We demonstrate our integrity by knowing the identity of our clients and others with whom we do business, and adhering to applicable standards on anti-money laundering. Where we suspect criminal behaviour, we take appropriate action.
The PwC standard on ethics and compliance sets out how PwC member firms should mitigate the risk that they inadvertently become involved in actual or potential money-laundering activities. As most legislation on anti-money laundering is based on the Financial Action Task Force (FATF) recommendations as a baseline, the PwC standard is consistent with these recommendations and the risk-based approach guidance for accountants.
The standard requires each PwC member firm to establish systems, policies and procedures to mitigate the risk of being, directly or indirectly, involved in money laundering or terrorist financing. The specific standard requirements for each PwC member firm are described in the following section.
The standard also sets out the core requirements and prohibitions for every partner and member of staff. It is made very clear that engaging in money-laundering practices is illegal and unacceptable behaviour, and partners and staff have obligations to assist in the prevention of money laundering. Specifically, partners and staff in member firms must:
establish their client’s identity (including the identification of ultimate beneficial owners where required)
not provide any service, or enter into any business relationship, that could constitute them or a firm being involved in direct or indirect money-laundering activities
Our policy and guidance provides practical and detailed explanations that explain concepts such as when to do the checks and what to look for. Each member firm is required to establish a reporting procedure in place for any partner or staff member to report any knowledge or suspicion of money laundering.
Our clients work with us because they trust PwC and expect quality service. For this reason, we continually seek to enhance our standards to combat financial crime. As a network, we are in the process of implementing new network Know Your Client (KYC) policies, procedures and technology to help assess the risks related to our new and existing clients and the services we provide to them, while also driving a consistent approach to KYC across the PwC network. This new approach to KYC will help us monitor risk profile changes to the client during engagements. It will also provide transparency and comprehensive information about our clients on a global basis to support us in making informed decisions that protect our brand and reputation.
Corruption is at the centre of some of the world’s most pressing problems. PwC is opposed to corruption in any form and recognises the importance of making smart choices when it comes to its business relationships. We think carefully about our actions to avoid engaging in or facilitating bribery, corruption, money laundering, and/or terrorist financing activities.
The PwC standard on ethics and compliance specifically sets out how member firms are expected to identify and mitigate the risk of bribery and corruption in their activities. It is consistent with the principles of the UK Bribery Act 2010 and the U.S. Foreign Corrupt Practices Act of 1977. The standard requires each member firm to establish systems, policies and procedures for the prevention of bribery and corruption. It sets out specific requirements for each member firm, including:
appointing an experienced individual who, with appropriate leadership oversight, is responsible for implementation of the requirements of this standard
annually preparing a risk assessment to evaluate (a) the level and type of risks the firm faces and (b) the policies and procedures the firm uses to comply with this standard and/or to respond to local risks
training all personnel (including new joiners) annually on the PwC network and local policies and guidance
taking steps to identify and resolve any departures from or violations of PwC network and local policies
annually undertaking monitoring to assess compliance with this standard as well as PwC network and local policies and guidance, and resolving any deficiencies, where identified.
The standard also sets out requirements for every partner and staff member. It is clear that engaging in corrupt practices is not acceptable behaviour. Specifically, partners and staff in member firms must not:
engage in bribery or any other corrupt practices, including the giving/receiving of preferential treatment that may be perceived as a bribe
solicit, accept, offer, promise or pay a bribe or improper payment, either directly or through a third party. This includes so-called ‘facilitating payments’ or ‘facilitation payments’.
Our policy and guidance provide practical and detailed explanations to clarify difficult concepts, such as what may constitute a bribe or corrupt behaviour and what is considered a ‘gift’ or other preferential treatment. Each member firm is required to establish a reporting procedure for any partner or staff member to disclose if they have unwittingly been involved in any activity that may have contravened this standard.
Each year, all partners and staff at PwC member firms are required to sign a personal anti-corruption compliance confirmation.
In FY21, among our 21 largest firms, one employee was dismissed from a firm for violating that firm's internal anti-corruption policy. The incident involved a PwC employee demanding cash payments from an individual who worked as a contractor.
Ethics, independence and objectivity
At PwC, we adhere to the fundamental principles of ethics set out in of the International Ethics Standards Board for Accountants (IESBA) Code of Ethics for Professional Accountants (“the IESBA Code”), which are:
Integrity – to be straightforward and honest in all professional and business relationships.
Objectivity – to not allow bias, conflict of interest or undue influence of others to override professional or business judgements.
Professional competence and due care – to maintain professional knowledge and skill at the level required to ensure that a client or employer receives competent professional services based on current developments in practice, legislation and techniques; and to act diligently and in accordance with applicable technical and professional standards.
Confidentiality – to respect the confidentiality of information acquired as a result of professional and business relationships. This includes not to disclose any such information to third parties without proper and specific authority, unless there is a legal or professional right or duty to disclose, and not to use the information for the personal advantage of the professional accountant or third parties.
Professional behaviour – to comply with relevant laws and regulations and avoid any action that discredits the profession.
All member firms must also comply with our network standards, which cover a variety of areas related to ethics and compliance, including ethics and business conduct, independence, anti-money laundering, anti-trust and fair competition, anti-corruption, information protection, firms’ and partners’ taxes, sanctions laws, internal audit, and insider trading. We take compliance with these ethical requirements seriously and strive to embrace the spirit and not just the letter of those requirements. Ethical conduct is the expected behaviour of all of our partners and staff, and they undertake annual mandatory training and submit annual individual compliance confirmations as part of our system to support appropriate understanding of the ethical requirements under which we operate. Partners and staff uphold and comply with the standards developed by the PwC network, and the leadership of each firm monitors compliance with these obligations.
Each member firm is required to uphold the PwC purpose and values. In addition, each PwC member firm has adopted the PwC network standards, including the PwC Global Code of Conduct (“the Code”) and related policies that clearly describe the behaviours expected of our partners and staff members. These behaviours will enable us to build public trust. Because of the wide variety of situations that our professionals may face, our standards provide guidance under a broad range of circumstances, but all with a common goal: to do the right thing.
Upon hiring or admittance, all staff and partners are provided with the Code. They are expected to live by the values expressed in the Code in the course of their careers at PwC. They have a responsibility to report and express concerns, and to do so fairly, honestly, and professionally when dealing with a difficult situation or when they see any instances of behaviour inconsistent with the Code.
We have just completed the network-wide implementation and rollout of the new PwC Ethics Helpline and case management system. Each member firm has a confidential and secure tier of the helpline where concerns may be reported and will be investigated. The Ethics Helpline is available to all PwC partners and staff as well as third parties.
In order to deal with any concerns regarding the movement of people between PwC and government, PwC has in place a set of principles that our network expects to be followed by all firms when hiring a former government official or when someone from PwC takes a senior post in government.
As auditors of financial statements and providers of other types of professional services, PwC member firms and their partners and staff are expected to comply with the fundamental principles of objectivity, integrity and professional behaviour. In relation to assurance clients, independence underpins these requirements. Compliance with these principles is fundamental to serving the capital markets and our clients.
The PwC Global Independence Policy is based on the international independence standards included in the Code, supplemented by the independence requirements of the United States Securities and Exchange Commission (SEC), the Public Company Accounting Oversight Board (PCAOB) of the United States, and the EU Audit Regulation of 16 April 2014. It contains minimum standards with which PwC member firms have agreed to comply, including processes that are to be followed to maintain independence from clients, when necessary.
Each member firm has a designated partner (known as the ‘Partner Responsible for Independence’ or ‘PRI’) with appropriate seniority and standing. This partner is responsible for implementation of the PwC Global Independence Policy, including managing the related independence processes and providing support to the business. The partner is supported by a team of independence specialists.
The PwC Global Independence Policy covers the following areas among others:
personal and firm independence, including policies and guidance on the holding of financial interests and other financial arrangements such as bank accounts and loans by partners, staff, the firm and its pension schemes
non-audit services and fee arrangements. The policy is supported by Statements of Permitted Services (SOPS), which provide practical guidance on the application of the policy in respect of non-audit services to audit clients and related entities
business relationships, including policies and guidance on joint business relationships (such as joint ventures and joint marketing) and on the purchasing of goods and services acquired in the normal course of business
acceptance of new audit and assurance clients, and the subsequent acceptance of non-assurance services for those clients.
In addition, there is a Network Risk Management Policy governing the independence requirements related to the rotation of key audit partners.
These policies and processes are designed to help PwC comply with relevant professional and regulatory standards of independence that apply to the provision of assurance services. Policies and supporting guidance are reviewed and revised when changes arise, such as updates to laws and regulations, changes to the Code, or changes in response to operational matters.
Each firm supplements the PwC Global Independence Policy as required by local regulations in cases where these requirements are more restrictive than the global policy.
As a member of the PwC network, each PwC member firm has access to a number of systems and tools which support member firms and their personnel in executing and complying with our independence policies and procedures. These include:
The Central Entity Service (‘CES’), which contains information about corporate entities including all PwC audit clients and their related entities (including all public interest audit clients and SEC-restricted entities) as well as their related securities. CES assists in determining the independence restriction status of clients of the member firm and those of other PwC member firms before entering into a new non-audit service or business relationship. This system also feeds Independence Checkpoint and Authorisation for Services.
‘Independence Checkpoint’, which facilitates the pre-clearance of publicly traded securities by all partners and managerial practice staff before acquisition and is used to record their subsequent purchases and disposals. Where a PwC member firm wins a new audit client, this system automatically informs those holding securities in that client of the requirement to sell the security where required.
Automated Investment Recording ('AIR'), which is a global PwC solution that simplifies portfolio maintenance for PwC partners and staff in Independence Checkpoint by automating the recording of security transactions using direct daily feeds from participating brokers.
Authorisation for Services (‘AFS’), which is a global system that facilitates communication between a non-audit services engagement leader and the audit engagement leader regarding a proposed non-audit service, documents the analysis of any potential independence threats created by the service and proposed safeguards (where deemed necessary), and acts as a record of the audit partner’s conclusion on the permissibility of the service.
The Global Breaches Reporting System, which is designed to be used to report any breaches of external auditor independence regulations (e.g. those set by regulation or professional requirements) where the breach has cross-border implications (e.g. where a breach occurs in one territory which affects an audit relationship in another territory). All breaches reported are evaluated and addressed in line with the Code.
The Global Joint Business Relationship system, which provides a standardised process and system for the assessment, approval and ongoing monitoring of joint business relationships.
Each member firm also has a number of specific systems, which could include, for example, a rotation tracking system that monitors compliance with audit rotation policies for engagement leaders and other key audit partners involved in an audit.
Consultation by engagement teams on independence issues is embedded in the PwC culture. Teams are encouraged to consult with independence specialists whenever a matter is complex, or in the case of any doubt about what to do.
PwC’s processes are supported by comprehensive training of partners and staff. Each member firm provides all partners and staff with annual or ongoing training in independence matters. This training is typically based around milestones related to a change in position or role, changes in policy or external regulation, and, as relevant, provision of services. Partners and staff receive computer-based training on independence policy and related topics. Additionally, training is delivered to members of the practice on an as-needed basis by independence specialists and risk and quality teams.
All partners and practice staff are required to complete an annual compliance confirmation. This involves confirming their compliance with relevant aspects of the member firm’s independence policy, including their own personal independence. In addition, all partners confirm that all non-audit services and business relationships for which they are responsible comply with policy and that the required processes have been followed in accepting these engagements and relationships. These annual confirmations are supplemented by periodic and ad-hoc engagement-level confirmations for certain clients.
Each member firm is responsible for monitoring the effectiveness of its quality control system in managing compliance with independence requirements. In addition to the confirmations described above, as part of this monitoring member firms perform:
compliance testing of independence controls and processes
personal independence compliance testing of a random selection of, at a minimum, partners, as a means of monitoring compliance with independence policies
an annual assessment of the member firm’s adherence with the PwC network’s standard on independence.
The results of monitoring and testing are reported to the firm’s management on a regular basis.
Each member firm has disciplinary policies and mechanisms in place that promote compliance with independence policies and processes, and require any breaches of independence requirements to be reported and addressed. This includes a discussion with the client’s audit committee regarding the nature of a breach, an evaluation of the impact of the breach on the independence of the member firm and the engagement team, and the need for actions or safeguards to maintain objectivity. Although most breaches are minor and attributable to an oversight, all breaches are taken seriously and investigated as appropriate. The member firm also follows any supplemental local requirements relating to the reporting of breaches. The investigations of any identified breaches of independence policies also serve to identify the need for disciplinary measures, improvements in systems and processes, and for additional guidance and training.
PwC reviews each firm’s compliance with professional standards and policies, including those relating to independence, through inspection activities directed at a risk-based sample of member firms. Any departure from independence requirements in the PwC independence policies and/or external regulations is evaluated.
Before providing non-audit services to entities that are subject to independence restrictions, all member firms are required to obtain authorisation from the group audit engagement partner responsible for services to that entity (or a related entity). A new Authorisation for Service (AFS) system launched in FY20 has increased the effectiveness and efficiency of the scope of services review and approval process.
In FY21, as part of our ongoing improvement efforts, the AFS system was replatformed to further enhance our independence control processes and integrate them more closely with our other risk processes. To support these improvements and promote understanding of the independence requirements that apply, PwC has developed a comprehensive set of policy and supplementary guidance documents that address the provision of non-audit services to audit clients and their related entities. These documents are based on the international independence standards established by the IESBA, as well as the rules and standards issued by other regulatory authorities. Member firms supplement this with local standards.
When our member firms are providing non-audit services to audit clients, they are required to provide only those non-audit services that are permissible under the applicable rules. In some instances, these non-audit services are required by law or regulations to be performed by the auditor. However, while we have the right controls in place regarding the provision of non-audit services to audit clients, we are also conscious of the threats to independence in appearance that can be created by the provision of non-audit services to our audit clients. So we assess this threat as part of our acceptance processes.
Our Network Risk Management Policy also requires that engagement teams who perform certain non-audit services engagements for SEC-restricted entities obtain approval from an independence specialist. These reviews are performed by independence specialists who make up a global Centre of Excellence (CoE).
In FY21, 72% of revenues from our audit clients in major global indices were for audit services. Twenty eight per cent were for non-audit services (FY20: 29%).
Director, Global Corporate Affairs and Communications, PwC United Kingdom
Tel: +44 7803 974136