There were a number of concerns about the impact of extended audit reports when these were introduced for the audits of listed companies and public interest entities in the UK several years ago. Questions were raised over everything from the quality and quantity of disclosures to what value this additional information would bring – and at what cost to dealings with management.
To the pleasant surprise of many, implementation turned out easier than originally feared. Firms had been anxious about the amount of transparency needed and what the impact might be on client relationships, says Ken Williamson, EY’s head of corporate governance. “There’s an element of washing your dirty linen in public, but it has gone better than expected. Our clients and their audit committees have been understanding of the driver behind this and therefore of our need to be transparent and clear in our reporting.”
Investors are broadly happy too. “We’ve seen a real evolution of auditor reports over their life,” says Paul Lee, head of corporate governance at Aberdeen Asset Management. “That’s been really heartening.”
Extended reports represented the first substantive change in how auditors communicate their findings for many decades. Previously audit reports were short and standard, offering a binary option and concentrating more on what should not be expected from the audit than about what had been found.
That did the audit profession a profound disservice, says Lee. “By talking about what’s been done in each particular audit we’ve got much more company-specific disclosure and discussion, more thoughtful coverage – auditor reports that are worth reading.”
The good UK experience can be put down to several factors, thinks PwC partner Diana Hillier. “The UK profession is very strong; it embraced the change and was encouraged by a strong investor community. It also had the support of the FRC, which went into this with a light touch standard and which strongly encouraged innovation and experimentation in those early years. This then led to discussion and debate and enabled other parts of the world to leverage what has been learned in the UK.”
The success of the more detailed audit report has accelerated similar standards being adopted elsewhere. The FRC standard, published in 2013, acted as a pathfinder for some of the IAASB’s own proposals. These were formalised in an ISA in 2015 with the first reports using the international standard published for 2016 year-ends. Another piece in the international jigsaw fell into place when the PCAOB issued its own standard for American listed companies in June 2017: this was approved by the US Securities and Exchange Commission (SEC) several months later.
While there is substantial coherence between the PCAOB and IAASB standards, the different legal and regulatory environment in the US makes consistent implementation a challenge.
Hillier says that all the international standard setters, who were working on their rules at the same time, have tried to achieve similar objectives, even if the wording differs between standards. “The US legal environment will probably influence how matters are talked about in the UK report and these might look different to how they are described today. The question is whether it will affect how reporting evolves in other jurisdictions. I’m not sure it will. But consider companies reporting in the US and in another market. How comfortable will auditors be in describing the issues differently?”
Henry Irving, head of the ICAEW Audit & Assurance Faculty, cautions that while it’s great that the SEC has approved the PCAOB standard, the challenge will be in the implementation. “The report can’t originate information, and the US reporting rules have not kept up with developments in the audit report, with the risks reported tending to reflect a more standard and less bespoke reporting of risks.”
This points to a challenge for auditors everywhere: how to keep the reporting relevant and avoid boilerplate. The early years of the UK standard brought a great deal of innovation and robust discussions about risks. But if the environment and the audited company’s business are relatively stable, the danger is that broadly similar issues will surface in the audit report year after year.
This potential problem might be offset by another relatively recent change in the audit world: mandatory tendering and rotation of audit firms. “A fresh pair of eyes means you should get a fresh-looking report,” says Irving. “The quality of the firms’ reports can be a matter of competitive advantage. These commercial and market structural factors are important.
It’s good to have a market that’s well informed and where people are rewarded for picking an auditor perceived as doing the best job.”
Despite the challenges, Lee is optimistic that the reporting changes will continue to evolve in the UK as they take root elsewhere. “This is an opportunity for the global profession to demonstrate and articulate quality, to change the nature of the discussion about the audit to the value of the audit process. This has been invisible for so many years that perhaps investors had forgotten the value that comes from the audit, making this a real opportunity for the profession to start winning friends in the investment community.”
One of the positive outcomes of the reports is how they have played a role in helping untangle the Gordian knot that is the expectation gap. Auditors have struggled to explain what their responsibilities really are as opposed to what investors and other financial statement users believe them to be.
Extended auditor reports have gone some way to opening up the audit, says Liz Murrall, director of stewardship and reporting at the Investment Association. “This gives welcome insight into the work that auditors undertake: disclosing materiality, summarising the audit scope and areas covered, and,
most importantly for investors, setting out the risks of material misstatement and describing the effects these had on the strategy, allocation of resources and direction of the audit engagement,” she says.
The Investment Association acknowledged the changes in the audit report regime with its auditor reporting awards, held in 2014 and 2015. “We didn’t want the awards to become routine so thought we would stand back for a couple of years and see how things evolve,” Murrall explains. The IA is currently considering categories for the next round of awards, to be held in 2018 and to cover 2017 year-ends.
One factor likely to link any contenders will be that they take an individual approach to each engagement. Lee encourages firms to think about reporting that reflects the dynamic of that particular audit for that year. “Disclosures should show the flex within the year to respond to particular developments. That flexing shows that a sceptical approach has been applied through the audit. Some auditor reports have given us that visibility and insight into that demonstrable scepticism. That’s really valuable as it shows the process is working.”
“It’s good to have a market where people are rewarded for picking an auditor perceived as doing the best job”
It helps to have clarity over what is disclosed by whom. Annual reports feature a triangle of disclosure on typical material judgemental issues. Management should disclose these matters in the significant accounting judgements and estimates section of the annual report, while the audit committee should talk about the challenges they have brought to bear on these in the audit committee chair’s report. This sets the background against which the auditor can detail the procedures applied and the conclusions reached in the audit opinion. “There should be a degree of consistency and symmetry between the three sections of the annual report, but with a different flavour to each given the three different roles,” says Williamson.
That idea of a different flavour extends to the way the audit reports are written. One of the critical features of the original FRC standard was to have personal reflection from the audit partner signing the opinion. How do large audit firms, with their internal processes and desire for a degree
of consistency, achieve this?
It’s all down to driving behavioural change, says Hillier. “It was about winning people’s hearts and minds and getting them to want to produce informative reports, not just write as little as possible to comply with the standard. It was about building enthusiasm for the report and seeing it as a positive opportunity to enable us to tell our own story and, in doing that, communicate with investors in a more direct way.
For a more detailed discussion on this topic, see the ICAEW paper The start of a conversation: The extended audit, published late last year and available online.
AIM companies did not come under the remit of the original standard on extended auditor reports. However, under the international standard on auditing, for 2016 year-ends onwards, they are now subject to the same audit reporting requirements as other listed entities.
Firms’ experiences when implementing the FRC standard had been that clients with more sophisticated governance structures were more engaged in the audit report process in the early years. As a result, some expected problems when it came to selling the changes to these smaller and younger listed entities.
In fact, it’s proved easier than feared, says Sue Almond, head of assurance at Grant Thornton. “There are still challenges around planning and engagement. But we expected resistance to the auditors saying something more direct about elements of the business, and that hasn’t been the case.”
Some clients, though, have been less enthusiastic about elements of the auditors’ findings. “Talking about what the issue may be has been alright, but there has been some pushback over disclosure of the outcome of the work we did and where we focused our efforts,” says Almond.