Group audits look like they will be a focus area for regulators during 2022 and 2023. The International Auditing and Assurance Standards Board (IAASB) recently approved a revised International Standard on Auditing (ISA) 600 Special Considerations – Audits of Group Financial Statements (Including the Work of Component Auditors). A UK version is expected to follow.
Audit firms may also want to sharpen their focus on group audits, particularly in the UK. When the Financial Reporting Council (FRC) announced its supervisory focus areas for audit quality inspections during 2022/23, the shortlist included group audits.
Change is on the horizon – and likely to prompt questions. Meanwhile, there is plenty for firms to consider in relation to group audits, as this Q&A shows.
During the pandemic, foreign travel was often impossible. Therefore, as group auditor I reviewed the work of component auditors remotely. Now that foreign travel is possible, should I start visiting component auditors again?
This question requires some reflection – and there is no definitive answer that can encompass all scenarios. There are many factors to be considered.
In March 2020, the world learned to work remotely very quickly and accelerated the adoption of remote working using digital technologies. This obviously helped enable group auditors to review the work of component auditors. Group auditors were able to view the electronic working papers of components using online platforms with screen-sharing features such as Zoom, Microsoft Teams and various other products. Remote access made possible aspects of auditing that pandemic restrictions might otherwise have made impossible or massively problematic.
But this health emergency was not the only factor at play. Auditors across the world wanted remote auditing to work and there was sometimes an increased sense of goodwill, particularly in the context of group auditing.
Previously, some component auditors might have been unwilling to share their files electronically. During the early days of the pandemic, those same auditors were often keen to be more flexible (and indeed helpful). I have even seen instances of audit files being emailed to group auditors, which was very rare before the pandemic lockdowns because of concerns about safe custody.
Although some of the practices that digital technologies facilitated during lockdowns are likely to be retained and may be normalised across the audit profession, issues around audit quality must remain on the radar of auditors. It is important to remember that in some scenarios, not having auditors on site might represent a risk to auditors and might even present opportunities for fraudsters.
Going forward, this is something that both group and component auditors will need to be mindful of, and it may deter remote auditing in some situations. Remote auditing may be undertaken less frequently for other reasons.
It is possible that some component auditors might start to become less flexible. They may row back from the positions taken during the pandemic and this may necessitate a return to some physical visits.
Also, the reviewing of component auditors’ working papers using screen sharing is sometimes not particularly time efficient, for everyone concerned. In some scenarios, the component auditor may need to be present at all times to operate their screen; in others, group auditors may find that their review of working papers is more effective when they have control of the screen during an on-site visit and review.
All of this assumes, of course, that the component auditors working papers are electronic. If files are paper based, it is a whole different ballgame.
Last, but definitely not least, the benefits to meeting in real life need to be considered. Most people recognise that electronic communication can be less effective than face-to-face communication, which group auditors often find makes it easier to get a better understanding of the component, its audit and auditors. Eye contact can be more difficult to sustain and body language can be more difficult to read remotely, over screens, than it is in person, and so on.
Obviously, the costs of travelling have always been a factor in considering the best way to review component auditor’s files, and this will remain a consideration – although counting the costs of travel is becoming less straightforward. Some firms have committed to reducing their carbon footprint, so this can also be a factor in decision-making.
You may find it helpful to consider some of the guidance and support tools the faculty has made available to assist auditors during the pandemic.
Remote auditing in practice explores in depth: audit administration; remote teamworking; audit approach and risk assessment; work on internal controls; professional scepticism; and fraud and error. A section from this guide, focusing on ‘obtaining audit evidence’, is available separately at https://www.icaew.com/technical/audit-and-assurance/audit/quality-control/remote-auditing-obtaining-evidence.
While remote-working technology presents group auditors with new opportunities, it seems highly likely that physical visits to components and their auditors will remain a powerful tool when auditing groups. But in reaching your decision on if, when and whether to start visiting component auditors again, there are many factors for you to consider.
To what extent should I review the work of component auditors?
The nature and extent of the review of the component auditor’s work is not specified in ISA (UK) 600. It will always be a matter of professional judgement for the group auditor and the principal factor that drives this will be the nature of the component.
In 2018, the FRC issued some useful guidance on this, in the form of Staff Guidance Note (SGN) 02/2018 Group audits: Determining whether components are significant and/or material, and what that means for key audit partners and engagement quality control reviewers.
This FRC guidance note says:
- where a component is financially significant, the group engagement team is more likely to determine it necessary to review relatively more of the component auditor’s working papers;
- where a component is significant due to certain account balances, classes of transactions or disclosures relating to significant risks of material misstatement of the group financial statements,
- the group engagement team would be likely to focus their review on audit documentation for these areas; and
- where a component is material (which is a lower threshold than significant), the group engagement team would likely limit their review to audit documentation that is relevant to the significant risks of material misstatement of the group financial statements.
Note that the auditor is required to determine which components are material to the group. This is in addition to identifying components that are individually financially significant and those that contain significant risk areas.
The extent of the review will always be determined by professional judgement, taking into account audit risk at group level.
Your decision about the extent to which you should review the work of component audits may also be assisted by some support material that was published by ICAEW during the early part of the pandemic (at https://www.icaew.com/technical/audit-and-assurance/audit/group-audit/coronavirus-guidance).
It offers practical considerations in relation to the work of component auditors to address the requirements in ISAs (UK). It may also be relevant for group auditors in other jurisdictions with similar requirements.
I understand that ISA 600 is being revised. When is this happening and how should I be preparing for the changes?
At its December 2021 meeting, the IAASB approved the final version of ISA 600, Special Considerations – Audits of Group Financial Statements (Including the Work of Component Auditors).
The standard is expected to be effective for periods beginning 15 December 2023 onwards.
Note that although it is not ISA (UK) 600 that has been revised, a revised version of this, together with UK-only ‘pluses’, is expected.
If you want to find out more about the changes and clarifications in ISA 600, you can find a useful summary here.
On the substance of your question: it remains to be seen when the IAASB and FRC will make the revised ISA 600 and ISA (UK) 600 available – and how any changes and clarifications might shape your preparations for implementation.
Therefore, when this information becomes available from the IAASB and the FRC, I will revisit your question and provide a more informative answer.
Audit & Beyond
This article was first featured in the March 2022 edition of Audit & Beyond.