Auditors of companies that need to follow the Code and others that choose to adopt it will need to prepare for coming changes.
In January 2024, the Financial Reporting Council announced changes to the UK Corporate Governance Code (the Code), which is applicable to all UK premium-listed companies, all those listed in the commercial companies category or the closed-ended investment funds category, and those that choose to follow the Code.
The UK Corporate Governance Code (January 2024), will apply to financial years beginning on or after 1 January 2025, apart from the main change to the 2024 Code, in Provision 29, which is related to internal controls and will come in on 1 January 2026. Until then, the existing Provision 29 of the 2018 Code applies.
Considerations for auditors
Auditors will need to pay particular attention to changes in Section 4 – Audit, risk and internal control, Provision 29.
In the 2018 version of the Code, Provision 29 states:
“The board should monitor the company’s risk management and internal control systems and, at least annually, carry out a review of their effectiveness and report on that review in the annual report. The monitoring and review should cover all material controls, including financial, operational and compliance controls.”
Auditors will need to pay particular attention to changes in Section 4 – Audit, risk and internal control, Provision 29
In the 2024 version of the Code, Provision 29 states:
“The board should monitor the company’s risk management and internal control framework and, at least annually, carry out a review of its effectiveness. The monitoring and review should cover all material controls, including financial, operational, reporting and compliance controls.
The board should provide in the annual report:
- a description of how the board has monitored and reviewed the effectiveness of the framework;
- a declaration of effectiveness of the material controls as at the balance sheet date; and
- a description of any material controls which have not operated effectively as at the balance sheet date, the action taken, or proposed, to improve them and any action taken to address previously reported issues.”
Although there are no changes to ISA (UK) 720 on The Auditor's Responsibilities Relating to Other Information, some audit firms may want to revisit their audit procedures, particularly in relation to the public declaration of effectiveness and description of any ineffective controls.
In practice, these new requirements may result in additional auditor engagement with audit committees and additional documentation and process by audited entities making these declarations.
Guidance from the FRC
Along with the revised 2024 Code the FRC released two documents:
Key Changes to the UK Corporate Governance Code; and
a UK Corporate Governance Code 2024 mythbuster.
Corporate Governance Code Guidance (updated September 2024) is also available.
ICAEW resources
UK Corporate Governance Code hub page, offering an overview of the Code, its history and pointers to other material
2024 UK Corporate Governance Code: what’s different? a Corporate Reporting Faculty article from By All Accounts
