Chapter 9 Professional Ethics Flashcards
1.1 Fundamental principles – sources of ethical guidance
- International Federation of Accountants (IFAC) code of ethics, now known as the IESBA International Code of ethics for professional accountants
- ICAEW code of ethics
- FRC ethical standard
1.2 Revision of key points on ethical principles
The IESBA code sets out the fundamental ethical principles as integrity, objectivity, professional competence and due care, confidentiality, and professional behaviour. The IESBA code sets out the five general threats to objectivity and independence as self-interest, self-review, advocacy, familiarly and intimidation. One more threat identified in the FRC ethical standard is management.
2.1 The new single ethical standard for auditors
The FRC ethical standard was first issued in 2016 and was revised in 2019. Reference is made throughout the ethical standard to the parties to whom the provisions apply. Covered persons include the partners and staff involved on the engagement but could also be:
- Any other person placed at the disposal of the audit team, for example an expert
- Anyone in the audit firm with supervisory, management or other oversight responsibility for the partners involved in the engagement
- Any other person in the firm who is in a position to influence the conduct or outcome of the audit
2.2 FRC ethical standard introduction
The ethical standard applies to audit engagements and other public interest assurance engagements and includes the third party test. When considering if requirements of the standard have been met, evaluation should be made with reference to the perspective of an objective, reasonable and informed third party, this formalises the requirement to be independent.
2.2 FRC ethical standard introduction
The ethical standard applies to audit engagements and other public interest assurance engagements and includes the third party test. When considering if requirements of the standard have been met, evaluation should be made with reference to the perspective of an objective, reasonable and informed third party, this formalises the requirement to be independent.
2.2 FRC ethical standard introduction
The ethical standard applies to audit engagements and other public interest assurance engagements and includes the third party test. When considering if requirements of the standard have been met, evaluation should be made with reference to the perspective of an objective, reasonable and informed third party, this formalises the requirement to be independent.
2.3 Part B section 1 – General requirements and guidance
Section 1 sets out an overall approach to be taken by audit firms in respect of ethical standards. The following are the key requirements of the standard:
- 1.1-1.5: audit firm shall establish policies and procedures designed to ensure that the audit firm and covered persons act with integrity, objectivity, and independence. The firm should demonstrate compliance with the ethical standard
- 1.10: leadership of audit firm shall establish a control environment within the firm that ensures compliance with the standard.
- 1.12: audit firm appoint an ethics partner responsible for firm’s policies and procedures relating to ethical compliance. Paragraphs 1.13 and 1.18 set out their responsibilities
- 1.21: any breaches of requirements of ethical standard are assessed by the engagement partner and the ethics partner
- 1.23-1.25: audit firm and covered persons must not be involved in the client’s management or decision-making. Specific statutory audit guidance given in 1.24.
- 1.33: audit engagement partner should consider threats to objectivities at all stages of an audit, including acceptance/continuance, planning, when forming an opinion, when considering whether to provide non-audit services and when threats are reported to them
- 1.39-1.45: where a threat is identified the engagement partner should assess the effectiveness of the available safeguards and decline or discontinue the engagement if safeguards are not effective
- 1.49: standard refers to ISQC 1 which requires an engagement quality control review for listed companies
- 1.50: engagement partner must reach an overall conclusion on independence
- 1.54: audit engagement partner must communicate to those charged with governance at the client on all significant matters that bear upon the auditor’s objectivity.
- 1.63: threats and safeguards should be documented in engagement working papers
2.4 Part B Section 2 – Financial, business, employment, and personal relationships
Section 2 applies the general principles of section 1, giving guidance on specific circumstances arising out of relationships between the auditor and client. The main requirements of section 2 are:
- 2.3: No shares in the client should be held by the audit firm, or partners and persons closely associated with them. Self-interest threat
- 2.20: The audit firm, covered persons and persons closely associated with them should not make loans to an audit client. Self-interest and intimidation threats.
- 2.21/2.22: The audit firm, covered persons and persons closely associated with them should not accept loans from an audit client unless the client is a bank, and the loan is made in the normal course of business. Self-interest and intimidation threats.
- 2.25/2.26: The audit firm, covered persons and persons closely associated with them should not enter into business relationships with audit clients. Self-interest, advocacy, and intimidation threats.
- 2.35 Dual employment is not allowed i.e., the audit firm must not employ someone who is also employed by the audit client. Management and self-review threats.
- 2.36 Loan staff assignments (audit firm provides staff to work at the audit client for a temporary period) are only allowed by exception: nonmanagement role for UK national audit agency, entity role has no management (or line management) responsibilities, for a short period of time no longer than 3 months and where service is not prohibited by the Ethical Standard.
- 2.39: Partners and members of the engagement team to notify the firm of any potential employment with the client. The firm shall remove the individual from the audit team and review the work carried out by them on the current audit. Self-interest, familiarity, and intimidation threats
- 2.45 Where a partner (engagement or quality control review) leaves the firm to become a director/key management at the audit client the firm must resign as auditor and cannot accept reappointment for a 2 year period.
- 2.48: Where any other member of the engagement team leaves the audit firm to become a director/key management at the audit client the firm shall consider the composition of the audit team.
- 2.51: If a member of the audit team has a person closely associated with them/close family member employed by the audit client then they may need to be removed from the team. Audit staff should report close family or personal relationships with client staff to the engagement partner. Familiarity, self-interest, and intimidation threats.
- 2.53: Audit partners or employees of the audit firm should not perform the role of director. Management and self-review threats.
- 2.57/2.58: Where a former director or employee of the audit client joins the audit firm, they should not be involved with the audit of that client for 2 years. This period may need to be extended in some situations. Self-interest, self-review, and familiarity threats.
- 2.60 ‘Persons closely associated’ includes immediate family members i.e., spouse and dependents. ‘Other close family relationships’ comprise parents, non-dependent children, and siblings.
- 2.65 The engagement partner shall consider the integrity and objectivity of any external consultants involved in the engagement and document the rationale for the conclusion.
2.5 Part B Section 3 – Long association with engagements
Section 3 applies the general principals of section 1 giving guidance on specific circumstances arising out of long association with the audit engagement. The requirements include:
- 3.2: The audit firm must monitor the length of time that partners and senior staff work on the client. Self-interest, self-review, and familiarity threats.
- 3.5: Where threats are identified, appropriate safeguards may include: Rotation of partners, Involvement of another partner, not previously involved on the engagement, to review the work done by the partner and other senior staff and Engagement Quality Control Review (EQCR)
- 3.6: When the engagement partner on a non-listed client has held the role for 10 years, consideration is given to the need to rotate the partner. If they are not rotated: apply safeguards (as set out in 3.5 above) or document reasoning and communicate reasoning with those charged with governance at the client
- 3.10/3.15: Audit engagement partner on a listed client rotate after 5 years, no return within 5 years. This includes time spent when an audit engagement moved between firms. After a rotation, engagement partners should not have significant/frequent interaction with management. The audit committee may approve the extension of the audit engagement partner’s service to 7 years in certain circumstances.
- 3.14: When the audit client becomes listed, if the audit engagement partner has already served 4 or more years, they may continue for a maximum of 2 years.
- 3.20: Engagement quality control review partner and key partners involved in the audit of a listed client rotate after 7 years, no return within 5 years (EQCR partner)/2 years (key partner involved in audit)
- 3.21: Other partners/senior staff on a listed client review safeguards after 7 years
2.6 Part B Section 4 – Fees, remuneration and evaluation policies, gifts and hospitality, ligation
Section 4 gives guidance on specific circumstances arising out of fees, remuneration and evaluation of staff gifts, hospitality, and litigation. Key requirements are:
- 5.10: Anyone in the audit firm considering providing a non-audit service to one of the firm’s audit clients must communicate the details to the audit engagement partner. They then consider the implications before the service is accepted.
- 5.13: Before accepting non-audit work, consider whether a reasonable and informed third party would regard the non-audit work as impairing the firm’s objectivity and independence.
- 5.18: Management decision making services prohibited for audit firms.
- 5.24: Where safeguards are insufficient to mitigate the threats to independence, the non-audit work should not be accepted.
- 5.25: General safeguards for non-audit services include: separate teams for the audit and non-audit work, engagement quality control review of the work and conclusions of the audit team in relation to the non-audit service.
- 5.34: Consider whether there is informed management. Without informed management it is unlikely that any safeguards could be effective against the management threat.
- 5.29/5.30: Communicate matters that have a bearing on the auditor’s objectivity and independence related to the provision of non-audit services to those charged with governance.
- 5.36: Document all reasoning, and safeguards related to non-audit services. Ensure this occurs prior to an engagement letter being issued.
2.7 PIEs
Standard takes a stricter approach to provision of non-audit services to Public Interest entities. For non-PIEs ethical threats must be evaluated and if exist safeguards applied or where no possible withdraw from the engagement. For PIE audit clients, the standard provides a permitted services list instead. If the service does not feature on the list, then it cannot be provided to the client. the list is found in paragraph 5.40.
2.8 Specific services
- Audit related services (5.35-5.38): threats are insignificant when work is similar to the audit carried out by the engagement team, so no safeguards are required.
- Internal audit services (5.44-5.46): internal audit work cannot be completed for any audit client. whether they are listed or not. Introduced into the FRC ethical standard in 2019 and is different to that found in the IESBA code.
- Information technology services (5.47-5.50): do not provide services related to design, provision, or implementation of systems where they form a significant element of accounting systems or help produce the accounts and if it involves taking on a management role. If services are provided the self-review threat (safeguards include separate teams and independent partner review) and management threat (safeguards include relevant management expertise) need to be considered.
- Valuation services (5.51-5.58): relevant threats are self-review threat (separate teams, independent partner review and do not perform work if valuation is material to the accounts and involves a significant degree of subjective judgement) and management threat (safeguard is informed management). Do not provide services where the valuation has a material effect on accounts for listed clients
- Tax services (5.64-5.80): threats include self-review threat (safeguards include separate teams, reviewed by independent tax partner, independent partner review and do not promote tax structures where there is reasonable doubt to the accounting treatment), management threat (safeguards are informed management and where tax calculations for accounting entries are prepared for non-listed companies, the work should be of a technical/mechanical nature only), self-interest threat (safeguards are contingent fees not allowed) and advocacy threat (safeguards include not acting as an advocate in a tribunal if the issue is material to the accounts). Do not prepare tax calculations for purpose of making accounting entries that are material to the accounts of listed clients.
- Litigation support and legal services (5.81-5.84): threats include self-review threat (safeguards are not providing litigation services where the firm estimates the likely outcome of a legal matter which is material to the accounts) and advocacy threat (safeguards are not providing legal services involving acting as general counsel or the solicitor representing the client in a dispute material to the accounts). Do not provide these services there the outcome of a legal matter is material to the accounts of a listed client.
- Recruitment and remuneration services (5.85-5.87): advice cannot be provided on the recruitment of any director/employee where responsibility would be taken for the appointment itself. Advice or measurement criteria cannot be provided for director/employee remuneration packages
- Corporate finance services (5.88-5.97): threats include management threat (safeguard of informed management), self-review threat (safeguards of separate teams, advice reviewed by independent corporate finance partner and independence partner review) and advocacy threat (do not provide services where the firm is responsible for dealing in, underwriting, or promoting shares). Do not undertake any services linked to financing, capital structure and investment strategy, as well as not promoting, deal in or underwrite shares in listed clients
- Transaction related services (5.98-5.103): threats include self-review threat (safeguards of separate teams, due diligence work reviewed by independent transactions partner and independent partner review) and management threat (safeguard of informed management). For listed clients do not undertake services linked to financing, capital structure and investment strategy
- Restructuring services (5.104-5.116): threats of self-review threat (safeguard may be insurmountable if there is an impact on the firm’s assessment of whether the entity is a going concern) and management threat (safeguard of informed management). For listed clients do not undertake services linked to financing, capital structure and investment strategy
- Accounting services (5.117-5.127): threats include self-review threat (safeguards of separate teams, accounting work reviewed by partner not on engagement team and independent partner review) and management threat (safeguards include informed management and work done of a technical/mechanical nature, not requiring judgements or decision making). For listed clients do not provide services relating to bookkeeping and preparing accounting records or accounts or payroll services
2.9 Part B Section 6 – Provisions available for audits of small entities
Section 6 relaxes some ethical rules for smaller entities by using exemptions and additional disclosures, it applies to companies that qualify as small under Companies Act 2006, general rules are:
- Paragraph 4.31 requirement for an external independent quality control review is fees from a client are expected to exceed 10% but not exceed 15% - no requirement for independent quality control review, but must disclose the issue to ethics partner and those charged with governance at the client
- Section 5 requirements in relation to provision of non-audit services – firm not required to apply safeguards to address self-review threat provided there is informed management, more regular cold review of audits where non-audit services have been provided and disclosure of the non-audit services in the audit report
- Paragraph 2.45 requirement that where an audit partner joints the client the firm should resign and not accept appointment as auditor until 2 years has passed – the firm can continue as auditor provided there is no significant threat to the audit teams integrity, objectivity, and independence. Disclosure of the partner joining the client is made in the audit report
3.1 ICAEW code of ethics – confidentiality
ICAEW code covers independent and objectivity and is similar to the FRC ethical standards. It also covers confidentiality and conflicts of interest. ICAEW code of ethics section 114 states accountants have a duty of confidentiality meaning they should not disclose client information unless there is a right to do so, should take all reasonable steps to preserve confidentiality and should not use confidential information for personal advantage.
There is a duty to disclose when required by a regulator, ordered by a court, comply with technical/professional standards, and comply with quality review of professional body. There is a right to disclose when client permission granted, public interest and to defend the firm/provide evidence in legal proceedings.
3.2 Conflicts of interest
ICAEW code of ethics section 310 deals with conflicts of interest. Reasonable steps should be taken to identify any conflicts of interest and if a conflict arises then the firm should notify both clients of the situation and seek their consent to continue to act. If the firm continues to act for both then appropriate safeguards including separate teams, information barriers, confidentiality agreement signed by employees and partners and review of the application of safeguards by an independent partner.
Social media is difficult when personal and professional lives become blurred. The principles set in the ICAEW code of ethics and guidance within employment social media policies should be following. The key benefits are sharing of experiences, creating engagement in debates, and raising profiles and awareness. Issues can include confidentiality breaches, criticism, lack of integrity/professional behaviour, offensive posts, and illegal acts.