25 Jun 2014
Following extensive debate, we are getting very close to the new audit reporting model being finalised. Diana Hiller sums up recent developments, the reactions so far and the questions that are still being debated.
Finally, after more than three years, the debates that will shape the auditor’s report of the future are moving forward, and the look and feel of the new enhanced reports are starting to crystallise. One thing is clear: the audit reporting model is going to change – at least for listed companies. While many preparers have reservations, investors welcome what they recognise is a ‘sea change’, and auditors are on a learning curve.
Four groups have changed, or are looking to change the auditor’s report: the International Auditing and Assurance Standards Board (IAASB), the Public Company Accounting Oversight Board (PCAOB) in the US, the UK Financial Reporting Council, with its effective 2013 standard, and the European Union with its recent, approved requirements in audit regulations.
Broadly speaking the changes that all the standard setters are looking to introduce centre around three key aims: insight, transparency and improved readability.
Without doubt, the most significant innovation in all of the various proposals is the introduction of ‘key’ (IAASB) or ‘critical’ (PCAOB) audit matters’, or equivalent concepts. This new section will shed light on those matters that, in the auditor’s judgement, were of the most significance in the audit of the financial statements. The requirements differ, but the intent is the same: to introduce a bespoke description of key areas of focus in the audit, from the significant to the subjective – to supplement and not replace the auditor’s overall opinion on the financial statements as a whole.
To enhance transparency, the IAASB is looking to introduce an explicit statement regarding the auditor’s independence and identification of the engagement partner’s name. This is the practice in many, but not all countries already. The PCAOB is proposing and the EU Audit Regulation will require disclosure of the auditor’s tenure, and both too, will require a statement on independence.
Some of the changes being considered will require a restructuring of the report, to put audit and entity-specific information earlier in the report and pushing the standardised wording and generic descriptions into appendices or onto common websites.
All of the enhancements won’t make a difference if they’re not truly what stakeholders want. So how are they reacting? The UK FRC audit reporting changes came into effect in Q4 2013, making companies reporting under those regulations the guinea-pigs for stakeholder opinion. It’s now safe to say that the reaction is positive. Investors are welcoming the shift to more insightful reports and many of the new reports are seen as including useful, tailored and informative descriptions.
That said, keeping the reports ‘fresh’ in future years is going to be a real challenge. Investors have already reacted negatively to wording that they see as just adding boilerplate. Clearly a good report in their collective mind is one where you can cover the name of the company and still be able to tell what industry the company is in – and maybe even which company it is.
The report that’s captured the most attention is KPMG’s audit report for Rolls Royce. In it, the auditor discusses a number of risks, describing for each: the risk, the response to it and, importantly, also the audit findings – including, for example, the auditor’s own subjective view on whether estimates and management’s judgements had been ‘balanced’, ‘mildly cautious’ and ‘acceptable but mildly optimistic’. Investors say other reports have been informative and they like the insight into which areas the auditor focussed on in particular in the audit. But without describing the outcome of their procedures, the reports left them ‘hanging’. For investors, the Rolls Royce report is currently ‘best in class – if still rather controversial to others.
For example, it’s very important to note the reaction of preparers and audit committees – they’re the other side of the coin and they’re also two groups we field-tested the various proposals with. Preparers and audit committees expressed nervousness – and in some cases significant concern – about the nature and extent of information that might be reported by auditors. They challenge whether it’s appropriate for auditors to be reporting it. Among others, specific concerns included that the auditor might become the original source of information about the entity, or exercise undue influence on what management chooses to disclose. Perhaps even more worrying to them is that investors might have an unwarranted, negative reaction to information, something that could be exacerbated if there is not consistency over what to report in similar circumstances.
Clearly there’s much to debate still, including the subjectivity involved in providing auditor’s views on outcomes and the way those words might be interpreted. And in litigious environments, legal safe-harbour provisions may need considering if the reports that go that far are going to succeed.
We’re listening carefully to what’s being said and reflecting on how best to embrace the new reporting model. It’s key that we continue to test and experiment, and to challenge ourselves to produce the most informative, user-friendly and appropriately focused reports we can.
The auditor’s report may be the culmination of the audit, but auditors need to be thinking about the auditor reporting process from the very outset of the audit. A good audit starts with good risk analysis and scoping, and that’s the starting point for reporting too.
The reports will need to go through multiple iterations and review – that needs to be factored into the audit planning. Keep in mind that discussions on the audit report may lead management to decide to enhance or change their disclosures too.
The selection of ‘key audit matters’ begins with the matters discussed with the audit committee. That is an important starting point. Audit committees are also engaging early and, in most audits, we have found that discussions on what the audit report might look like and the matters it might discuss start very early in the audit process, with a number of conversations taking place before the reports are ultimately finalised.
Most auditors intuitively know which matters are the most significant and would be of interest to stakeholders. They will differ from entity to entity. But then it is important to be able to describe them clearly, being precise about what the particular area of focus is, clearly articulating why the audit focused on it and how the audit addressed it. It is not as easy as it sounds.
The challenge is to draft succinct key audit matters that address the technical aspects in language that is understandable to stakeholders. We have found that this is an iterative process that needs to be critically reviewed from outside the audit team, including the engagement quality control reviewer and the central audit technical team.