Firms involved in the audit of groups will have been sharpening their focus on this area during 2024. All International Standards on Auditing (ISAs) are to be applied in group audits, but there are some key changes to consider in the revised ISA 600, Special considerations – Audits of group financial statements (Including the work of component auditors), which is effective for accounting periods beginning on or after 15 December 2023.

In the context of this article, references to this standard should be read as applying to both the International Auditing and Assurance Standards Board (IAASB) version ISA 600 and ISA (UK) 600. Other standards referred to in this article should also be read as applying to both the IAASB standard and the UK variant based on this.

Audit & Beyond has outlined key changes to the revised ISA 600 for group and component auditors to consider and a faculty webinar goes into more detail and offers practical insights for auditors. Briefly, key changes in the revised ISA 600:

• clarify the scope and applicability of the standard;
• introduce a proactive risk-based approach to group audit;
• change the definition of ‘engagement team’ to include component auditors;
• revise the definition of the consolidation process, to include the aggregation of financial information of business units;
• clarify how concepts of materiality and aggregation risk apply in a group audit;
• enhance documentation requirements; and
• reinforce the need for all ISAs to be applied to group audits, establishing stronger links with some particular standards.

Many of the changes to the revised ISA 600 aim to better align it with other standards, such as the new International Standards on Quality Management ISQM 1 and ISQM 2 and the revised ISA 220. The revised ISA 600 clarifies, for example, how requirements in the revised ISA 220 apply to group audits. These focus on the resources needed to perform the engagement and the direction, supervision and review of the work of the engagement team, which now includes component auditors.

ISA 600’s more proactive risk-based approach aligns with the revised ISA 315. There is greater focus on identifying and assessing risks of material misstatement, planning the audit approach and performing audit procedures that respond to assessed risks. The revised ISA 315 also focuses on information technology (IT) as part of an organisation’s internal control system, and a recent article considers ways to address practical challenges around understanding and testing how IT is used by a group and its components.

Elevating audit quality

The remainder of this article highlights opportunities to enhance audit quality on even the simplest group audits, based on insights from ICAEW’s Audit Monitoring Report 2022/23 (December 2023), and concerns identified by the Quality Assurance Department (QAD). It offers pointers for auditors on aspects of group accounts and related audit work where QAD has seen room for improvement, practical tips on directing and supervising the work of component auditors, and reminders on ethical issues for firms that audit groups and also provide these groups with non-audit services. 

Quality concerns relating to group audits are not restricted to the most complex multinational audits, utilising component auditors in myriad jurisdictions across the globe. 

QAD has seen relatively simple UK-based groups where a single firm audits the whole group and there are errors in consolidation, overlooked risks of impairment in parent company investments, or whole elements of the group’s consolidated financial statements are missing, such as parent company balance sheets.

All audits of consolidated group accounts require appropriate audit work on the consolidation, and in many cases, some of the more complex aspects of financial reporting related to business combinations. 

Consolidation adjustments need to be properly audited according to their underlying purpose, sometimes restricted to agreement with those adjustments made in prior years’ audited accounts, but often requiring additional audit evidence to conclude. 

Goodwill and intangibles arising on consolidation must be assessed for indications of impairment, and by audit work done on a full impairment review conducted by the audited entity where necessary.

Investments in parent company balance sheets must also be carefully compared to the consolidated position of the group that those investments represent. In a loss-making phase of the group’s operations, these investments often appear more valuable than the balance sheet value of the consolidated group. 

This is a risk of impairment that must be addressed, with work on valuations of the consolidated group that explains why these are higher than the net asset value, supported by robust and justifiable forecasts and assumptions relating to future performance.

Self-review threats

It is not uncommon for auditors of smaller groups to provide non-audit services related to the preparation of the consolidated group financial statements. In the UK, for most audits that do not involve a public interest entity, this is allowed by the Financial Reporting Council’s Ethical Standard.

However, it is essential that the audit firm applies robust safeguards to address the self-review threat and ensures that the audit team applies the same level of scrutiny as would be expected on the same financial statements prepared by the staff of the audited entity.

Directing and supervising component auditors

The audit of group accounts also presents challenges where a group audit team directs and supervises the work of component auditors to support the group audit opinion. The revised ISA 600 requires close involvement by the group auditor with the work of the component audit team, from planning and risk assessment through to completion, including assessment of the adequacy of work and conclusions of component auditors in key areas of their audit.

Issues may arise in cases where audited entities appoint a relatively small audit firm as group auditor of a worldwide group, possibly with component auditors that are members of one of the large international networks. There may be financial benefits to the audited entity, with group audit fees likely to be lower than those charged by a UK member firm of the international network. However, it is essential that these smaller audit firms are just as robust in their involvement, including direction and supervision of the component auditor as when dealing with another, lower profile firm. 

On the other end of the scale, UK audit firms sometimes deal with component auditors that cannot communicate in English. In such cases, a UK firm will have to obtain its own relevant language skills and translation; it may ultimately need to visit a subsidiary to do audit work directly or insist that the client appoints a more appropriate audit firm to the component to enable the necessary effective direction, communication and review. The requirements for robust two-way communications have been strengthened in the revised ISA 600.

Timely preparation

There’s a lot for group and component auditors to consider. The revised ISA 600 may create more work for the group engagement partner and their team; earlier and more communication between group and component auditors may be needed; approaches to auditing entities with multiple branches or divisions may need to change; models for considering component materiality and aggregation risk may need reassessing; audit methodologies may need updating.

All firms need to ensure that they understand the revised ISA 600 requirements and what they mean for group and component auditors and then take any necessary actions as soon as is practicable.