AUDIT & ASSURANCE

Professional Ethics & Corporate Governance

Edited By: Salim Saifullah-Al-Ahsan, Bsc Hons (OBU) UK, ACCA (Finalist) Role of External Auditor: The primary role of an external audit to is to report on the truth and fairness of the financial statements of an entity on behalf of its owners, the shareholders. The auditor gives an opinion on whether the financial statements: Have been prepared in accordance with an acceptable financial reporting framework, e.g. IFRSs; and Comply with any specific statutory requirements, e.g. to keep adequate accounting records. Most national legislation requires the directors of all companies to produce financial statements for presentation to their shareholders. This is a recognition of the division between those who own the company the shareholders and those who run it on a day-to-day basis the directors.

The directors are required to account for the stewardship of the assets placed under their control. They achieve this by preparing financial statements which are presented to the shareholders.

An external audit is another legal requirement for incorporated entities, although many smaller entities are exempt from the requirement. The directors' statements have to be examined by an independent expert, the auditor, who is required to give an opinion on their truth and fairness.

Sources of regulation As a member of IFAC (the International Federation of Accountants) the ACCA is required to enforce ethical standards no less stringent than those of the global body. The ACCA rules are now fundamentally the same as those of IFAC. They give fundamental principles and specific guidance statements. The Code of ethics and conduct applies to members, affiliates and students of the ACCA. The fundamental principles (ACCA guidance) Members should: Integrity: Behave with integrity in all professional, business and personal financial relationships. Integrity implies not merely honesty but fair dealing and truthfulness. Objectivity: Strive for objectivity in all professional and business judgments. Objectivity is the state of mind which has regard to all considerations relevant to the task in hand but no other. Professional Competence & due care: Not accept or perform work which they are not competent to undertake unless they obtain such advice and assistance as will enable them competently to carry out their work. Confidentiality: Carry out their professional work with due skill, care, diligence and expedition and with proper regard for the technical and professional standards expected of them as members. Professional behavior: Behave with courtesy and consideration towards all those with whom they come into contact during the course of performing their work.

The conceptual framework

The ACCA guidance identifies five circumstances which have the potential to threaten compliance with the fundamental principles. These are:

The Self interest threat

This would arise in situations where the audit firm or a member of the engagement team has some Financial or other interest in the audit client. For example: -Providing a loan to a client. -Earning fees on a contingent basis, i.e. profit related. -Owning shares in a client. -Undue dependence on fees from a client.

The Self-review threat

The self-review threat occurs when a previous judgment needs to be re-evaluated by members responsible for that judgment. The situation tends to arise when the auditor has provided other services to a client. Key examples would be: -The auditor providing a specialist valuation (e.g. pension liabilities). -The audit firm providing internal audit services and subsequently relying on the work for the External audit. -Reporting on the operation of financial systems after being involved in their design or Implementation.

The Advocacy threat

The advocacy threat occurs when members promote a position or opinion to the point that subsequent objectivity may be compromised. Specific examples would be:

The Familiarity threat

The familiarity threat occurs when, because of a close relationship, members become too sympathetic to the interest of others. Circumstances which would create a familiarity threat would include: Long association with a client. Acceptance of gifts or preferential treatment unless the value is clearly insignificant. Over-familiarity with the management of the organization such that judgment could be compromised.

The Intimidation threat

The intimidation threat occurs when members are deterred from acting objectively by threats, actual or perceived. Such a threat will occur in the following circumstances: The threat of dismissal or replacement of the member, or a close or immediate family member, over a disagreement about the application of an accounting principle or the way in which financial and performance information is to be reported. A dominant personality attempting to influence the decision making process or controlling relations with auditors. Being threatened with litigation. Being pressured to reduce inappropriately the extent of work performed in order to reduce fees.

The Specific Guidance Statements

These deal from a different view point with the specific areas where independence may be threatened. Integrity, Objectivity and Independence Professional Duty of Confidentiality Changes in Professional Appointments Books, Documents and Papers Corporate Financial Advice Conflicts of Interest

Integrity, objectivity and independence

The Rules of Professional Conduct state that A members objectivity must be beyond question. This can only be assured if the member is, and is seen to be, independent. Common threats to independence are: - Undue dependence on an audit client - Overdue fees - Family and other personal relationships - Beneficial interests in shares and other investments - Acceptance of goods, services or hospitality. Another threat to independence is the provision of other services to audit clients. The Rules of Professional Conduct state that it is right that members should provide other services for their clients. However, care must be taken not to perform executive functions or make executive decisions. Also, the preparation of accounting records for a public limited company is only allowed in exceptional circumstances.

Professional duty of confidentiality

The general rule is that information acquired in the course of professional work should not be disclosed to third parties without first obtaining the clients permission. There are two situations where disclosure, without the clients permission, needs to be considered: Obligatory - This is where members are bound to disclose information. This covers situations where they are compelled to disclose information under the process of law. For example, they could be served with a court summons or called as a witness.

 Voluntary - These are situations where members are free to disclose information.
-- In the public interest. There is no definition of public interest. Therefore, legal advice should be taken in order to decide whether disclosure will be justified or not. Disclosure would only be acceptable where it is made to one who has the proper interest to receive the information. -- To protect a members interest. For example, they might wish to defend themselves against a criminal charge or clear themselves of suspicion. -- Authorized by statute. For example, they should report any non-compliance with law or regulation to the proper authority. -- To non-governmental bodies. They could be approached by recognized but non- governmental bodies seeking information concerning acts of misconduct not amounting to a crime or civil wrong. If the body has statutory powers, they should comply and supply the relevant information.

Books, documents and papers The general principle is that documents belonging to the client must be given to the client or their legal agents on request. Clients have no rights of access to documents belonging to the audit firm. This distinction is a legal one. If the audit firm is acting on behalf of their clients, as their agents, then the documents produced belong to the client. This would cover the preparation of accounting records and tax returns. With the audit, however, the audit firm acts on its own behalf. Therefore, the client has no rights to the documents produced. Audit working papers should be retained for a period sufficient to meet the needs of the practice and in accordance with legal and professional requirements of record retention.

Right of Lien Generally, in the event that fees are not paid, members may exercise a lien over certain books and papers upon which they have been working. This right of particular lien exists when, usually, all of the following conditions apply. The documents retained must be the clients property They must have come into the members possession by proper means The member must have done work on the documents and issued a fee note

 The fees for which the lien is exercised must be outstanding in respect of work on the documents and not in respect of other unrelated work A lien cannot be exercised over books or documents of a registered entity which have to be available for public inspection or which have to be kept at the entitys registered office. Safeguards
The Rules of Professional Conduct suggest safeguards that can be instigated to manage conflicts, which may arise. These are: -- use different staff for each assignment; -- carry out a regular review of the situation; -- have instructions on maintaining confidentiality, and -- advise one or both clients to seek additional independent advice. Whenever a material conflict of interest between clients or potential clients is identified, sufficient disclosure should be made to the clients concerned so that they can make an informed decision as to whether to engage another firm or continue with the existing firm.

General safeguards
Safeguards created by the profession, legislation or regulation. For example:
Education and training requirements for members Continuing professional development requirements Professional standards (e.g. the specific guidance statements) Professional or regulatory monitoring and disciplinary procedures Corporate governance requirements

Safeguards in the work environment. For example:

Quality control over assurance engagements Using different partners and engagement terms with separate reporting lines for the Provision of non-assurance services to clients. The employing organizations ethics and conduct requirements Strong internal controls Appropriate disciplinary processes

Safeguards created by the individual. Continuing professional development. Keeping records of contentious issues and approach to decision making

Conflicts of interest Conflict between members and clients interests

Audit firms must always place their clients interests before their own. Therefore, they should not accept or continue engagements where there are significant conflicts of interest between the firm and its clients. Any form of financial gain which accrues, or is likely to accrue, to firms as a result of engagements, otherwise than in the form of fees or other reward from clients, or concession properly earned, will amount to a significant conflict of interest.

Conflicts between the interests of different clients

There is nothing improper in firms having two or more clients whose interests may conflict, provided the work that the firm undertakes is not, in itself, likely to be the subject of dispute between those clients. The firms work should be managed so as to avoid the interests of one client adversely affecting those of another. Where the acceptance or continuance of an engagement would, even with safeguards, materially prejudice the interests of any client, the appointment should not be accepted or continued.

Fraud and error (ISA 240 - Revised October, 2009)

Fraud comprises both the use of deception to obtain an unjust or illegal financial advantage and intentional misrepresentations affecting the financial statements by one or more individuals among management, employees or third parties. Fraud is also an intentional act by one or more individuals among management, those charged with governance, employees or third parties, involving the use of deception to obtain an unjust or illegal advantage. Fraud risk factors are events or conditions that indicate an incentive or pressure to commit fraud or provide an opportunity to commit fraud.

 Error would be unintentional mistakes in financial statements (including the omission of an amount or disclosure). When planning the audit, auditors should assess the risk that fraud or error may cause the financial statements to contain material misstatements. Based on this risk assessment, auditors should design their procedures so that they have a reasonable expectation of detecting material misstatements arising from fraud or error. Responsibility for the prevention and detection of fraud rests with the management and those charged with governance.

The auditors ability to detect fraud depends on a combination of factors

-- Skill of the fraudster -- Frequency and extent of the manipulation -- Relative size of the amounts manipulated -- Degree of collusion -- Seniority of those involved

The auditor should enquire of management about:

Managements assessment of the risk that the financial statements may be materially misstated due to fraud including: -- Nature -- Extent, and -- Frequency of these assessments Managements procedures for identifying and responding to risks of fraud including: -- Specific risks identified by management -- Risks brought to their attention by others, and -- Classes of transactions, account balances or disclosures for which a risk is likely to exist Communications by management with those charged with corporate governance concerning the processes adopted for the identification and response to risks Communications by management with employees concerning their views about business practices and ethics Discussions with the internal auditors

Procedures when there is an indication that fraud or error may exist:

When auditors become aware of information which indicates the existence of fraud or error, they should obtain an understanding of the nature of the event and the circumstances in which it has occurred. They should aim to gain an understanding of the possible effects on the financial statements. The auditors should document their findings and communicate them to the appropriate level of management. This would usually be the board of directors or the audit committee.

 The auditor may have a legal duty under national law to report fraud to regulatory and enforcement authorities. In such case, the auditor's duty of confidentiality is overridden by the law

Corporate governance
Corporate governance relates to the internal means by which corporations are operated and controlled. While governments play a central role in shaping the legal, institutional and regulatory climate within which individual corporate governance systems are developed, the main responsibility lies with the private sector. "A good corporate governance regime helps to assure that corporations use their capital

efficiently. Good corporate governance helps, too, to ensure that corporations take into account the interests of a wide range of constituencies, as well as of the communities within which they operate, and that their boards are accountable to the company and the shareholders. This, in turn, helps to assure that corporations operate for the benefit of society as a whole." (OECD) PRINCIPLES OF CORPORATE GOVERNANCE I II III IV V The rights of shareholders The equitable treatment of shareholders The role of stakeholders Disclosure and transparency The responsibility of the board

THE MAIN AREAS OF CORPORATE GOVERNANCE

Using the UK Combined Code, the primary areas of Corporate Governance are as follows:

Directors
An effective board of directors should: Lead company strategy. Include Non-Executive Directors (NEDs) who: o contribute to strategy. o assess performance of the Executive Directors. o Oversee integrity of financial information, control systems, and risk management. o Decide remuneration of the Executive Directors. o Appoint, remove, and consider succession planning of Executive Directors. Should meet regularly, with a formal agenda. Should detail its membership (including Chairman, CEO, Senior Independent Director, Committee members) and work in the Annual Report. Should ensure Chairman and NEDs meet without the Executives, to consider their performance. Should ensure NEDs meet without Chairman annually, to consider the performance of the Chairman.

Chairman and Chief Executive Officer (CEO)

Should not be the same person. Chairman leads Board, and sets agenda for Board Meetings. Chairman is key contact for shareholders.

 Chairman is Independent on appointment. Chairman is not the former CEO of the company. CEO runs the company.

Board balance
No one person, or group, should be able to dominate the Board. At least the Board, excluding the Chairman, should be Independent NEDs. Should be an appropriate balance of skills and experience. Annual Report must detail which NEDs are considered independent. Should appoint a Senior Independent Director so shareholders have an alternative to talking to the Chairman.

Appointments to the board

Nomination Committee, majority of whom are Independent NEDs. Chaired by Chairman (unless Chairman is being discussed). Have criteria for selection of new Board members. Report its work in the Annual Report. Organise induction and training for all directors.

Annual performance review

Board, its committees, and individual directors should have performance appraised at least annually.

Re-election of board members

At 1st AGM after appointment to Board, and at least every 3 years afterwards, by shareholders.

Remuneration of directors
Enough to attract, retain and motivate. Significant proportion should be performance-related. Should consider industry pay levels. NED remuneration should not be performance-related, but should reflect time involvement of the role. If a director is removed before the end of contract, provisions should be in place to ensure they are not overcompensated for failure. Notice periods no longer than 1 year.

Remuneration committee
At least 3 Independent NEDs as members. Should set remuneration of all executive directors and the chairman, and senior management. Remuneration of NEDs is flexible could be by Board as a whole, by shareholders, or a separate Board Committee.

 Shareholders must approve any long term share options.

Financial reporting
Board should present a balanced assessment of companys position and future prospects.

THE BUSINESS CASE FOR CORPORATE GOVERNANCE

Corporate Governance differs between countries, but tends to be either law, or best practice which companies are generally expected to comply with. But if it can be shown that improved corporate governance leads to increases in company profits and share price, any sensible Board of Directors would surely choose to have good corporate governance voluntarilymeaning there would be no need for regulation. There are arguments both for and against this link being true:

For
Good governance includes good risk management which must surely improve the performance of a company. Good governance creates a better impression of the company to investors, who are more likely to want to buy the shares and hence will drive up the share price. Happier investors are likely to require a lower rate of return on their investment, meaning company finance would be cheaper. A more balanced Board should reduce the risk of a single director defrauding the company. Some aspects of governance, e.g. corporate responsibility, may improve the companys reputation among its customers, and lead to products achieving a premium price, and sales volume increasing.

Against
Governance means lots of new systems and monitoring to make sure there is compliance takes time and money. If investors feel companies are doing it purely to comply, they may not feel there are any major business benefits. The governance requirements are likely to need more directors, especially NEDs, to be employed and senior staff are not cheap! Increased reporting responsibilities, and increased accounting complexity.

Conclusion
Real world evidence suggests very strongly that improved governance DOES lead to improved company valuation and companies with poor governance get bad media reaction, complaints from investors, and their share price tends to suffer as a result.