Key issues

  • Share

Management and audit committees need not fear the introduction of the IAASB’s new auditor reporting standards, and particularly the Key Audit Matters section. Sally Percy explains how this will unlock more detail about the audit process.

Enhanced auditor’s reports are already business as usual in the UK and the Netherlands. Soon they will become a permanent fixture of the global reporting landscape.

In January 2015, the International Auditing and Assurance Standards Board (IAASB) issued its new and revised auditor reporting standards, which require auditors to provide more transparent and informative reports on the companies they audit. These standards have been issued in response to demand from users of financial statements, in the wake of the financial crisis, for more relevant information on audits.

The aim of the standards is to produce auditor’s reports that increase the public’s confidence in both the audit process itself and the financial statements of companies. The IAASB also believes that enhancing auditor reporting will improve communications between the auditor and investors, as well as between auditors and those charged with governance.

Enhanced auditor’s reports are already business as usual in the UK and the Netherlands. Soon they will become a permanent fixture of the global reporting landscape.

“The nature of a Key Audit Matter will vary according to the industry sector the company operates in.”
  • The new standards

    In January 2015, the International Auditing and Assurance Standards Board (IAASB) issued its new and revised auditor reporting standards, which require auditors to provide more transparent and informative reports on the companies they audit. These standards have been issued in response to demand from users of financial statements, in the wake of the financial crisis, for more relevant information on audits.

    The aim of the standards is to produce auditor’s reports that increase the public’s confidence in both the audit process itself and the financial statements of companies. The IAASB also believes that enhancing auditor reporting will improve communications between the auditor and investors, as well as between auditors and those charged with governance.

    “As a user, it can be challenging to understand what’s in the financial statements, let alone how they’ve been audited,” says Fiona Campbell, a partner in EY’s Australian assurance practice and a member of the IAASB. “The new auditor’s reports are therefore meant to enhance the understanding of the audit of the financial statements among users – investors, analysts, regulators, suppliers, employees and governments. It will give people a better understanding of what we do and how we do it.”

    A number of interested parties responded positively to the exposure draft of the new auditor reporting standards when it was issued in 2013. A global accountancy body, the Association of Chartered Certified Accountants (ACCA), was broadly supportive, commenting: “The report of the auditor is the most visible output of the audit process, and we welcome this initiative of the IAASB to improve its usefulness and relevance to shareholders and other interested parties. The project will also promote financial reporting of the highest quality.”

    Since the new standards apply (in many jurisdictions) to the audits of financial statements for periods ending on or after 15 December 2016, management, audit committees and auditors must start preparing for their implementation now.

  • Significant issues

    One of the challenges with financial statements is that they are, as Campbell puts it, “quite complicated beasts.” As a result, the audit is also quite complex and requires the auditor’s assessment of risks of material misstatement to those financial statements to drive the performance of the audit. In today’s “boilerplate” auditor’s report, it is not possible for investors to understand where the greatest of those risks lie in the eyes of the auditor.

    For this reason, a particular area of focus within the new standards will be the requirements of the new ISA 701, Communicating Key Audit Matters in the Independent Auditor’s Report. For audits of listed entities, a new section in the report, called Key Audit Matters (KAM), will highlight those issues that, in the auditor’s professional judgment, were of most significance in the audit. According to the IAASB, the description of a KAM should be “clear, concise, understandable and entity-specific.” It should explain why the matter was considered to be significant in the audit and how it was addressed. There should also be a reference to the related disclosure elsewhere in the financial statements.

    ACCA has welcomed the issue of the standards. “Key Audit Matters are a big step forward,” says its former External Affairs Director, Sue Almond (she has moved to a new role since this article was written). “They will allow auditors to provide a bit more color on the work that has been done.”

  • What counts as a KAM?

    ISA 701 includes a judgment-based decision-making framework to help auditors decide which issues from the audit would count as KAMs. Out of all the matters on which they communicated with the company’s management and audit committee, they will select KAMs from those matters that required “significant auditor attention.” In particular, they should explicitly consider areas where there might be a higher risk of material misstatement or those where significant management or auditor judgments were involved.

    “The concept is that these are the areas that were of greatest focus in the audit, and typically the areas of greatest risk for the audit as well,” Campbell explains. “Where were the areas of subjectivity? Which areas required a significant application of judgment?” She highlights impairment – of an investment, of goodwill or of another intangible asset – as being likely to feature as a KAM, because of the significant amount of judgment involved with these.

    The nature of a KAM will also vary according to the industry sector the company operates in. Revenue recognition is likely to be a KAM for software and telecommunications companies, for example, because they have complicated revenue recognition policies. Mining companies, meanwhile, may have licensing rights to mine a particular piece of ground, but it can be difficult for them to determine the value of that license, as it will depend on the cash flows generated by the mine in future. Therefore, their audits are likely to focus closely on license impairments.

    One area that will probably be a KAM for most companies, whichever sector they operate in, is taxation. “For a lot of businesses, tax is really complex,” Campbell notes. “It’s also an area where there is a high amount of litigation, as well as disputes between tax authorities and companies, so it often requires significant auditor attention.”

    Campbell’s observations are backed up by a report from the Financial Reporting Council into the implementation of extended auditor’s reports in the UK, published in March 2015. In a survey of more than 150 auditor’s reports, it found that the top five most reported risks were:

    • Impairment of assets
    • Tax
    • Goodwill impairment
    • Management override of controls
    • Fraud in revenue recognition
  • Potential pitfalls

    In some respects, the greatest challenge for auditors is figuring out when an issue is not a KAM. “Just because something is a big number doesn’t mean it’s a Key Audit Matter,” Campbell points out. “And just because it’s where we spent a large proportion of our efforts doesn’t mean it’s a Key Audit Matter either.”

    A large transaction, such as the acquisition or disposal of a subsidiary, might fit into this category. “It’s not necessarily a Key Audit Matter, because, although it may have required considerable audit effort, it could be a really straightforward transaction,” Campbell explains. The same applies to share buybacks, where a very large number may be involved, but which can be very simple to audit.

    Inghwa Hengefeld, a partner in EY’s Dutch assurance practice, says that it is important that the KAMs in the auditor’s report cross-refer to the financial statements. “If there were something in my auditor’s report that was not in the financial statements, that would look odd,” she says. “The descriptions of the matters should complement, and not repeat or contradict, what has been disclosed in the financial statements, while providing the audit perspective on those matters.”

    Almond points out that, while KAMs may enrich an enhanced auditor’s report in the first year, there is a danger that, if a company’s circumstances don’t change significantly in the second year, its report may start to become less engaging. “How does the audit profession avoid reports becoming stale?” she asks.

    Jargon is another trap that auditors need to avoid falling into, says Campbell; the use of inaccessible language is against the spirit of transparency that regulators expect, and is not in the public interest.

  • Communicating with the audit committee

    So what can a company’s audit committee expect from the introduction of KAMs? The good news is that they are not the headache that some might fear (see case study panels, above) and do not affect the actual conduct of the audit. Nevertheless, Hengefeld says, audit committees should expect their audit firm to communicate with them early, and to communicate well, about the KAMs that are likely to be included in the auditor’s report.

    The implementation of expanded auditor’s reports in the Netherlands went smoothly, she continues, precisely because audit firms had early discussions with their clients about the contents of the new, enhanced auditor’s reports, including the KAMs. This meant that audit committees were not presented with any unpleasant surprises late in the process.

    Meanwhile, Almond argues that the discussions between the audit committee and the auditor around the KAMs are actually “an opportunity for the audit committee to engage with the auditor.”

    This increased engagement between the auditor and audit committee on the “selection” or “ranking” of significant audit matters, and discussions around how those matters will be described in the auditor’s report and how they complement the financial statement disclosures, can provide new perspectives for audit committees and auditors. This could have indirect benefits for both audit quality and the quality of the disclosures.

  • What’s next?

    The IAASB has a monitoring group in place to observe the implementation of the new and revised standards and to gather feedback from a broad range of stakeholders. It is also planning to undertake a post-implementation review two years after the effective date, to see if the standards have achieved their intended effect.

    We can probably expect them to be well received if the outcome of the IAASB’s public consultation on the new standards is a reliable guide. According to the board, the concept of KAMs has “received widespread support among investors, regulators and oversight authorities, accounting firms and national auditing standard-setters.” Meanwhile, the fact that the UK and the Netherlands have already introduced similar measures means that the rest of the world knows what to expect.

    “The feedback in the UK is that, while KAMs may not be the perfect solution, the pure act of providing additional information has enabled more dialogue to take place with investors,” Almond says.

    Campbell agrees. “It’s got people talking about the auditor’s report for the first time I can think of,” she says. “It’s seen as a positive step forward for the audit profession.”

  • Case study: Heijmans

    Mark van den Biggelaar, CFO of Dutch construction company Heijmans, was not worried by the introduction of enhanced auditor’s reports in the Netherlands. “As a company, we prefer to be transparent in how we communicate with the financial world and our stakeholders,” he says.

    Prior to the introduction of enhanced auditor’s reports, the company had already tried to incorporate management-level concerns and comments from its auditors in the risk disclosures contained in the annual report. “The risk disclosures are longer and offer many more opportunities to be more precise, accurate and open about risk, in a language that fits the business,” he says. “I think that’s more useful to users of the annual report than describing the Key Audit Matters.”

    Nevertheless, Van den Biggelaar believes the enhanced audit reports will bring benefits for investors in Dutch companies. “It is a way of sharing with the outside world the work that the auditor has been doing,” he says.

    The subject of enhanced auditor’s reports has not come up in any of the discussions Van den Biggelaar has had with investors. “Sometimes, specific risks come up and we have a conversation with reference to the risk disclosures,” he says. “I think investors are not bringing it up because they appreciate our general level of disclosure and explanation as to what our auditor is doing.”

  • Case study: Royal Mail

    Matthew Lester, CFO of UK postal services company Royal Mail, says that the UK experience of extended auditor’s reports shows that there is “nothing to be afraid of.”

    “From our point of view, the value of the audit comes from the work that is done to challenge our thinking about our systems, processes and presentation,” he says. “My concern was that [the need for an additional commentary] might require the auditors to undertake greater work, or different work, or approach their work differently, and distract them from the value we get out of the audit because of the need to go into greater detail.”

    This turned out not to be the case, but nevertheless, Lester says he prefers the “simple, clear” auditor’s reports that existed before.

    In his experience, there has been no adverse reaction among investors to the extended reports. “No one asks me about our auditor’s report, because we got an unqualified audit opinion,” he says.

October 2015

 

Download article