documented policies and procedures to implement and monitor quality control of engagements.
- Documented policies regarding identification of threats, their evaluation and application of safeguards.
- Policies and procedures to enable identification of interests and relationships between auditor and client.
- Monitoring the fee income received.
- Timely communication of a firm’s policies and procedures to all staff and appropriate training thereof.
- A suitable disciplinary mechanism to promote compliance with policies.
Possible Engagement specific safeguards
- Involving an additional professional accountant to review the work done.
- Consulting independent third parties.
- Disclosing the nature of services provided and extent of fees charged to those charged with client governance.
- Rotating senior audit team personnel.
Possible Safeguards within client systems and procedures
- Persons other than management ratify auditor appointment.
- Client has competent employees with experience to make decisions.
- The client has a corporate governance structure that provides appropriate oversight and communications regarding the firm’s service.
International standard on quality control (ISQC 1) sets out the standards and provides guidance regarding a firm’s responsibilities for its system of quality control for audits.
- The firm should establish a system of quality control designed to provide it with reasonable assurance that the firm and its personnel comply with professional standards and regulatory and legal requirements.
- The firm’s system of quality control should include policies and procedures addressing elements such as leadership responsibilities, ethical requirements, acceptance and continuance of client engagements, human resources, engagement performance and monitoring.
- The quality control policies and procedures should be documented and communicated to the firm’s personnel.
There is a duty of confidence to the client. Confidentiality ensures that all information necessary for the audit is given to the auditor. However, there are several exceptions noted.
The principle is twofold. One, you should refrain from disclosing any information acquired without proper authority to do so unless there exists a legal or professional right or duty to disclose.
Secondly, you should refrain from using any information acquired for your own personal advantage or that of a third party.
A member should maintain confidentiality even in a social environment and even needs to comply with the principle even after the end of the professional relationship.
Exceptions when members may be required to disclose:
- Disclosure permitted by law and authorised by client.
- Disclosure by applicable law e.g. production of documents during course of legal proceedings or disclosure to appropriate public authorities of infringements of law that have come to light – EG: money laundering, Theft and Fraud Offences and a Duty to report where books of account have not been kept.
- Professional duty or right to disclose when not prohibited by law, such as to comply with quality assurance reviews, to respond to an inquiry by an institute, to protect the professional interests of a member in legal proceedings or to comply with technical standards and ethics.
Under ISA 250 consideration of laws and regulations in an audit of financial statements, if auditors become aware of a suspected or actual occurrence of non-compliance with law and regulation which give rise to a statutory right or duty to report, they should report it to the proper authority immediately.
Areas of controversy
- Multiple services
Many audit firms are moving away from their traditional roles and are offering a wider variety of work to their clients. Audit is sometimes even seen as a loss leader in gaining other lucrative work.
Having more legislation in this area could restrict clients and limit opportunities for further business and any synergies found in the auditor also providing additional services would be lost.
Note, in the USA, SEC guidance suggests that an auditor is not independent in relation to a listed company if they provide certain non-assurance services, such as bookkeeping, internal audit, management or human resources functions.
- Specialist services
Services such as valuation of intangible assets, property or unquoted investments were carried out by a firm who are also a company’s auditors can lead to a self- review threat. A firm should not therefore audit a client’s accounts which include specialist work carried out by them.
- Second opinions
Second opinions are acceptable but not if the current auditors are pressurised to accept the second opinion. In order to avoid this, there should be constant communication between the two auditors.
The second firm has a duty to seek permission to approach the current auditors from the client. Without such communication, the second opinion may be formed negligently, as the second opinion may not be based on the same set of facts or is based on inadequate evidence. Confidentiality
- Conflicts of interest
Conflicts of interest can arise when a firm has two or more audit clients, and the clients are in direct competition with each other e.g. major banks.
An audit firm can argue that different audit teams are involved and this can maintain independence and confidentiality. However, clients may not perceive it this way and could well move the audit to another firm.
Takeovers also need special consideration. You could be the auditor to both companies in a takeover. In these cases, the auditor should not be the principal advisors to either and should not issue any assessment reports on either party other than the actual audit reports.
- The public interest
There is no legal definition and therefore ‘public interest’ is difficult to prove. Therefore, the auditor should be very careful here as any disclosure causing loss could result in litigation. Seek legal advice at all times.
- Insider dealing
Auditors can be seen as insiders as they often have access to very sensitive information. Auditors should see the duty not to deal as an insider as an extension of their duty of confidentiality to their clients. Again, it is not just in relation to third parties but also to their own personal gain.
Financial, business, employment and personal relationships
Any partner in a position to influence a client audit should not have a financial interest in that client and should not generally have any financial dealings other than those considered to be at arm’s length and such dealings should not be material in value to either party involved.
As long as family members are not in a position of influence in relation to the accounting records or the financial statements, the threat to independence and objectivity would not be considered significant where a family member was employed in an audit client.
An audit firm must resign for at least 2 years where a former audit partner takes up a senior position within an audit client.
Long association with the audit engagement
Long association can lead to a self- interest threat, self- review threat and a familiarity threat. These may give rise to threats against independence and objectivity.
Firms need to monitor the length of time a specific senior person is engaged on a specific assignment and should take appropriate steps if there is a perceived threat to the firm’s objectivity.
For listed companies, it is recommended that the audit partner should rotate after 7 years, other senior staff after 7 years also.
For other companies, there is no compulsory rotation, but good advice is that partners should rotate off after 10 years.
Fees, remuneration and evaluation policies, litigation, gifts and hospitality
An audit should not be undertaken on a contingent fee basis. The fee charged should not impact on the performance of an audit.
If the total fees generated by a client or client group represents a large proportion of a firms total fee income then this could create a self- interest threat. The significance of the threat should be evaluated and possible safeguards that could be applied are:-
- Discussing the extent and nature of fees charged with those charged with governance
- Taking steps to reduce dependency on the client
- External Quality Control Review
- Consult a third party e.g. Professional Regulatory Body
Gifts should not be accepted from clients, unless the value is insignificant.
Care needs to be taken with outstanding fees as they may be construed as loans. Remember; only transactions in the normal course of business are allowed; otherwise there is a risk that there is a perceived threat to independence.
Where there is threatened or actual litigation, the audit firm should not continue to act as auditor.
Non-Assurance services provided to audit client
Firms need to have procedures in place to consider the impact of non-assurance services on the firm’s independence and objectivity.
Internal Audit – audit firm should not provide such services where they intend to place significant reliance on such work as part of external audit.
IT Services – audit firm should not undertake design or implement systems that are a significant part of the accounting systems.
Valuation – auditors should not provide a valuation where it involves a significant degree of subjective judgement.
Tax services – auditors should provide routine compliance work only.
Corporate finance services – auditors should not accept any role on a contingent fee basis.
Accounting services – auditors should not undertake such services for a listed company.
STATUTORY RESPONSIBILITIES AND RIGHTS
Statutory responsibilities and rights are laid out under companies and other related legislation such as
- Companies Acts
We have already seen that company law – depending on the applicable jurisdiction – produces a requirement that companies’ financial statements are audited.
Company Law should recommend dealing with a number of other auditor related issues depending on the applicable jurisdiction, such as:
- Appointment of auditors
- Auditors’ remuneration
- Resignation or removal of auditors
- Auditors’ duties
- Auditors’ rights
The Companies Acts of Rwanda – No 07/2009 of 27/4/09 – Law relating to Companies
APPOINTMENT OF AUDITORS
Auditors are appointed by members of a company at the Annual Meeting. The term lasts from the end of one Annual Meeting until the next Annual Meeting unless of course the auditor has resigned or has been removed during the year.
Where at the annual meeting, the company fails to appoint an auditor during that annual meeting or the post continues to fall vacant for a one month period, the Registrar General shall have the powers to have the company appoint its auditor within thirty (30) days.
Companies Acts – Article 238
The auditor’s remuneration should be fixed at the Annual Meeting and should be disclosed in the financial statements. It should be disclosed separately from those fees earned from nonassurance services.
Companies Acts – Article 239
RESIGNATION & REMOVAL OF AUDITORS
An auditor who does not wish to be reappointed or wishes to resign
Where an auditor gives the Board of Directors of a company written notice that he/she does not wish to be reappointed, the Board shall, if requested to do so by that auditor:
- distribute to all shareholders and to the Registrar General, at the expense of the company, a written statement of the auditor’s reasons for his/her wish not to be reappointed;
- permit the auditor or his/her representative to explain at a shareholder’ meeting the reasons for his/her wish not to be reappointed.
An auditor may resign prior to the Annual Meeting of the company.
This shall, after receiving the notification thereof, call on the Board of Directors to a special meeting to receive the auditor’s notice of resignation. The auditor shall provide a written report which gives to him/her representative the opportunity to give an explanation why he/she does not wish to be re- appointed as auditor. Also during that meeting, the Board of Directors or the meeting of shareholders shall appoint a new auditor.
The auditor has the right to require that the directors call a Special Meeting to discuss his resignation and the auditor can attend and speak at this meeting on any matter that concerns him as the retiring auditor. Directors should send out notice of this meeting within a 30 day period.
The auditor also has the right to receive all notices that relate to a general meeting at which their term of office would have expired. Companies Acts Articles 244 and 245
An auditor of a company shall be automatically reappointed at an annual meeting of the company unless the company passes a resolution at the annual meeting appointing another person to replace the auditor; Companies Acts Article 243.
The directors of a company should give at least 30 days’ notice to all those entitled to receive a set of accounts if a motion to remove the auditors is to be put to the members at an Annual Meeting. The auditors also have the right to receive a copy of such notice.
The motion to remove the auditor can be passed by a simple majority.
The auditor should have a right to make representations as to why they should retain their office and they can require that a copy of these representations be sent to all the members.
The company should notify the registrar on the removal of the auditors and the auditor should forward the statement of circumstances to the company within a period of at least 14 days of ceasing to hold that office. A copy of this statement should be forwarded by the company to the Registrar General.
The auditor has a right to receive notice of and speak at such an Annual Meeting where their term of office would have expired.
Communication between auditors
The new auditor is likely to request authorisation from the company to contact the previous auditor in order to ascertain if there are any circumstances which should be brought to their attention before accepting the appointment as auditors.
The previous auditor will forward copies of previous audited accounts together with sufficient information relating to lead schedules of all the major areas of the audit. The previous audit files remain in the ownership of the previous auditor.
AUDITORS DUTIES & RIGHTS
We have already covered the fundamental duties as to issuing an auditor’s report on forming an opinion on the financial statements as well as looking at a number of other areas which were matters of opinion and matters of fact.
Auditors should have the following rights:
- Access to all relevant documents and books and any information and explanations that they require from the directors of a company which they deem necessary in the conduct of the audit.
- Attendance at any general meeting and to receive all notices and written resolutions which any member of the company is entitled to receive.
- To be heard at any general meeting on any matters that concern them as auditors
- To give written notice requiring that an Annual Meeting be held for the reason of laying the accounts and reports before the members of a company.
Companies Acts Articles 248 and 249
Possible Company Law offences could include:
- Non-filing of annual returns
- Directors’ loan infringements
- Non-holding of Special Meetings
- Failure to keep proper books of accounts
- No director resident in state
- Acting as an auditor while not qualified to do so
It would be considered the auditor’s duty to report any offences outlined above to the Police or the Revenue Authorities.
The main offence an auditor should be aware of is money laundering activities. Money laundering is the process by which criminals attempt to conceal the true origin and ownership of the proceeds of their criminal activity, allowing them to maintain control over the proceeds and ultimately, providing a legitimate cover for the source of their income.
Audit firms are required to report suspicions that a criminal offence has been committed, regardless of whether the offence has been committed by a client or by a third party. In addition, they need to be alert to the danger of making disclosures that are likely to tip off a money launderer, as this is a criminal offence
There is no legal right not to make a report and the auditor is not constrained by his professional duty of confidence, although in all cases any such reporting must be made in good faith. In this case, he is protected by law from having the client take a civil case against him. However, if he did not have reasonable grounds on which to make a report to a third party, he may be sued by his client for breach of confidentiality.