Restoring trust in audit and corporate governance

Question 1

Foreword

Accepted Answer

British business is built on trust. It is vital that our leading companies can command the confidence of financial markets and the investment community as the UK recovers from the effects of COVID-19. So I am pleased to publish the government’s ambitious plans to strengthen the UK’s audit and corporate governance framework, which will help companies build back stronger and better equipped to face tomorrow’s challenges. Transparency and good governance underpin a vibrant, modern economy and I am determined to reinforce the UK’s position as a world-class destination for investment in the wake of recent corporate failures that have led to job losses and uncertainty among small businesses and local communities.

This document outlines a set of proposals to hold directors of the largest companies to account, to establish clearer responsibilities on detection and prevention of fraud, to empower shareholders and to increase choice and quality in the audit market. Crucially, these proposals also recognise the economic importance of the largest privately-owned companies by expecting them to meet the highest standards of reporting, alongside listed companies.

These proposals will be backed by a strong and independent statutory authority for audit, corporate reporting and governance. Replacing the Financial Reporting Council, the new regulator will be tasked with protecting users of financial information by ensuring that those who prepare and assure reports are held to the highest standards.

This has the potential to be a major programme of reform and I am very grateful to Sir John Kingman, Sir Donald Brydon and the Competition and Markets Authority for their important and insightful independent reports on different aspects of the corporate governance and audit regime. Our proposals in this White Paper are based firmly on their findings and their thought leadership has already stimulated a vibrant and meaningful conversation, which I hope this publication will continue. I also welcome the work done by the Financial Reporting Council to improve audit quality and standards of corporate reporting and governance, and to progress reforms wherever possible in advance of legislation.

Looking to the future, the timetable for these changes is clearly of key importance to affected businesses. The government understands the serious challenges that businesses are facing because of the pandemic and we will not add to those: reforms will be introduced over an appropriate timetable. However, I am committed to our stated aim of reforming the corporate governance and audit regime and we intend to bring forward these reforms later in the Parliament, subject to your responses. In the meantime, I encourage all interested parties to respond to this consultation and to use this opportunity to improve the government’s final proposals.

The Rt Hon Kwasi Kwarteng MP
Secretary of State for Business, Energy & Industrial Strategy

Question 2

General information

Accepted Answer

Why we are consulting

This document sets out a package of measures aimed at improving the UK’s audit, corporate reporting and corporate governance systems. It takes account of views expressed in responses to the government’s initial consultations on the recommendations made by the Independent Review of the Financial Reporting Council to create a new regulator responsible for audit, corporate reporting and corporate governance, and by the Competition and Markets Authority’s market study on the audit of FTSE 350 companies. It also sets out proposals in response to Sir Donald Brydon’s Independent Review of the Quality and Effectiveness of Audit.

Through this consultation, the government is seeking views on its intended reforms, both individually and as a whole. This includes looking for evidence on their likely impact and suggestions for how they might be improved. Your contribution would be much appreciated.

Consultation details

Issued: 18 March 2021
Respond by: 8 July 2021

Enquiries to: audit.consultation@beis.gov.uk

Consultation reference: Restoring trust in audit and corporate governance - Consultation on the government’s proposals

Audiences:

The consultation is open to everyone with an interest in this area. In particular, we are keen to hear from: Users and preparers of accounts, Investors, Asset owners, Others who rely on audited accounts, Business stakeholders, Regulated firms, Companies, Restoring trust in audit and corporate governance, Other regulatory bodies such as professional associations, Other assurance providers

Territorial extent:

UK government is responsible for the operation and regulation of business entities across Great Britain. Previously, the Northern Ireland administration has agreed that, while the operation and regulation of business entities remains a transferred matter within the legislative competence of the Northern Ireland Assembly, amendments to the Companies Act 2006 and legislation regulating business entities should be made in the same terms for the whole of the United Kingdom. As such proposals set out in the consultation will apply across the whole of the UK.

How to respond

Respond online at: https://beisgovuk.citizenspace.com/business-frameworks/audit-and-corporate-governance-review

or

Email to: audit.consultation@beis.gov.uk

When responding, please state whether you are responding as an individual or representing the views of an organisation.

Your response will be most useful if it is framed in direct response to the questions posed, though further comments and evidence are also welcome.

We prefer electronic submission of your response. To help us analyse your response, we would be grateful if you could provide it in a format that can be read and searched by common word processing software and that allows copying and pasting into another document. Please avoid sending images or Portable Document Format (.pdf) files.

Confidentiality and data protection

Information you provide in response to this consultation, including personal information, may be disclosed in accordance with UK legislation (the Freedom of Information Act 2000, the Data Protection Act 2018 and the Environmental Information Regulations 2004).

We will process your personal data in accordance with all applicable data protection laws. See our privacy policy.

Because this document sets out government proposals to make extensive changes to the role and function of the Financial Reporting Council (FRC), we intend to share responses to this consultation with the FRC. If you do not want some or all of your response to be shared with the FRC, please tell us and, if necessary, provide a clearly-labelled redacted version of your response to be shared with the FRC. The FRC will process the responses shared with it in order to offer feedback to BEIS, but will keep those responses confidential as described above (disclosing them only as required by UK legislation, and processing personal data in accordance with all applicable data protection laws).

If you want the information that you provide to be treated as confidential please tell us, but be aware that we cannot guarantee confidentiality in all circumstances. An automatic confidentiality disclaimer generated by your IT system will not be regarded by us as a confidentiality request.

The government may choose to publish the content of responses in full on GOV.UK, other than those where confidentiality has been requested. Otherwise we will summarise all responses and publish this summary on GOV.UK. The summary would include a list of names of organisations that responded, but not people’s personal names, addresses or other contact details.

Quality assurance

This consultation has been carried out in accordance with the government’s consultation principles.

If you have any complaints about the way this consultation has been conducted, please email: beis.bru@beis.gov.uk.

Question 3

Executive summary

Accepted Answer

The need for reform

Reliable corporate reporting is vital to well-functioning financial markets, business investment and growth. It enables all interested stakeholders to make an informed assessment of a company’s performance and governance. It helps safeguard investors, creditors, employees, customers, suppliers and the wider public from corporate mismanagement. High quality reporting by directors allied with robust and challenging external audit should give confidence to all those with an interest in a company’s activities, position and prospects. Corporate failure can happen but it should rarely be a surprise.

However, stakeholder and wider public trust in the credibility of directors’ reporting and the statutory audit has been shaken by a succession of sudden and major corporate collapses which have caused serious economic and social damage, including the insolvencies of BHS in 2016 and of Carillion in 2018. Alongside this, the audit regulator has in recent years found up to a third of audits carried out by the 7 largest audit firms to be in need of improvement or significant improvement^{[footnote 1]}. There are also more long-standing concerns about a lack of competition and resilience in the statutory audit market covering the UK’s largest companies, and a perceived failure of the audit product to meet the growing expectations of its users.

To address these concerns, the government commissioned 3 independent reviews in 2018: Sir John Kingman’s Independent Review of the Financial Reporting Council (FRC), the Competition and Market Authority (CMA)’s Statutory Audit Services Market Study and Sir Donald Brydon’s Independent Review of the Quality and Effectiveness of Audit. The FRC Review found that the existing regulator lacked the necessary powers and clarity of purpose to hold auditors and directors sufficiently to account and recommended that it be replaced. The Brydon Review concluded that statutory audit needs to become more informative, and that higher expectations should be placed on both directors and auditors to deliver more useful information to the users of reports. The CMA Market Study showed an unhealthy dominance of the statutory audit market for larger companies by a small number of audit firms and called for new measures to increase quality, competition and resilience in the delivery of audit.

The government agrees with the findings of all 3 reviews, and thanks Sir John Kingman, Sir Donald Brydon and the Competition and Markets Authority for the rigour and depth of their analysis and for their detailed recommendations for change. The government is also grateful to the Business, Energy and Industrial Strategy Committee of the House of Commons for its work on audit reform and the recommendations set out in its The Future of Audit report published in 2019.

Problems with corporate reporting and audit are by no means exclusive to the UK, as the recent belated discovery of a major fraud at German payments processor Wirecard illustrates. But there are problems here that the UK must address. Fundamental reform of the framework underpinning audit and corporate reporting is needed to rebuild public trust in the way the largest companies are run and scrutinised. The UK has long had a hard-earned reputation for high standards of corporate governance and robust protections for investors and other stakeholders. It is vital to making the UK attractive to international business and investment. If that reputation is to be maintained, and enhanced, action is needed to address the weaknesses and lack of accountability that the 3 reviews have highlighted.

Summary of proposals

The proposed reforms in this consultation address the findings of each review and include new measures in relation to directors, auditors and audit firms, shareholders and the audit regulator. They are focused on the largest companies because that is where there is greatest public interest in ensuring that audit and corporate reporting are functioning effectively. The proposals take full account of the roles of the Financial Conduct Authority, the Prudential Regulation Authority and the Insolvency Service where they have related responsibilities. A holistic approach is essential to drive meaningful and lasting change and the government is clear that directors, auditors, shareholders and the audit regulator must all play their part. The reforms proposed in relation to all 4 are summarised below.

Directors

Directors are responsible for running their companies and are ultimately responsible for a company’s accounts and reports. They have statutory duties to promote the success of their company and various duties in relation to the preparation and auditing of the company’s accounts and reports. Responsible behaviour by directors is the fundamental starting point for high quality and reliable corporate governance and reporting.

The current framework, however, is inadequate in holding directors to account if they neglect these responsibilities. The Financial Reporting Council does not have any powers to enforce directors’ duties other than when a director is a member of a professional accountancy body. Further, there are weaknesses in reporting and accountability in 3 key areas of management relating to internal controls over financial reporting, dividend and capital maintenance decisions and the steps that directors are taking to consider and strengthen a company’s future resilience. The consultation document addresses these weaknesses through proposals for new reporting and attestation requirements covering internal controls, dividend and capital maintenance decisions, and resilience planning, designed to sharpen directors’ accountability in these key management areas.

There are also proposals to ensure that the regulator has effective investigation and civil enforcement powers to hold to account directors of large businesses which are of public importance for breaches of their duties in relation to corporate reporting and audit.

Audit, auditors and audit firms

The annual statutory audit of a company’s accounts is vital in providing independent, professional scrutiny of directors’ reporting of their business’s financial position. It serves as a powerful and ongoing incentive on directors to improve their company’s internal processes, including standards of internal assurance, and to describe the state of their business truthfully. The auditor has unique access to a company’s information, people and processes, enshrined in company law. Shareholders and other users of company reporting depend on the auditor to use these powers and responsibilities to provide them with assurance that the company accounts can be trusted. Auditors of public interest entities have additional obligations to test and assure the financial reporting of companies whose failure would bring particular economic and social shocks. The audit, done well, should be an ally of good business behaviour and a spur to directors to meet their legal obligations to shareholders, creditors and other stakeholders, which ultimately serves the public interest.

However, the experience of recent corporate failures and the audit regulator’s ongoing findings of sub-standard work in a significant minority of audits of public interest entities each year, have seriously called into question whether the statutory audit is performing the public interest function expected of it. As the Brydon Review found, the audit product has not changed significantly for decades. Auditors check for directors’ compliance with legal duties and accounting standards and provide an opinion that the accounts are free from material misstatement. That is important, but it does not address the increasing expectations of shareholders and other users of company reporting that the audit report should be more forward looking and informative.

Coupled with this lack of evolution of the audit product is the failure of the UK audit market to deliver increased competition, and by extension increased resilience, in the supply of audit services to public interest entities. It is not healthy for audit quality that the UK audit market is so concentrated, with 97% of FTSE 350 audits undertaken by just 4 audit firms. This concentration is not helped by the fact that those firms also compete to provide a wide range of other business services to the largest companies.

The government is clear that reform is needed to drive a new auditor mindset and to strengthen the resilience and integrity of the audit market. Central to achieving this is the proposed creation of a new, stand-alone audit profession, underpinned by a common purpose and principles – including a clear public interest focus – and with a reach across all forms of corporate reporting, not just the financial statements. Alongside this the government is proposing new regulatory measures to increase competition and reduce the potential for conflicts of interest, by providing new opportunities for challenger audit firms and new requirements for audit firms to separate their audit and non-audit practices.

Shareholders

Shareholders, as the owners of companies, have a vital role to play in the corporate governance framework. They do not run companies – that is the job of the directors – but they do vote on director appointments, approve final dividends, approve the appointment of auditors and vote on directors’ remuneration and other matters. Institutional investors, in particular, have a stewardship role, seeking to create long term value for their clients through oversight of the companies in which they are invested. Shareholders are the primary users of company reporting and audit. They should have a strong interest in its quality, accuracy and reliability because it provides a basis for informed investment decisions and the efficient allocation of investment capital across the economy.

There are concerns, however, that asset managers and asset owners do not sufficiently prioritise audit as a stewardship issue of importance^{[footnote 2]}. Institutional shareholders have also been criticised for poor stewardship in the period before the collapse of some prominent companies. The FRC Review took a strong interest in the Stewardship Code, urging improvements to its effectiveness to increase the quality of investor engagement. These improvements are now in progress through recent revisions to the Code.

This consultation document proposes further measures to improve stewardship by giving investors stronger and better opportunities to engage with companies, particularly on audit matters. These include a proposal for companies to be required to set out their approach to audit through publication of an audit and assurance policy on which there would be an advisory shareholder vote. Shareholders would also have a formal opportunity to propose to the audit committee areas of emphasis to be considered within the auditor’s annual audit plan.

The audit regulator

The FRC Review identified strengths but also significant weaknesses in the FRC’s effectiveness in overseeing and holding directors, auditors and investors to account for their respective roles within the regulatory and corporate governance framework. The Review noted the absence of a meaningful statutory base for the regulator’s work, the absence of clear statutory objectives, and inadequacies in its enforcement powers in key areas of audit supervision, reporting and directors’ accountability. It noted weaknesses in the regulator’s ability to foster competition in the audit market. It also pointed out limitations in the FRC’s capacity to be forward-looking and in its ability to act on intelligence and identify potential corporate problems at an earlier stage before they become irreversible.

Following the Review, the FRC, under new leadership, has taken significant steps to strengthen its capabilities. However, legislation is needed in many areas to complete the task of remodelling the regulator and to establish the FRC’s successor body, the Audit, Reporting and Governance Authority (ARGA). The consultation document sets out the steps that the government proposes to take to give ARGA the formal duties, functions and powers it needs to be fully effective. They include new statutory objectives and functions along with a new statutory levy to replace the existing voluntary levy. The government is also proposing to give the regulator competition powers and new powers to strengthen its corporate reporting review function, its oversight of audit committees and to enforce the corporate reporting duties of directors. The consultation document additionally sets out proposals for the regulator to have responsibility for deciding which individuals and firms should be approved to audit PIEs.

Chapter summaries

Chapter 1 – The government’s approach to reform

This chapter sets out the government’s overall approach to reform and why public interest is at the heart of the reforms.

The audits and auditors of Public Interest Entities (PIEs) are currently subject to a number of additional regulatory measures. PIEs are the focus of most of the proposed new regulatory measures relating to audit, corporate reporting and corporate governance. The current definition of a PIE covers predominantly publicly listed companies. This chapter sets out 2 options for expanding the PIE definition, both of which would expand it to include the largest private companies.

Views are sought on other types of entity that could be included in a new PIE definition, including third sector entities with a public benefit purpose. The chapter also explains the implications for the statutory audit market flowing from a new PIE definition and proposes a timeframe for its introduction.

Chapter 2 – Directors’ accountability for internal controls, dividends and capital maintenance

This chapter sets out options for strengthening the UK’s internal control framework and proposals for stronger disclosure and attestation requirements relating to dividends and capital maintenance. The proposals in both instances take account of relevant recommendations made in the FRC and Brydon reviews and, in the case of dividends, outcomes from the government’s consultation on Insolvency and Corporate Governance in 2018.

In relation to internal controls, views are sought on the following 3 options, which are not intended to be mutually exclusive:

company directors should be required to carry out a review of the effectiveness of their company’s internal controls each year and make a statement, as part of the annual report, as to whether they consider them to have operated effectively. The statement should disclose the benchmark system used and explain how the directors have assured themselves that it is appropriate to make the statement;
the audit report should describe the work the auditor is already required to do to understand the company’s internal control systems to the extent needed to perform the audit, and to state how that work has influenced the audit, but without a formal auditor opinion on the internal controls’ effectiveness being required; and
the auditor should be required to provide a formal opinion on the directors’ annual attestation about the effectiveness of the company’s internal controls, potentially limited to key internal controls over financial reporting, or a sub-set of that.

The chapter sets out a tentative preferred option which would require a directors’ statement about the effectiveness of the internal controls, but (unlike the US’s approach to internal controls which mandates external auditor attestation in most cases) leave the decision on whether the statement should be assured by an external auditor to the directors, audit committee and shareholders. The preferred option is not intended to shut down discussion of alternatives.

The following reforms are proposed in relation to dividends and capital maintenance:

companies (the parent company in the case of a group) should disclose the total amount of reserves that are distributable, or – if this is not possible – disclose the ‘known’ distributable reserve, which must be greater than any proposed dividend;
in the case of a group, the parent company should provide an estimate of distributable reserves across the group; and
directors should state that any proposed dividend is within known distributable reserves and that payment of the dividend will not, in the directors’ reasonable expectation, threaten the solvency of the company over the next 2 years.

The chapter also invites views on proposals to give ARGA new powers in relation to how companies should calculate their distributable reserves. Currently, guidance in this area rests with the professional accountancy bodies.

Chapter 3 – New corporate reporting on resilience, assurance and payment practices

Responding to recommendations in the Brydon Review, this chapter invites views on the following proposed new reporting requirements for directors of public interest entities:

an annual Resilience Statement, setting out how directors are assessing the company’s prospects and addressing challenges to its business model over the short, medium and long-term, including risks posed by climate change; and
an Audit and Assurance Policy, describing directors’ approach (over a rolling 3 year forward look) to seeking internal and external assurance of the information they report to shareholders, including any external assurance planned beyond the scope of the annual statutory audit.

The chapter also invites views on how company annual reports could include certain minimum reporting on supplier payment policies and practices.

Chapter 4 – Strengthening the supervision of corporate reporting

This chapter sets out the government’s proposals for strengthening the regulator’s powers relating to its corporate reporting review work. The proposals respond primarily to recommendations made in the FRC Review. The key measures proposed are:

ARGA to have powers to direct changes to company reports and accounts, rather than having to seek a court order which is the position at the moment;
increased transparency for the existing Corporate Reporting Review process, by enabling ARGA to publish summary findings following a review and, if necessary, full correspondence;
the extension of the Corporate Reporting Review process to the whole of the annual report and accounts. This will ensure that ARGA can review areas that are not currently within the scope of its powers such as corporate governance statements and directors’ remuneration and audit committee reports as well as voluntary elements such as the CEO and chairman’s reports.

Chapter 5 – Company directors

This chapter sets out proposals to:

give the audit regulator investigation and enforcement powers in relation to wrongdoing by directors of Public Interest Entities; and
strengthen malus and clawback provisions within executive directors’ remuneration arrangements.

The investigation and enforcement powers would apply to breaches of statutory duties relating to corporate reporting and company audit. They include the power for the regulator to impose more detailed requirements for how directors should meet these duties. The government is also considering requiring directors to meet certain behavioural standards in fulfilling these duties.

The strengthened malus and clawback arrangements involve the identification of minimum clawback conditions which would apply in all cases and have a minimum two-year application period. These conditions could include clawback for serious misconduct, a material misstatement of results or an error in performance calculations and failures of internal controls and risk management. Subject to consultation responses, the government proposes to invite the FRC to implement these stronger arrangements through changes to the UK Corporate Governance Code.

Chapter 6 – Audit purpose and scope

This chapter examines the major reform of audit proposed by the Brydon Review, and sets out the government’s proposals in response, including changes relating to audit’s purpose, audit practice and the organisation of the audit profession. The government’s proposals include:

a new corporate auditing profession to operate independently of the professional accountancy bodies;
new overarching principles for auditors, to reinforce good audit practice;
a new duty on auditors to take a wider range of information into account in reaching audit judgements, in particular whether financial statements give a ‘true and fair view’; and
new obligations on both auditors and directors relating to the detection and prevention of material fraud.

Chapter 7 – Audit committee oversight and engagement with shareholders

This chapter responds to recommendations in the CMA Market Study and proposes to safeguard the interests of shareholders and other users of accounts by giving the regulator new powers to set and enforce additional requirements for audit committees in the appointment and oversight of auditors. The proposed new measures are aimed at increasing audit quality. The government envisages that they would apply to audit committees at FTSE 350 companies. The government is also consulting on powers to give the regulator an independent ability to appoint an auditor where more serious problems exist with a company’s audits.

The chapter also responds to recommendations in the Brydon Review and proposes a number of new measures to encourage and facilitate more meaningful engagement between a company and its shareholders on matters affecting audit quality. These include a formal mechanism by which shareholders of a quoted company can propose additional matters for emphasis within the scope of the company’s external audit, and proposals for better communication to shareholders following the resignation or dismissal of the auditor of a public interest entity.

Chapter 8 – Competition, choice and resilience in the audit market

This chapter sets out the government’s plans to increase choice, competition and resilience of the UK’s statutory audit market in response to the CMA Market Study and taking account of comments received on the government’s initial consultation on the CMA findings and the independent review of the FRC. The proposed reforms include:

greater regulatory powers and duties intended to increase choice and competition in the FTSE 350 audit market, initially through a managed shared audit regime and, if needed, taking a reserve power for a managed market share cap;
requiring operational separation between the audit and non-audit arms of certain firms, as determined by the new regulator. This will include separate governance, financial statements prepared on an arm’s length basis, and regulatory oversight of audit partner remuneration and audit practice governance; and
statutory powers for the regulator to proactively monitor the resilience of the audit market and audit firms, including powers to require audit firms to address any viability concerns that are identified. The regulator will also have the power to take enforcement action to address anti-competitive practices and an abuse of dominant position within the statutory audit market.

It is envisaged that ARGA will be given rule-making powers to deliver the first 2 of these proposals to ensure that it has the ability to refine and adjust elements of detail over time and as the market adjusts.

Chapter 9 – The supervision of audit quality

In response to recommendations of the FRC Review, this chapter sets out:

plans to make the new regulator responsible for approving statutory auditors of public interest entities, rather than the professional bodies;
proposals to improve transparency of the regulator’s Audit Quality Review reports on individual audits, while providing safeguards for sensitive information;
the government’s intention to provide the regulator with new powers to require a UK Group auditor to arrange access to overseas component auditors’ working papers, where considered appropriate; and
a request for views on how the regulator might access information covered by an audited entity’s legal professional privilege that is needed for the regulator’s inspections and investigations of statutory audit.

Chapter 10 – A strengthened regulator

This chapter sets out the framework for establishing a strengthened regulator, the Audit, Reporting and Governance Authority (ARGA).

The chapter proposes that ARGA, which will replace the Financial Reporting Council, will be established as a company limited by guarantee. Its general objective will be to protect and promote the interests of investors, other users of corporate reporting, and the wider public interest. It will also have 2 operational objectives, on quality and competition, and several regulatory principles set out in legislation.

ARGA will be governed by a simplified board with strengthened oversight, and non-executive members including the Chair will be public appointments. The regulator will be accountable to Parliament, with strategic direction from the government. It will be funded by a statutory levy, paid for by market participants.

Chapter 11 – Additional changes to the regulator’s responsibilities

This chapter sets out further changes to the regulator’s responsibilities arising from recommendations in the FRC Review. These include:

proposals for the regulator to have a new statutory role in the supervision of accountants and actuaries, replacing more informal arrangements; and
proposals for a more pro-active role for the regulator in identifying and assessing serious issues relating to a company’s corporate reporting or audit by strengthening the regulator’s information gathering and investigatory powers. This includes the power to require an expert review, paid for by the company to investigate issues in greater depth and explore the underlying causes.

The chapter also proposes to transfer the appointment of the Independent Supervisor of the Auditors General from BEIS to Parliament and sets out the government’s consideration of recommendations from the independent reviews relating to whistleblowing, local audit and investor stewardship.

Supporting documents

Alongside this document, the government is also publishing an impact assessment, a summary of stakeholder responses to the government’s initial consultation on the recommendations of CMA’s Market Study, and a summary of how each of the 150-plus recommendations of the 3 reviews is addressed either by this document or through action by the Financial Reporting Council.

Government’s wider work to improve corporate frameworks

This reform package is part of wider work to strengthen the legal and corporate governance framework within which UK companies operate, and so to underpin fairness and transparency in UK markets. The government’s Corporate Insolvency and Governance Act 2020 has introduced a new insolvency moratorium procedure which leaves directors in control whilst they implement a plan to rescue the company as a going concern. The government has also announced recently that it will take forward reforms to improve the quality and accuracy of data held on the Companies House register, including data about the identity of directors thereby giving businesses more confidence in who they are dealing with and reducing the risk of fraud.

The government has also implemented a major set of reforms to improve corporate governance. This included legislation, which took effect in 2019, to introduce executive pay ratio reporting and requirements on large private companies to explain their corporate governance arrangements for the first time. The legislation also requires directors to report on how they have had regard to the stakeholder and other matters in section 172 of the Companies Act 2006, including the interests of employees and the consequences of decisions in the long term. Recent changes to the UK Corporate Governance Code have underpinned this, providing further encouragement for boardrooms to consider the wider impacts of their company’s business activities, and to strengthen engagement with employees.

These and other steps, including Lord Hill’s current review on listings, illustrate the government’s determination to keep the UK’s business frameworks at the forefront of international best practice and to enhance the UK’s attractiveness as a destination for international business and investment. All of this is part of building back better as the UK emerges from COVID-19. The government plans to build on the UK’s short-term economic recovery to ensure long-term economic growth, boost productivity across the UK, give businesses the confidence to invest and ensure that entrepreneurs are enabled to scale their businesses. A high-quality business environment and high standards of audit and corporate governance are important to achieving this aim.

Question 4

1.  The government’s approach to reform

Accepted Answer

This document sets out the proposed overall approach to reforming corporate reporting and audit in the light of the findings of the 3 independent reviews commissioned by the government and, additionally, the work of the BEIS Select Committee. These proposals, taken together, represent a comprehensive and holistic package of reforms that will protect and promote the public interest in trustworthy and informative corporate reporting and audit.

The government will bring forward these reforms quickly, consistent with the broad consensus for change and the significant progress that has already been made by the FRC, while recognising that it is important that impacts on businesses are carefully considered. The government’s proposed approach to the timetable for reform is set out in this chapter and views are sought as to whether this strikes a sensible and proportionate balance.

Importantly, this chapter also sets out the proposed definition of the group of companies to which many of the reforms will apply. Recognising that the businesses that influence and impact public confidence and perceptions of corporate Britain are not just those that are publicly traded, the government proposes to extend the UK’s definition of Public Interest Entities. This will ensure that the UK’s high standards for corporate reporting and audit, enhanced by this package of reforms, will provide confidence across a wide range of businesses in which there is public interest.

1.1 The government’s approach

1.1.1 This document sets out the government’s proposals for reform of audit and corporate reporting, including the setting up of a new regulator. The main basis for these proposals comes from Sir John Kingman’s Independent Review of the Financial Reporting Council (FRC)^{[footnote 3]}, the Competition and Market Authority (CMA)’s Statutory Audit Services Market Study^{[footnote 4]} and Sir Donald Brydon’s Independent Review of the Quality and Effectiveness of Audit^{[footnote 5]}, along with responses to initial consultations on the FRC^{[footnote 6]} and CMA^{[footnote 7]} reviews. The government agrees with the findings of all 3 reviews and thanks their respective authors. The BEIS Select Committee’s 2019 Future of Audit Report^{[footnote 8]} has also provided invaluable analysis and measured recommendations that have been integral to the development of this package of reforms.

1.1.2 The government wants its reform of audit to be effective and is therefore looking to make decisive changes. Previous attempts at incremental reform have not prevented the problems identified by the reviews. The proposals in this document are therefore intended to be significant, targeted measures.

1.1.3 These reforms are focused on the largest companies because that is where there is greatest public interest in ensuring audit and corporate reporting function as intended. The government is therefore looking to define the broad scope of its reform through a revised definition of public interest entities (PIEs) – companies and other bodies in which there is a particular public interest. The intention is for both tighter audit regulation and the new corporate reporting proposals below to cover all PIEs.

1.1.4 The reforms described below need to be coordinated within a wider regulatory framework for business in the UK, and complement actions taken and being taken forward by the FRC. Audit, transparency and governance issues already come under the remit of a number of existing regulatory regimes, including the Financial Conduct Authority (FCA), which has the primary statutory objective to protect market integrity. This requires regulators to ensure that the regulatory burden imposed on capital market participants is proportionate and supports UK capital markets in meeting the needs of issuers as well as investors. In support of this the government is committed to avoiding overlap or duplication between the role of ARGA and the existing scope or powers of the FCA wherever possible, particularly in respect of its statutory market integrity role. The government, the FRC and the FCA will work together to ensure that such overlap is avoided except where it is considered absolutely necessary on the basis of clear principles of effective regulation, having followed due process.

1.1.5 One of the challenges in bringing forward the package of measures in this document has been the need to ensure they are appropriate in the UK’s current economic context, not least because of the consequences of the COVID-19 pandemic. In some ways the current climate makes access to trustworthy information about the state of companies more important than ever. But equally the government is very aware that many businesses are hard-pressed at present.

1.1.6 It is vital that the new regulator ARGA is established and that the legislation to enable other proposed changes is put in place when Parliamentary time allows. As section 1.2 below sets out, the government is considering the scope for its measures to be introduced in stages or after a transitional period, to manage the impacts on business.

1.1.7 It is also the government’s intention to monitor and spur on progress of its reforms over time. As set out below in section 1.2, in addition to its ongoing oversight of the implementation and maintenance of its reform package, the government will review the implementation of its reforms to regulation after 5 years by way of a Post-Implementation Review.

1.1.8 This document presents measures that balance the need for meaningful reform with proportionate impacts on business, both now and for the future. While there are many other important issues in corporate governance and reporting, from reporting of carbon emissions to boardroom diversity, this consultation sets out a coherent package centred on reforms to further the public interest in audit and corporate reporting and the establishment of a new regulator to replace the FRC, based on the findings of the 3 reviews.

1.1.9 While the principal aim of these reforms is as set out above, in implementing them the government will look for opportunities to simplify or consolidate requirements on business. Feedback on possible improvements of this sort is welcome as part of consultation responses.

1.2 The timetable for change

Next steps

1.2.1 The intention is for responses to this consultation to inform draft legislation that the government will introduce to Parliament when Parliamentary time allows. Some of the proposed measures include the ability to set important details at a later date through secondary legislation brought forward for Parliament’s approval by the government. Many measures not requiring legislation are being taken forward already by the FRC.

1.2.2 There is scope for auditors and others to take action on their own initiative while legislation is being developed, including action towards defining and developing a new audit profession.

When will new measures take effect?

1.2.3 In legislating for audit reform, there will be choices to make about when the reforms will come into force. Individual measures could be brought into force on a specific date, over a phased period, or there could be a power to switch certain reforms on when appropriate.

1.2.4 Once the law is in effect, there is often a transition period in which special measures apply – for example, to make sure of an orderly transition to a new regulatory regime.

1.2.5 Some of the measures proposed have the potential to be phased in. For example, some of the proposals on new corporate reporting below would apply to premium listed companies initially, and then after 2 years to all Public Interest Entities. Consideration could also be given to excluding emerging growth companies from some of the new measures for a period of time after an Initial Public Offering (IPO) to ensure that they do not present a deterrent to seeking a listing.

1.2.6 To balance the urgency of audit reform with its desire to manage additional requirements on businesses, the government intends to take the following overall approach:

In general, measures that do not directly impact on businesses would be brought into effect quickly. This is intended to include:
- measures associated with establishing the new regulator, including the powers and duties of the regulator; and
- measures that do not take effect until something else is done (for example, powers to make legislation which will require the further approval of Parliament).
Measures with significant impacts on those regulated by the new regulator would be commenced quickly, but transition periods and/or phasing (particularly for those newly in scope of the regulator) may be appropriate to ensure a smooth introduction.
Measures with significant impacts on wider business are most likely to be considered for later commencement, a transition period and/or phasing. In particular this would include the proposed extension of the definition of Public Interest Entities and introduction of a stronger internal controls regime.

Assessing the progress of reform

1.2.7 The government wants to make sure its proposals are implemented well and recognises that there is wider interest in this assessment. The CMA market study recommended that the government set a specific point (e.g. 5 years from implementation) at which progress should be reviewed and the effectiveness of the overall package of remedies assessed by the regulator^{[footnote 9]}. The Brydon Review recommended an independent review in 2025 of the 3 reviews’ implementation^{[footnote 10]}.

1.2.8 As required by the Small Business, Enterprise and Employment Act, the government will review the effectiveness of its legislation after 5 years by way of a Post-Implementation Review (‘PIR’). However, particularly given that not all proposals are intended to commence immediately, the government’s reform package will take longer to have its full intended effect. The government therefore believes 2025 would be too soon to hold a separate independent review of progress. Instead, the government and the regulator will ensure ongoing oversight of the implementation of its proposals and their performance in practice. Data collected through this monitoring and the PIR should inform a future decision on when and how best to review progress in the round.

1.2.9 Specific arrangements for review of measures relating to competition, choice and resilience in the FTSE 350 audit market are set out in Chapter 8 below.

1.3 Resetting the scope of regulation

The government believes that regulation by ARGA should focus on public interest entities. Auditors and audits of those entities are already subject to more stringent requirements and oversight. The government intends to introduce a wider definition of ‘public interest entity’ to ensure that large businesses which are of public importance are subject to appropriate regulation.

Public Interest Entities

1.3.1 Following recent large scale business collapses there is a clear need for a robust regulator which can act in the public interest to restore trust in business and to retain public confidence. Regulation of audit, corporate reporting and corporate governance helps to promote good economic health through well-functioning markets by ensuring provision of trustworthy information for investors and other stakeholders with an interest in companies. It can also help to mitigate risks arising from possible economic and social shocks by enabling early action to avoid or manage significant company failures.

1.3.2 The Brydon Review’s recommendations were focused on improving the audit and assurance of public interest entities (PIEs)^{[footnote 11]}. The Review also reflected that other large companies may be usefully considered given their importance to the UK economy^{[footnote 12]}. The FRC review recommended that the regulator’s oversight of corporate reporting be focused on public interest entities^{[footnote 13]}.

1.3.3 Public interest entities are currently defined in the Statutory Audit Directive^{[footnote 14]}, implemented before the UK left the EU, as:

entities whose transferable securities are admitted to trading on a regulated market^{[footnote 15]};
credit institutions^{[footnote 16]}; or
insurance undertakings^{[footnote 17]}.

1.3.4 EU Member States have the option of designating additional entities as public interest entities, for example, undertakings of significant importance because of their nature, size or number of employees. The UK has not so far taken this approach. However, the government believes that the time is now right to consider the public interest in corporate entities more broadly.

1.3.5 There are currently around 2,000 PIEs in the UK^{[footnote 18]}. The statutory audits and auditors of those entities are subject to more stringent regulation, for example, in relation to:

how they are appointed including in relation to the selection procedure used,^{[footnote 19]} the maximum duration of their appointment^{[footnote 20]} and on the extent to which they may provide non-audit services; and
the statutory auditor’s functions including additional requirements as to the content of the auditor’s report,^{[footnote 21]} the prohibition on non-audit services, and a requirement for a report to be made to the PIE’s audit committee (or equivalent body);^{[footnote 22]} and
their regulation including a requirement for the regulator to take direct responsibility for inspecting, investigating and imposing sanctions in relation to audits of PIEs.^{[footnote 23]}

1.3.6 Companies in scope of the PIE definition with more than 500 employees are also required to produce a non-financial information statement within their strategic report^{[footnote 24]}.

1.3.7 The FRC also inspects, investigates and imposes sanctions in relation to the audits of certain entities which are not PIEs, namely Lloyds syndicates and certain AIM listed companies^{[footnote 25]}. But these entities are not subject to the more stringent regulation which otherwise applies to PIE auditors and audits.

1.3.8 The FRC Review expressed a concern that “the UK’s current PIE definition may be somewhat too narrowly drawn and may exclude entities whose audit arrangements are a matter of public interest”, particularly large private companies^{[footnote 26]}. The Review recommended that the government review the UK’s definition of a PIE^{[footnote 27]}. In its initial consultation, the government welcomed this recommendation and said it would consult on proposals.

Issues arising from consultation

1.3.9 Consultees who responded indicated some support for extending the definition of PIE to include other large entities (particularly large private companies and large AIM-quoted companies). Some consultees cited the recent failures of Patisserie Valerie (AIM) and/or BHS (unlisted) as entities that should have been PIEs to provide protection to the public and investors. By contrast, consultees were broadly opposed to smaller entities being included within the definition on the basis that regulation should be proportionate, noting potential costs to the entity and the regulator.

1.3.10 There was support for the public interest as the test for determining where the regulator should target its resources. This was reflected by consultees who thought that PIEs should be designated because of the nature of their activities and not simply because of their size. For example, non-corporate entities could be considered because of the public interest in their activities. The government recognises that the activity of an entity may mean that it is of public interest. However, the government believes it is appropriate to focus a test on companies given its intention to restore trust and retain public confidence in business.

1.3.11 A small number of consultees supported removing entities^{[footnote 28]} from the existing PIE definition. The government is not attracted to this proposal as there is a clear public interest in many of these entities.

Government proposals

1.3.12 The government’s aim in expanding the PIE definition is broadly to ensure that:

there is a clear articulation of the public interest in any group of entities being added to scope, for example, to provide increased investor protection, where their purpose has public benefit or in recognition of wider economic significance;
the impact is proportionate, i.e. the benefit of such entities becoming PIEs merits the extra regulation required of them; and
as far as possible, the definition is aligned with existing thresholds which are used to determine the entities in scope of audit, corporate reporting and corporate governance requirements.

1.3.13 The government proposes that an expanded PIE definition would operate to:

extend the scope of the existing audit and corporate reporting requirements which already apply in relation to PIEs as set out above; and
generally frame the scope of any new regulatory measures in relation to audit, corporate reporting and corporate governance as set out in this consultation document^{[footnote 29]}.

1.3.14 The government considers this to be a proportionate approach which will ensure that companies with greatest public importance are held to account in the public interest, whether traded or not. The government welcomes the views of consultees on the operation of the PIE definition.

Large companies

1.3.15 The government believes that the size of a company is a significant factor in determining whether it is a public interest entity. Larger companies tend to have a higher number of employees, creditors and investors with greater social and economic impact should they fail. The continued success of large companies, whatever their legal status, also has a sizeable impact on the economy at large as well as on its employees, suppliers, customers, and others.

1.3.16 The government proposes to extend the UK’s PIE definition to include large companies within certain limits regardless of whether they are admitted to trading on a regulated market. This will, for example, ensure that certain large private companies are now included within the definition of a PIE.

1.3.17 The government has identified 2 alternative approaches which could be used to identify the large companies which ought to be added to the PIE definition on the basis of their size. Whilst the 2 approaches identified are different, the government has sought to reflect and align with existing thresholds for other reporting obligations.

Option 1: The government could adopt the test used to identify those large companies which are already required to include a corporate governance statement in their directors’ report^{[footnote 30]}. That provision covers all companies with either:

more than 2,000 employees; or
a turnover of more than £200 million and a balance sheet of more than £2 billion.

Option 2: The government has also considered adopting a narrower test which incorporates the threshold for additional non-financial reporting requirements for existing PIEs^{[footnote 31]}, and would mean the definition of a PIE was only extended to large companies with both:

over 500 employees, and
a turnover of more than £500 million.

1.3.18 The second option focuses specifically on businesses which have high numbers of employees and turnover that would not necessarily be captured in the first test.

1.3.19 The thresholds used under either option would apply to all companies in their own right. Additionally, in the case of parent companies, the thresholds would be applied to the group headed by that company. It is proposed that a parent company would therefore qualify and be regulated as a PIE if the relevant thresholds for options 1 or 2 were met when applied to the accounts of the group headed by that company (i.e. its consolidated financial statements), where the parent company is required to file group accounts in the UK. The government considers that this is appropriate given that in the case of parent companies the accounts of the group headed by the company better reflect the commercial reality of the entity.

1.3.20 The government recognises that there may need to be differences in how individual requirements should apply to PIEs which are part of a group (for example, corporate reporting requirements will differ for parent companies who may be required to report in respect of the group). The government intends to consider this further.

1.3.21 It is estimated that Option 1 would mean that approximately 1,960 entities would be brought within the definition of a Public Interest Entity, whereas option 2 would mean around 1,060 additional entities being caught by the definition^{[footnote 32]}.

1.3.22 The precise test used will affect the types of companies to which the definition applies. Option 1 captures companies in 2 different ways. It would cover companies with large numbers of employees but relatively few assets or turnover (for example, a services business with many staff but limited capital assets), as well as those with a high turnover and strong balance sheet but relatively few employees (for example, a high-tech manufacturer with significant physical or intangible assets). Option 2 may not capture those types of businesses as it requires companies to have a minimum threshold of both employees and turnover and so it will capture a different type of entity.

Question 1. Should large private companies be included within the definition of a Public Interest Entity (PIE)? Please give your reasons.

Question 2. What large private companies would you include in the PIE definition: Option 1, Option 2 or another? Please give your reasons.

AIM companies

1.3.23 As set out above, the regulator currently exercises monitoring and sanctioning powers in relation to the audits of Alternative Investment Market (‘AIM’) quoted companies incorporated in the UK with a market capitalisation of more than €200m^{[footnote 33]}. That means that while they are not PIEs, their audits are subject to monitoring and enforcement by the regulator rather than the professional bodies given their public importance. The government has identified that such AIM companies would not necessarily meet the size thresholds under either of the options proposed above but considers them of public interest given that they offer their shares publicly. The government intends that any new definition of PIE should also include companies on the exchange-regulated AIM market with market capitalisations above €200m.

1.3.24 This would mean that these companies would be subject to the range of existing and proposed requirements which will apply in respect of PIEs (and not just the regulator’s monitoring and sanctioning powers in relation to those companies’ audits). There are around 105 AIM companies which would be in scope. The government proposes to continue to use the existing threshold for AIM market companies, given the importance of reliable information for investors and the public interest because of public trading.

Question 3. Should AIM companies with market capitalisation exceeding €200m be included in the definition of a PIE? Please give your reasons.

Private companies listing on a regulated market

1.3.25 Listing on a regulated market automatically entails a company becoming a PIE. It will therefore be subject to the existing requirements associated with this status and – in the future – the new reporting and other requirements being considered in this document. If a private company seeking a listing is already of a size and scale that would qualify it as a PIE under a future expanded definition, the transition would not entail new obligations. However, for a private company that does not meet these thresholds, seeking a listing will bring new obligations.

1.3.26 High standards of reporting and governance are rightly expected of listed companies, but the government does not want to deter private companies from seeking a listing. It is therefore considering whether to make the transition to listed status easier by making compliance with some or all of the proposed new PIE requirements optional for a period of time after flotation, subject to gross revenues remaining below a specified threshold. Many new listed companies will want to comply voluntarily in order to build investor confidence in their reporting and future prospects, but some flexibility might be helpful in addressing any concerns about burdens.

Question 4. Should government give newly listed companies a temporary exemption from some of the new reporting and attestation requirements being considered for Public Interest Entities?

Qualifying and ceasing to qualify as a PIE

1.3.27 The government recognises that the responsibilities which rightly follow from being designated as a PIE are significant. Large companies and AIM companies would need some certainty as to when they would be brought into or fall outside of the new definition. The government will consider what provision should be made to ensure that the thresholds are applied over an appropriate period. For example, a company might be required to meet the thresholds for 3 consecutive financial years or to meet the thresholds for 2 out of the last 3 years before qualifying as a PIE. The government will also consider whether similar provisions could be applied for ceasing to qualify where these are not met. This is something the government will consider when taking forward any legislation and on which it welcomes the views of consultees.

Other Considerations

Lloyd’s Syndicates

1.3.28 Lloyd’s Syndicates are also already subject to enhanced audit monitoring and enforcement by the regulator. Lloyd’s Syndicates are an important part of the UK’s financial and insurance sector and hence there is a public interest argument that they should become PIEs alongside the rest of the sector. They are currently subject to different regulatory requirements from PIEs^{[footnote 34]}. Lloyd’s Syndicates are technically set up on an annual basis, but in practice many function like permanent insurance operations where the providers of capital (Lloyd’s members) may change from year to year. Due to their structure the risks of failure and wider economic significance of such failure are considered to be less than those of AIM and large private companies. The government recognises this might mean the need for additional scrutiny and regulation as a PIE is disproportionate.

Question 5. Should the government seek to include Lloyd’s Syndicates in the definition of a PIE? Please give your reasons.

Third sector entities

1.3.29 Third sector entities (for example, universities, charities and housing associations) that responded to the initial consultation expressed an interest in extending regulation to ensure there is no gap in oversight, given the public benefit purpose that is common in such organisations. The government does not wish to create a gap in regulation for large third sector entities, but it also recognises that many of these will already be subject to sectoral regulation^{[footnote 35]}. However, the government is open to large third sector entities being classed as PIEs where they meet a suitable threshold^{[footnote 36]}.

1.3.30 A different threshold might be required for large third sector entities given their relative scale^{[footnote 37]} and the nature of their activities. Until 2016, the FRC inspected the audits of charities with incoming resources exceeding £100m^{[footnote 38]}. A similar threshold might usefully be applied to third sector entities for present purposes.

Question 6. Should the government seek to include large third sector entities as PIEs beyond those that would already be included in the definitions proposed for large companies? If so, what types of third sector entities do you believe should be included and why?

Question 7. What threshold for ‘incoming resources’ would you propose for the definition of ‘large’ for third sector entities? Is exceeding £100m too high, too low or just right?

Other entities

1.3.31 As set out by the Review, several other countries have expanded the PIE definitions beyond traded companies, insurers and credit institutions^{[footnote 39]}. This has mainly been with the aim of including financial services entities which would otherwise fall outside of the ‘core’ PIE definition.

1.3.32 At this stage the government does not consider that there are any further types of entity that ought to be added to the PIE definition beyond those addressed above. The government believes that the existing definition as expanded in line with its proposals will sufficiently capture the types of entity that ought to be in scope of the PIE definition because there is a significant public interest in their health and performance. However, the government is open to arguments that other types of entity should be included as PIEs if there is a strong public interest in those entities being subject to more stringent regulation.

Question 8. Should any other types of entity be classed as PIEs? Why should those entities be included?

Impact on the statutory audit market

1.3.33 Several consultation respondents suggested that significant growth in the number of PIEs could impact on the market for statutory audit services of PIEs. Some saw this as an opportunity for growth in the number and scale of market participants; others warned of potential bottlenecks in the availability of registered PIE statutory auditors.

1.3.34 In the first option, companies with 2,000 employees or £200m turnover and £2bn assets and AIM companies with over €200m market capitalisation, it is anticipated that around 90 additional audit firms could be brought into scope. Under the second option, companies with 500 employees and £500m turnover and AIM companies with over €200m market capitalisation, it is anticipated that only around 20 additional firms would be brought into scope.

1.3.35 In either case the overall size of the PIE audit market would increase as more entities are brought into scope. There would also be a larger number of potential PIE audit firms operating within the market. However, the scale of this change would depend on the choice made by the audit firms brought into scope to continue to audit an existing large client as PIE auditor, or to exit that segment of the audit market^{[footnote 40]}. Consequently, the new PIE definition could lead to increased competition within the PIE audit market or it could create a capacity bottleneck.

1.3.36 In the light of the CMA’s view that the key risk in the statutory audit market is concentration of audit in the Big Four firms, the increased size of the statutory audit market from PIE definition changes could boost both competition in that market (with an increased number of players competing for significantly more audit business) and the viability of non-Big Four market participants (assuming non-Big Four audit firms are better able to compete for the business of new PIEs, where they may already have appointments, than for that of existing PIEs). Conversely, it could hinder competition as auditors of new PIEs may choose to exit existing engagements in view of the more stringent regulatory requirements for PIE audits and their auditors. For example, restrictions on non-audit services that auditors can provide to PIEs.

Question 9. How would an increase in the number of PIEs impact on the number of auditors operating in the PIE audit market?

Timeframe

1.3.37 The government understands that any changes to the definition of PIE will have implications for PIEs, PIE auditors and the regulator that will need to be taken into consideration when developing a timeframe for its implementation. Any changes to the definition of PIE would need to be introduced at an appropriate pace. The timing for the introduction of the definition would need to reduce the potential for bottlenecks and provide companies with the time they need to prepare, whilst also giving audit firms the opportunity to build capacity to exploit a potentially significant opportunity for a step change in competition. To achieve this the government proposes allowing a significant lead-time before introducing a new PIE definition.

Question 10. Do you agree that the government should provide time for companies to prepare for the introduction of a new definition of PIE?

1.3.38 The government recognises that it could also be appropriate to allow for a phased introduction for a new PIE definition. This would allow for the definition of PIE to be introduced in 2 or more stages, rather than all at once, providing further time for entities, their auditors and the regulator to prepare to meet the existing and new regulatory requirements for PIEs as set out in this consultation. However, it would extend the period during which some entities of public interest will remain outside the PIE regime.

Question 11. Do you agree that the government should seek to offer a phased introduction for a new definition of PIE?

Question 5

2 Directors’  accountability for internal controls, dividends and capital maintenance

Accepted Answer

Confidence in company reporting depends on the effectiveness of the internal controls and risk management processes that directors put in place and oversee. High-profile firm failures where weak internal controls and poor risk management have been evident have eroded that confidence. In response, the FRC Review recommended that the government should give consideration to how the UK’s established internal controls framework could be strengthened, learning lessons from the Sarbanes-Oxley regime in the US and giving special consideration to the importance of proportionality in relation to the size of the company. Informed by further recommendations in the Brydon Review and subsequent engagement with stakeholders, this Chapter seeks views on a number of options (including a tentative preferred option) for strengthening the UK’s internal controls framework.

Similarly, there have been high-profile examples where companies have paid out significant dividends shortly before issuing profit warnings, and in some cases, entering insolvency. This Chapter sets out proposals to strengthen the law on dividends and capital maintenance in a proportionate way, including by requiring companies to report on their distributable reserves and for directors to make a formal statement about the legality and affordability of any proposed dividends.

2.1 Stronger internal company controls

The regulatory and other requirements applying to internal control arrangements in UK companies are well-established. The FRC Review, however, recommended that serious consideration be given to the case for a strengthened internal control framework. This section sets out and seeks views on options for strengthening the UK’s internal controls framework. The options include strengthening the responsibility and accountability of board members for the effectiveness of internal control and risk management procedures and options for expanding the role of external auditors in providing assurance that companies’ internal controls are effective. An initial preferred option is identified, although this is not intended to close down consideration of alternatives.

UK and US internal control frameworks

2.1.1 The regulatory and other requirements applying to internal control arrangements in UK companies comprise a combination of interlocking company law requirements, Listing Rules, UK Corporate Governance Code provisions and auditors’ responsibilities. For example, the Listing Rules require listed companies to take reasonable steps to establish and maintain adequate procedures, systems and controls to enable them to comply with their obligations. The UK Corporate Governance Code requires boards to establish procedures to manage risk and oversee the internal control framework. Boards must also monitor the company’s risk management and internal control systems and, at least annually, carry out a review of their effectiveness and report on that review.

2.1.2 Auditing standards require auditors to test the operating effectiveness of relevant controls if the auditor intends to rely on them. Auditors are also required to report to the audit committee their views on the effectiveness of the internal controls relevant to financial reporting.

2.1.3 Despite the framework being well established, there have been well-publicised examples of company failures where weak internal controls and risk management have been key factors. These can be companies which have expanded too rapidly without integrating acquisitions into an effective internal control framework, or who have exposed themselves to the risk of fraud. A number of respondents to the FRC Review suggested that there was a serious case for considering the introduction of stronger regulation, possibly adopting elements of the regime that applies in the US under the Sarbanes-Oxley Act 2002 (SOX).

2.1.4 The key SOX provisions are requirements for the management of public companies to assess and report annually on the effectiveness of their company’s internal control structure and procedures for financial reporting. The company’s auditor is then required to attest to and report on this assessment^{[footnote 41]}. SOX also places responsibility for a company’s financial statements and internal controls clearly with the CEO and the CFO. These officers must certify (inter alia) for each annual and quarterly report that they have reviewed the report, acknowledge their responsibility for establishing and maintaining internal controls and that they have evaluated the effectiveness of the internal controls within 90 days prior to each the report.

2.1.5 These arrangements are perceived by some stakeholders to have led to better financial reporting, fewer significant accounting restatements and stronger reassurances for investors about the robustness of internal controls. However, they entail significantly higher internal and external costs for companies, at least initially. The FRC Review recommended that serious consideration be given to the case for a strengthened internal control framework. In its initial response, the government said that this was a detailed and complicated issue and that it would explore options and bring forward a detailed consultation in due course.

Views of respondents to the initial consultation

2.1.6 The initial consultation did not ask specific questions about the internal controls recommendation, but a number of respondents offered views and observations both for and against. These responses mainly emphasised the need for a proportionate approach which has regard to the size and resources of those being regulated. They also pointed to the high compliance costs in the US and warned about reforms which could make the UK a less attractive place to invest or to list companies.

2.1.7 Two legal bodies suggested that an enforcement regime which treated certain board members differently from others and held them to different standards would risk undermining the principle of collective board responsibility. They pointed to alternative measures already in place in the UK which are aimed at ensuring that companies adopt robust internal controls.

2.1.8 One large multi-national company thought that any new framework should be less administratively onerous than the US scheme and be meaningful by having a clear and easy to apply set of principles rather than a prescriptive set of rules. It did not support the introduction of a requirement for auditors to report publicly on internal controls. Instead it suggested that more clarity should be provided about what auditors are already required to do in this area.

2.1.9 A number of respondents suggested that if the government intended to consider the issue further, it should build on the UK’s current framework and the FRC’s Guidance on Risk Management, Internal Control and Related Financial and Business Reporting rather than considering prescriptive and more burdensome SOX-style provisions. Some respondents suggested that it was important to be clear about whether reform was being aimed only at the internal controls relating to financial statements or the broader internal control and risk management framework. A strength of the UK framework was that it encouraged companies to consider and manage all risks.

2.1.10 Responses from the largest accountancy firms generally supported the introduction of a SOX-style framework provided it was proportionate and reflected the different UK context. One large firm stressed the need to preserve the substantive assessment and management of risk which was seen as a key strength of the UK model.

2.1.11 One trade body stressed that investors wanted to invest in well governed and controlled companies. It thought that current board reporting on the reviews of the effectiveness of internal controls was largely ‘boilerplate’. It suggested a stronger framework whereby the directors (or the CEO and CFO) would be required to report their assessment of the internal controls and to make an explicit statement on whether or not they operated effectively. This body also supported a requirement for auditors to form a view on the part of the statement relating to the controls over financial reporting given their specific responsibilities for the financial statements.

2.1.12 One professional body pointed to the UK and US’s very different corporate governance frameworks. The US system was rules based, whereas the UK system was based on broader principles and provisions applying on a ‘comply or explain’ basis. This respondent argued that a principles-based approach was preferable to a rules-based approach because the latter encouraged a procedural and tick box approach to compliance.

Report of the Independent Review into the Quality and Effectiveness of Audit

2.1.13 The Brydon Review provided comments on the potential role of the board and the auditor in a strengthened internal control system^{[footnote 42]}. It recommended that government give consideration to mandating an ‘Internal Controls Statement’ consisting of a signed attestation by the CEO and CFO to the board that an evaluation of the company’s controls over financial reporting has been completed and whether or not they were effective. The Board should then report that it has received such an attestation. It also recommended that the Audit Committee Chairs’ Independent Forum should develop principles to be followed by the CEOs and CFOs in making such attestations. It suggested that where material control weaknesses persist over 2 reporting periods, boards should be obliged to have their attestations audited until the controls can be pronounced effective.

Reform options

2.1.14 Options for strengthening the UK’s internal controls framework are explored below. They are not mutually exclusive. Option A is concerned with ways to strengthen the responsibility and accountability of board members for the effectiveness of internal control and risk management procedures. Option B explores ways in which auditors’ existing work on internal controls could be made more visible to investors and other readers of accounts. Option C considers a stronger and expanded role for external auditors in providing assurance that companies’ internal controls are effective. The options take account of relevant recommendations made in the Brydon Review (described above) and discussions with a range of stakeholders since the initial consultation closed. Finally, the government sets out an initial preferred option to help provide a focus for responses and further discussion but, in doing so, does not want to preclude consideration of other possibilities.

2.1.15 Costs and benefits are examined in more detail in the Impact Assessment which accompanies this document^{[footnote 43]}.

Option A. Require an explicit directors’ statement about the effectiveness of the internal control and risk management systems

2.1.16 UK company law requires a company’s directors collectively to maintain adequate accounting records and to be satisfied that the accounts give a true and fair view of the company’s financial position. In addition, for listed companies, the Listing Rules require reports to include a directors’ ‘responsibility statement’ - each director having to certify that, to the best of their knowledge, the financial statements give a true and fair view. The expectations about maintaining, evaluating and reporting on the underlying risk management and internal control systems, however, are dealt with through UK Corporate Governance Code provisions. These apply on a comply or explain basis.

2.1.17 Principle C of the Code requires the board to establish a framework of prudent and effective controls which enable risk to be assessed and managed. A Code provision^{[footnote 44]} then calls on the board to monitor the company’s risk management and internal control systems and, at least annually, to carry out a review of their effectiveness and report on that review in the annual report. This is not as strong a provision as it appears because there is no specific requirement for boards to report whether they consider the control system to be adequate or effective, although many companies do provide such an assessment.

2.1.18 The lack of a requirement in the Code for boards to express an opinion on the effectiveness or otherwise of the control systems has consequences in that it can leave investors in the dark about the directors’ view of the controls.

2.1.19 This aspect of the UK’s framework could be strengthened by requiring the CEO and the CFO (or alternatively, the board collectively)^{[footnote 45]} to:

explain the outcome of the annual review of the risk management and internal control systems and make a statement as to whether they consider the systems to have operated effectively;
disclose the benchmark system, if any, that has been used to make the assessment;
explain how the directors have assured themselves that it is appropriate to make a statement; and
if deficiencies have been identified, set out the remedial action that is being taken and over what timeframe.

2.1.20 These new reporting provisions could be implemented via changes to the UK Corporate Governance Code or through legislation to put the requirements on a full statutory footing (including a requirement to carry out an annual review). A Code-based approach would have the advantage of being easier to refine in the light of experience. Legislation, however, would enable the requirements to be applied to a wider range of companies, including large private companies, because it is only premium listed companies who are required to use the Code. It would also have more force because Code provisions, even where they apply, only do so on a comply or explain basis. A graduated approach could be to apply the new requirements to premium listed companies in the first instance followed by other Public Interest Entities 2 years later.

2.1.21 The directors’ statement required under this option could cover all aspects of the company’s internal control and risk management procedures or be restricted to the internal controls over financial reporting. False or misleading statements– or statements made without reasonable care, skill and diligence in respect of reporting on internal controls could be part of the directors’ enforcement regime being considered in Chapter 5.

Basis for the directors’ internal control statement

2.1.22 If board members were required to make a specific statement about the effectiveness of internal controls they would need to explain the basis on which they were making the statement. This would be essential in ensuring that the statements were credible and useful, and valuable to investors.

2.1.23 First, the board would need to decide on the benchmark or standard of effectiveness against which the internal controls were being assessed. It has been suggested that the well-established Committee of Sponsoring Organizations of the Treadway Commission (COSO) framework^{[footnote 46]}, adapted as required for the UK, could be used for assessing the effectiveness of the internal controls for financial reporting. This is the framework against which the majority of US companies assess themselves for the purposes of complying with the Sarbanes-Oxley Act, although alternative frameworks are permitted. A UK-tailored standard could focus more on design effectiveness, entity-level controls and the use of management judgement to ensure an emphasis on the highest risk areas.

2.1.24 Second, the board would need to decide on the degree of assurance it needed to satisfy itself that the control framework was effective in terms of both its design and implementation. It could, for example, choose to rely on work by the internal auditors. Alternatively, or in addition, it could commission additional work from the external auditors on all or specific aspects of the framework, subject to any barriers to them providing non-audit services.

2.1.25 On these matters, the Code or legislation (depending on which is chosen) could be more, or less prescriptive. At one end of the spectrum, companies could be required to use a specified internal control standard (or one of a range of standards or control frameworks approved by the regulator). A more flexible approach would be to give companies a choice but require the board to explain why its chosen standard or approach was appropriate to its business model and circumstances.

2.1.26 A flexible approach could be given more rigour through the development of principles and guidance to be followed by a board when deciding on its approach to the effectiveness statement. The principles could cover:

the matters that boards should consider when deciding which standard or control framework to adopt;
the factors that boards should consider when deciding whether and when external testing and attestation of the control system should be sought; and
how the outcome of annual reviews of control effectiveness should be reported in the annual report to ensure that the reports are useful to investors.

Table 1: Illustrative list of factors for consideration when determining the approach to the effectiveness statement and external assurance

Extent to which the business:

operates from multiple locations
operates multiple IT systems
has made acquisitions which remain unintegrated from a finance operations perspective
is fast growing or entering new areas where the priority is market share or rolling out infrastructure rather than embedding internal controls

Strength of internal culture and accountability

Strength of the internal audit function or second line of defence

Previous internal control failures such as accounts which have had to be re-stated

2.1.27 The Audit Committee Chairs’ Independent Forum (ACCIF) – in response to one of the Brydon Review recommendations (see paragraph 2.1.13 above) - has developed a set of draft principles to support a CEO/CFO attestation to the board about the internal controls over financial reporting. The proposals^{[footnote 47]} have been the subject of consultation amongst ACCIF members and a range of other stakeholders. These could be further developed and endorsed by ARGA and become a formal part of the UK corporate governance framework.

Option B. Require auditors to report more about their views on the effectiveness of companies’ internal control systems

2.1.28 Under this option, the auditors’ report would be required to say more about the work that they already undertake to understand the company’s internal control systems and how that work has influenced the approach taken to the audit – but without requiring a formal attestation of their effectiveness.

2.1.29 Auditors of premium listed companies are currently required by auditing standards to report to audit committees their views on the effectiveness of internal controls relevant to the risks that may affect financial reporting^{[footnote 48]}. The auditor’s views, however, are not published and do not form part of the audit report. This existing auditing standard could be built on to require the auditor to provide more information in the audit report about its views of the internal controls (but only to the extent that it has considered them as part of the audit), and the extent to which it relied on them in planning the audit.

2.1.30 The Financial Conduct Authority’s Disclosure and Transparency Rules (DTRs) require listed companies to include a statement in their annual report and accounts (as part of their corporate governance statement) describing “the main features of the [company’s] internal control and risk management systems in relation to the financial reporting process”. The company’s auditor, in turn must state whether this is consistent with the financial statements and knowledge obtained during the audit and whether there have been any material misstatements in the information in the statement and, if so, their nature^{[footnote 49]}. This would be a stronger provision if the company’s DTR statement had to include the board’s assessment of whether it regarded the internal controls as effective (Option A above), because the auditor would have to disclose if it thought that this was inconsistent with anything discovered in the course of the audit.

2.1.31 This option could be reinforced by placing a specific positive duty on the board (or the CEO and CFO) to disclose to the auditor and audit committee any significant deficiencies and weaknesses in the internal controls of which they are aware^{[footnote 50]}.

2.1.32 The existing duty on auditors under the Companies Act^{[footnote 51]} to form an opinion as to whether the company has kept ‘adequate accounting records’ could also be improved. In part this could be achieved by clarifying what the duty to keep adequate accounting records entails. (This is addressed further in Chapter 5 where it is proposed that the regulator should have a power to set more detailed requirements as to how certain statutory duties relating to corporate reporting and audit are to be met by directors, including the duty to keep adequate accounting records.)

2.1.33 Alongside this, ARGA could be asked to prepare guidance to auditors on how this aspect of an audit should be approached. These suggestions have been made by the Brydon Review.^{[footnote 52]} This would ensure greater consistency of audit approach and could provide more clarity about the extent to which an assessment of internal controls should be an aspect of assessing whether or not a company has kept adequate records, particularly for the audit of larger, more sophisticated companies. The government would welcome views on whether more guidance for auditors on how this aspect of an audit should be approached would be useful.

Option C. Require auditors to express a formal opinion on the directors’ assessment of the effectiveness of the internal control systems

2.1.34 This option would go significantly further than Option B. The previous option would entail the auditor being more transparent about its views of a company’s internal control framework, but only to the extent that it has examined them as part of its existing audit work. Option C assumes that a directors’ statement about the effectiveness of internal controls (Option A) is required. It would involve the auditor in undertaking additional audit and assurance work to be in a position to express a formal opinion on the directors’ assessment. It would have similarities to section 404(b) of the US’s Sarbanes-Oxley Act which requires the company’s auditor to attest to and report on the management’s assessment of the internal control structure and procedures for financial accounting.

Areas for external auditor attestation

2.1.35 There are choices to be made about which aspects of the internal controls the auditors should attest. The UK’s control framework as set out in the UK Corporate Governance Code considers internal controls and risk management together. Risks include the risks to the reliability of financial reporting, but also the other risks to which a company might be exposed including reputational, environmental and health and safety risks. This holistic approach is considered by many to be a strength. The US’s SOX framework, in contrast, has a narrower focus on financial controls and the risks related to financial reporting.

2.1.36 Option A points out that the directors’ statement could be a statement in respect of all aspects of the company’s internal control and risk management procedures or only in respect of financial reporting. An auditor’s attestation requirement would logically match the scope of the directors’ statement. It could, for example, be in respect of:

all aspects of the company’s internal control and risk management procedures; or
limited to the internal control structure and procedures for financial reporting; or
limited to a subset of the internal control structure and procedures for financial reporting, focusing the auditors’ work only on priority areas of particular interest to investors such as the ‘design effectiveness’ of the internal controls (rather than their operational effectiveness), or ‘entity level’ rather than ‘transactional level’ controls, or the controls covering fraud, going concern, viability and the use of management judgement

2.1.37 While the scope of audit remains as it is now, there are strong arguments for limiting the auditors’ attestation work to the financial controls. This is where an auditor’s main competence and interest lies, although in principle, audit firms could expand their expertise in these non-financial areas or contract it out. Further, extending the scrutiny work would go beyond what is required in the US where the additional auditor costs involved have proved controversial and a potential deterrent to listing in the US. Conversely, limiting the formal auditor attestation to a subset of the financial control procedures would involve less than is required in the US and might allow the UK framework to retain some flexibility and remain focused on the areas of highest risk.

Frequency of external attestation

2.1.38 The frequency of formal auditor attestation (whatever its scope) would also need to be considered. It could be required on an annual basis, as is the case in the US, or less frequently, such as at least once every 3 years, or in the year following any significant acquisition or merger or other major corporate event. It could also be required in circumstances where a company has experienced a significant internal control failure, where the board has determined that there are significant weaknesses or where shareholders demand it as part of an Audit and Assurance Policy.

2.1.39 It is worth noting that the Financial Conduct Authority’s Listing Rules require IPO sponsors, before submitting an application for a listing, to come to a reasonable opinion that “the directors of the applicant have established procedures which provide a reasonable basis for them to make proper judgments on an ongoing basis as to the financial position and prospects of the applicant and its group”^{[footnote 53]}. This could become a permanent feature of being a listed company, with a regular (not necessarily annual) statement required from the auditor or other external party.

Government’s initial preferred option

2.1.40 There has not been a formal consultation on a strengthened internal control framework. This section has therefore set out a range of options for reform. However, government considers that it would be helpful to outline an initial preferred option to provide a focus for responses without closing down discussion of potential alternatives.

2.1.41 The government wants to achieve a proportionate strengthening of the internal control framework which builds on and develops the UK’s existing provisions. A potential model which focuses on internal controls over financial reporting is set out below.

Table 2: Initial preferred option for strengthening internal company controls

Directors’ responsibility statement

1. Directors should be required to acknowledge their responsibility for establishing and maintaining an adequate internal control structure and procedures for financial reporting.

Annual review of internal control effectiveness and new disclosures

2. Directors should be required to:

carry out an annual review of the effectiveness of the company’s internal controls over financial reporting;
explain – as part of the annual report and accounts - the outcome of the annual review, and make a statement as to whether they consider the systems to have operated effectively;
disclose the benchmark system that has been used to make the assessment; and
explain how they have assured themselves that it is appropriate to make the statement.

3. If deficiencies have been identified, these should be disclosed and the directors should set out the remedial action that is being taken and over what timeframe.

Principles and guidance

4. In deciding on the approach to be taken to the internal control effectiveness statement, directors should be guided by principles and guidance developed or endorsed by the regulator reflecting audit committee best practice.

External audit and assurance

5. Decisions about whether the internal control effectiveness statement should be subject to external audit and assurance should usually be a matter for audit committees and shareholders. Decisions should be based on judgements about the strength of companies’ systems and controls and whether extra assurance would be proportionate. This should be considered as part of the proposed Audit and Assurance Policy (covered in Chapter 3).

6. Companies should be required to have their internal controls assured by an external auditor in limited circumstances (e.g. where there has been a serious and demonstrable failure of internal controls or where material control weaknesses have persisted over several years).

Enforcement

7. The regulator should have powers to investigate the accuracy and completeness of the directors’ internal control disclosures and, if necessary, order amendments or recommend an external audit of the internal controls^{[footnote 54]}.

8. There should be effective powers to sanction directors where they have failed to establish and maintain an adequate internal control structure and procedures for financial reporting^{[footnote 55]}.

Scope

9. The requirements should be set out in legislation and phased in over a period of time. They should apply initially to premium listed companies who are already familiar with the concept of an annual review (with possible temporary exemptions for newly listed companies where gross revenues remain below a specified threshold) and extended to other PIEs after 2 years.

Consultation questions

Question 12. Is there a case for strengthening the internal control framework for UK companies? What would you see as the principal benefits and disbenefits of stronger regulation of internal controls?

Question 13. If the control framework were to be strengthened, would you support the government’s initial preferred option (Table 2)? Are there other options that you think government should consider? Should external audit and assurance of the internal controls be mandatory?

Question 14. If the framework were to be strengthened, which types of company should be within scope of the new requirements?

2.2 Dividends and capital maintenance

Paying a dividend leaves a company with fewer assets with which to meets its liabilities to creditors and meet other demands for capital. For this reason, there are legal constraints on the amount a company can distribute in dividends such as a requirement that they cannot be paid out of capital, but only paid from a company’s accumulated realised profits less its accumulated realised losses. The legal framework is well established, but high profile examples of companies paying out significant dividends shortly before profit warnings and, in some cases, insolvency, have raised questions about its robustness and the extent to which the dividend and capital maintenance rules are being respected and enforced. Many investors are also interested in more information from companies about their approach to allocating surplus capital between the competing demands of returns to shareholders and matters such as long-term investment, pension fund deficits and improving balance sheet resilience.

This section sets out and seeks views on proposals for strengthening the law on dividends and capital maintenance in a proportionate way. They include proposals to require companies to report on their distributable reserves and for directors to be required to make a formal statement about the legality and affordability of proposed dividends. The proposals take account of and develop options set out in the government’s response to the 2018 consultation on Insolvency and Corporate Governance and suggestions on capital maintenance made in the Brydon Review. The government has also given careful consideration to relevant recommendations made by the BEIS Committee following its Future of Audit inquiry in 2019.

In making its proposals, government is aware of the importance of dividends to pension funds and savers and to the efficient re-allocation of surplus capital to other parts of the economy. It is therefore keen understand any potential adverse effects and to avoid measures which will unnecessarily reduce the level of dividends paid by UK companies.

The current legal framework

2.2.1 Key elements of the dividend and capital maintenance framework are set out in the summary table below. This is not a complete list. Aspects of insolvency law, sector regulation and contract law also have a bearing on whether dividends can be paid.

Table 3: Summary of the legal framework governing dividend payments

A dividend is a type of distribution made by a company to its shareholders.
Section 830 of the Companies Act 2006 states that a distribution can only be made out of profits available for the purpose. These are broadly its accumulated, ‘realised profits’ less its accumulated ‘realised losses’.
Section 853 defines the terms realised profits and realised losses as those that “…fall to be treated as realised in accordance with principles generally accepted at the time when the accounts are prepared…”.
A public company must also apply a net asset test: it may make a distribution only if, after giving effect to the distribution, the amount of its net assets is not less than the aggregate of its called-up share capital and un-distributable reserves^{[footnote 56]}.
In declaring a dividend, directors must also have regard to both their general duties in Companies Act 2006, and their common law and equitable duties including:
- their duty to promote the success of the company having regard to a number of factors including the likely consequences of any decisions in the long term^{[footnote 57]}; and
- their duty to exercise reasonable care, skill and diligence^{[footnote 58]}.
AIM companies and listed companies are subject to additional requirements.

Issues arising from current framework

2.2.2 Three important issues flow from the current legal framework.

First, there is no fixed definition of realised profits and losses. The Companies Act 2006 defines them as those which fall to be treated as realised in accordance with principles generally accepted at the time when the accounts are prepared. This definition leaves open the possibility that generally accepted practice may change. It does not specify that realised profits are only those that have been realised in cash, but there is an assumption that the law requires that they should be realised in cash or at least be readily convertible to cash. The question of exactly how close to cash they have to be is vitally important. Companies therefore need clear guidance on how to separate out the profits and losses shown in the accounts into what are and are not distributable profits. In the absence of a fixed definition, the current arbiters of these principles are the professional bodies ICAEW and ICAS through their joint Guidance on Realised and Distributable Profits^{[footnote 59]}. This guidance seeks to distil current generally accepted accounting practice and is relied on extensively by the profession but has no formal legal status.
Second, there is a transparency issue. Although the law says that dividends can only be paid out of profits available for distribution, which are accumulated realised profits less accumulated realised losses, there is no legal requirement for companies to disclose these figures^{[footnote 60]}. The figures that are disclosed in the annual accounts (and therefore subject to audit) have to be prepared using accounting standards (IFRS or UK GAAP) that adopt the accruals concept. Accounting standards and therefore company accounts do not have a concept of realised or unrealised profits. This means that the profits shown in the annual accounts do not necessarily equate to the realised profits (cash or close to cash) that are available to be distributed. Company directors, in proposing or paying a dividend have to comply with the rules on realised profits and losses, but shareholders and others have to take it on trust that dividends are not being paid out of non-distributable reserves. They also do not know how much headroom there is between the size of a dividend and the total distributable reserves.
Third, the law’s focus on capital maintenance and realised profits and distributable reserves is backward looking, reflecting a company’s past performance. These figures represent a snapshot in time but, on their own, do not provide any guide to the future performance of the company or its future financial requirements. In proposing a dividend, directors also have to have regard to their statutory duties in section 172 of the Companies Act 2006, such as considering the consequences of decisions in the long term, and common law and fiduciary duties to consider the company’s future financial needs. Capital maintenance is important, but there have been suggestions that directors should provide more evidence that they have also given proper regard to these wider, forward-looking duties.

Government approach to reform

2.2.3 The proposals in this section are aimed at addressing weaknesses in the current framework of rules governing dividend payments, rather than replacing them with a completely different system, although views on alternative systems would be welcomed. Some countries such as the US, Canada and Australia have adopted a system based on solvency statements by directors under which dividends can only be paid if the directors are satisfied that a company will, after the payment of the dividend, still be able to pay its debts as they become due. Claims have been made that this system could have advantages of greater simplicity and stronger protection for creditors. However, most countries who have adopted this system have also found the need to underpin it with a more objective net asset test requiring that the value of the company’s assets will remain greater than the value of its liabilities which re-introduces complexity^{[footnote 61]}.

2.2.4 The UK’s current rules have complexities but are well established and generally understood by those who have to comply with them. In the main, they appear to have operated effectively to prevent companies paying out excessive and dangerously high levels of dividends. The government is confident that they can be strengthened in a proportionate way without the need for more radical reform.

Government proposals

Assign responsibility for defining realised profits and losses to ARGA and enhancing the legal status and enforceability of the definition

2.2.5 As explained earlier, the definition of realised profits and losses in section 853 of the Companies Act 2006 plays a vital role in the dividend framework, determining how much of the profit and accumulated reserves reported in the annual accounts can be considered for distribution. The current definition, referring to principles generally accepted at the time accounts are prepared, has clear strengths because it is able to take account of changes in business and accounting practice whilst remaining tethered to the concept of realised profits and losses. This is worth maintaining. It does, however, beg the question as to how the generally accepted principles should be identified and who should be responsible for defining the ‘realisation test’.

2.2.6 The ICAEW and ICAS currently perform this role. They publish widely accepted guidance on what is generally accepted accounting practice for determining realised profits. This has been maintained through consultation and without it, there could have been significant variation in interpretation. However, the guidance has no formal legal status and the professional bodies are, in effect, self-regulating.

2.2.7 In ARGA, the government is establishing an independent and significantly stronger regulator for the accountancy profession. This represents a clear opportunity to transfer responsibility for the realisation test to the new regulator. It would also be an opportunity to give the definition a stronger legal status to remove all doubts about whether it should be followed. Strengthening the legal status of the definition would also make it easier for the regulator to use its supervision powers to ensure compliance. For example, if companies were to be required to disclose their distributable reserves (as proposed in the next section below), calculated in line with the definition, the regulator’s corporate reporting review powers could be used to challenge non-compliance and, if necessary, order corrections to be made.

2.2.8 The government proposes the following 2 alternative reform options:

Giving ARGA a duty to prepare guidance on what should be treated as realised profits and losses in accordance with generally accepted principles prevailing at the time. This guidance would be given authoritative status by providing in the Companies Act 2006 that, in interpreting what are realised profits and losses according to generally accepted principles, regard should be had to the guidance produced by the regulator; or
Giving ARGA powers to make binding rules as to the meaning of realised profits and losses with which preparers would have to comply. The rules would be established by reference to the prevailing generally accepted principles. Before making the rules, ARGA could also be required to obtain the consent of the Secretary of State for what is being proposed.

2.2.9 Under both options the regulator would be required to undertake a full consultation from first principles, including with investors, creditors and other users of accounts before finalising the guidance or rules.

Question 15. Should the regulator have stronger responsibilities for defining what should be treated as realised profits and losses for the purposes of section 853 of the Companies Act 2006? Would you support either of the 2 options identified? Are there other options which should be considered? What should ARGA consider when determining what should be treated as realised profits and losses?

New requirements to disclose distributable reserves

2.2.10 There are currently no explicit requirements under company law or accounting standards for financial statements to disclose the total amount of profits that are distributable. Some companies do provide these figures, but they are provided on a voluntary basis. Responses to the government’s Insolvency and Corporate Governance consultation and contributions to Sir Donald Brydon’s call for evidence suggested almost universal support for stronger disclosure requirements. The BEIS Select Committee also recommended that companies should be required to disclose the balance of distributable reserves in the annual accounts and break down profits between realised and unrealised.

2.2.11 There is clear demand for more disclosure yet identifying a reporting requirement that would be both useful to investors and at the same time proportionate to the cost to preparers of providing the information is not straightforward. One of the complexities is that, in law, dividends can only be paid by individual companies and not by groups. A parent company can pay a dividend to its external shareholders, but this can only be paid out of reserves built up from the business activities of the parent company itself. Profits generated by subsidiaries can be added, but only to the extent that they have been passed up to the parent company by way of a dividend.

2.2.12 In practice, there can be a number of constraints on a subsidiary company’s ability to pay a dividend to its parent. The subsidiary may, for example, be subject to regulatory capital requirements or need to retain capital to fund expansion or investment plans. Foreign subsidiaries may be subject to different realisation or solvency tests. In some cases paying up all the available distributable profits would reduce the value of the subsidiary. This would necessitate the holding company booking an impairment which would partly offset the dividend income. There is therefore no easy way of reconciling group profits with the profits available for distribution at the group level.

2.2.13 The government asked the ICAEW for technical advice on ways in which a new and proportionate distributable reserves disclosure requirement might be framed. Taking account of the ICAEW’s suggestions, the government proposes the following new statutory reporting requirements.

(i) Disclosure of the distributable reserves in the financial statements

2.2.14 This proposal would involve individual companies (or, in the case of a group, the parent company only) within the agreed scope disclosing, in their annual report, the total amount of reserves that are distributable. This disclosure would help users identify the headroom between a proposed dividend and the distributable reserves and provide some insights into the company’s ability to pay dividends in the future. It would also help with assessments of the legality of proposed dividends. The inclusion of the distributable reserves figure in the financial statements would mean that they would be subject to audit which would provide further reassurances about compliance with the rules on dividends.

2.2.15 Where it is impossible to calculate the figure exactly, for example where a company’s profit history goes back many years, it is envisaged that companies will be permitted to report a ‘not less than’ figure for its distributable reserves. Any proposed dividend payment would not be allowed to exceed the known figure.

(ii) Disclosure of estimates of a group’s dividend-paying capacity

2.2.16 In some group situations, the disclosure of the parent company’s own distributable profits (as proposed above) would understate the potential overall capacity to pay future dividends. This would arise, for example, when significant profits are earned by subsidiaries and that profit has not yet been passed to the parent company and is therefore not yet available for distribution by the parent.

2.2.17 The government’s second proposal would address this weakness by, in addition, requiring a parent company to estimate and disclose the amount of potential distributable profits across the group that could, in principle, be passed to the parent company for the purpose of paying future dividends to shareholders. Narrative disclosures would be provided to explain any major constraints on the ability of a subsidiary to pay its distributable reserves to the parent. These disclosures would also be a part of the financial statements and therefore subject to audit.

2.2.18 The government envisages the reporting requirement giving companies a degree of discretion about how to present these estimates and to allow parent companies to select, on a reasonable basis, which group companies to include in the assessment. The regulator would be expected to consider issuing guidance, in due course, on the most effective ways of meeting the new reporting requirement, including the possibility of encouraging companies to provide organograms of group structures to assist with the explanation of how reserves are held within the group. This guidance could also cover advice for companies, based on best practice, on how they can best report on their dividend and capital allocation policies (see paragraph 2.2.24 below), integrating the new mandatory disclosures on distributable reserves.

2.2.19 The new proposed disclosure requirements will be of value primarily to external investors who will, as a result, have more information about the legality and potential future sustainability of dividends. The government therefore envisages the requirements applying to listed and AIM companies only.

Question 16. Would the proposed new distributable profit reporting requirements provide useful information for investors and other users of accounts? Would the cost of preparing these disclosures be proportionate to the benefits? Should these requirements be limited to listed and AIM companies or extended to all PIEs?

New directors’ statement about the legality of proposed dividends and the effects on the future solvency of the company

2.2.20 The Brydon Review and recommendations from the BEIS Committee have called for more explicit directors’ accountability for dividend decisions – both that they are compliant with the capital maintenance rules and that payment of the proposed dividend will not jeopardise the future solvency of the company. A statement by directors that a proposed dividend will not threaten the company’s solvency would help address criticisms of the current framework that it is too backward looking, relying on realised profits accumulated in the past rather than consideration of future cash demands on the business and other future threats to its solvency. It would also increase directors’ accountability.

2.2.21 The government proposes that directors should, in proposing a dividend make a statement covering the following:

Confirmation that in proposing the dividend, the directors have: (a) satisfied themselves that the dividend is within known distributable reserves; and (b) have had regard to their general duties under s172(1) of Companies Act 2006 (including the need to have regard to the likely consequences of any decision in the long term^{[footnote 62]}) and their wider common law and fiduciary duties.
Confirmation that it is the directors’ reasonable expectation that payment of the dividend will not threaten the solvency of the company over the next 2 years in the light of the risk analysis undertaken and the directors’ knowledge of the company’s position at the date the dividend is proposed. Where relevant, directors should also confirm that the dividend is consistent with the Resilience Statement.

2.2.22 A statement along the lines proposed could be perceived as unnecessary given that it would cover legal obligations with which directors must already be compliant. However, requiring directors to make an explicit statement about the dividend would provide an improved focus for boardroom decision-making and help build external confidence that the dividend and capital maintenance rules are being respected. It might also make it easier to pursue existing legal redress routes for a breach of directors’ duties, for example if the payment of the dividend proved to be a material contributing factor in an insolvency within the ensuing t2 years. The statement would be made in respect of both interim and proposed final dividends.

2.2.23 The rules on dividends apply to all companies alike and are of interest to creditors as well as shareholders. There is therefore a case, in principle, for extending the requirement for a directors’ statement beyond listed and AIM companies to apply to all PIEs or even all large companies. This, however, would be inconsistent with the proposed scope of the new distributable profit reporting requirements.

Question 17. Would an explicit directors’ statement about the legality of dividends and their effect on the future solvency of a company be effective in both ensuring that directors comply with their duties and in building external confidence in compliance with the dividend rules? Should these requirements be limited to listed and AIM companies or extended to all PIEs?

Improved information for investors about company distribution policies

2.2.24 Numerical information on distributable reserves alone will not provide a full picture of how a company preserves and uses its cash and capital. To be most useful to investors, the figures need to be accompanied by a fuller narrative explaining a company’s distribution policy and general approach to capital maintenance.

2.2.25 Investors are interested in companies’ dividend policies, including the frequency, timing and description of how the amount of payments is determined. They are interested in any associated risks, judgements and constraints on distributions. They are also interested in the extent to which a company considers that it needs to retain funds for reinvestment or expansion purposes or needs to hold higher or lower amounts of capital on account of changes in its business activities and risk profile.

2.2.26 The FRC’s Reporting Lab has played a useful role in encouraging companies to improve their dividend policy disclosures^{[footnote 63]}. So too has the Investment Association whose Long Term Reporting Guidance^{[footnote 64]} recommends that companies explain their capital management strategies. It has more recently also recommended that companies issue a distribution policy statement setting out the boards “long-term approach to making decisions on the amount and timing of returns to shareholders, including dividends, share buybacks and other capital distributions within the context of any relevant legal or financial constraints”.

2.2.27 The recently introduced requirement^{[footnote 65]} for large companies to explain how their directors have had regard to the matters in section 172(1) of the Companies Act 2006, including the likely consequences of decisions in the long term, is encouraging fuller disclosure of the rationale for capital allocation decisions.

2.2.28 The government is confident that the introduction of mandatory disclosures on distributable reserves and a requirement for a directors’ statement about dividends will provide further encouragement to companies to provide a fuller narrative for shareholders about dividend decisions and capital allocation strategies. It considers that companies should have discretion to develop their own narrative approaches in line with investor needs and that further formal disclosure requirements are unnecessary at this time.

Question 18. Do you agree that the combination of recently introduced Companies Act section 172(1) reporting requirements along with encouragement from the investment community and ARGA will be enough to ensure that companies are sufficiently transparent about their distribution and capital allocation policies? Should a new reporting requirement be considered?

Question 6

3.  New corporate reporting

Accepted Answer

The Brydon Review argued that company reporting should be do more to evidence directors’ plans to maintain the resilience of their business over the short, medium and long-term, and to explain directors’ approach to seeking internal and external assurance of key business information and processes. The Review recommended the introduction of 2 new reporting requirements – a Resilience Statement and an Audit and Assurance Policy – to bring together relevant information.

The Review also recommended greater transparency within the annual report on companies’ supplier payment policies and practices, and the introduction of a public interest statement setting out how directors view the company’s public interest obligations and how those self-declared obligations have been discharged each year.

This Chapter sets out the government’s proposals in relation to these recommendations; providing existing and potential investors, creditors, regulators and the wider public, greater confidence in the resilience of companies, while setting out clearly and transparently their approach to seeking assurance on the information that they make public.

3.1 Resilience Statement

The government agrees with the Brydon Review recommendation and proposes to introduce a statutory requirement on public interest entities to publish an annual Resilience Statement, consolidating and building on the existing going concern and viability statements. The government proposes that the Resilience Statement should be required initially of premium listed companies, in view of their existing experience of producing viability statements, and should extend to other public interest entities 2 years later.

Background

3.1.1 How a company identifies and manages risks to its survival and success over the short, medium and long term is of considerable interest to existing and potential investors and creditors, as well as to regulators and other stakeholders. There is also a clear public interest in companies building resilience to reduce the risks of disorderly corporate failure, and the attendant social and economic shocks that such failures can cause.

3.1.2 All large and medium sized companies must already disclose in their annual accounts any ‘material uncertainties’ that could affect the company’s ability to continue as a going concern under accounting standards required to be followed by UK company law^{[footnote 66]}. Those companies must also describe each year, within their strategic report, the principal risks and uncertainties facing the business^{[footnote 67]}.

3.1.3 Additional requirements apply to premium listed companies under the UK Corporate Governance Code, underpinned by the Financial Conduct Authority’s Listing Rules. In particular, premium listed companies must publish annually a going concern statement, a viability statement, and an assessment of the company’s emerging and principal risks and explanation of how they are being managed or mitigated^{[footnote 68]}.

3.1.4 The going concern statement requires the board to state whether it considers it appropriate to adopt the going concern basis of accounting in respect of its half-yearly and annual accounts, and identify any material uncertainties as to its ability to do so for at least the next twelve months. The viability statement requires the board to assess the prospects of the company, and to specify the period in respect of which that assessment applies and why it is appropriate. It also requires the board to state whether it has a reasonable expectation that the company will be able to continue in operation and meet its liabilities over that period, drawing attention to any qualifications or assumptions as necessary.

3.1.5 The Brydon Review has proposed that a new Resilience Statement should set out a company’s approach to exploring and mitigating risks and uncertainties over the short term (1-2 years), medium term (5 years) and long-term (an indefinite period to be determined by the company)^{[footnote 69]}. The Review recommends that, in doing so, the Statement should incorporate and build on the existing going concern and viability statements, including greater transparency on the potential ‘material uncertainties’ considered by companies in their going concern assessment, and greater use of scenario testing.

Government proposals

3.1.6 The government accepts the Brydon Review proposal in principle, subject to consultation on the specific implementation options set out below. There is strong investor and wider stakeholder interest in how companies are building business resilience to cope with severe yet plausible scenarios in the short and medium term, and in understanding how a company’s directors are exploring and preparing for likely challenges over the long term. Better disclosures of management thinking on resilience enable better informed investment decisions which can lower the cost of capital.

3.1.7 The experience of COVID-19 has further increased investor appetite for fuller and more meaningful disclosures by companies about how they are planning for potential future challenges. It has heightened expectations that companies will be able to explain how they are preparing to cope with liquidity, solvency and operational risks during a prolonged period of uncertainty^{[footnote 70]}.

3.1.8 Existing risk and viability reporting requirements produce useful disclosures, although much reporting in practice does not look beyond the next 3 years. The viability statement in particular has not proved as effective as originally hoped. As a number of investors have pointed out, most companies prepare viability statements on a 3 year forward look, which does not cover how a company is planning to survive and thrive through a typical business cycle^{[footnote 71]}. Investors have also pointed to a relative lack of detail on the risk scenario planning referred to in many viability statements. The government therefore sees a strong case for a single consolidated statement that is more useful to investors than the 2 existing reports.

Resilience Statement – implementation options

Minimum new reporting requirements

3.1.9 The government accepts the Brydon Review proposal that the Resilience Statement should address business resilience over the short, medium and long-term.

3.1.10 The short-term section of the Statement would incorporate companies’ existing going concern statement, including disclosure of any material uncertainties considered by management during their going concern assessment, which were subsequently determined not to be material after the use of significant judgement and/or the introduction of mitigating action^{[footnote 72]}. Such disclosures are currently required under international financial reporting standards in respect of the application of significant judgement, but the government accepts the Brydon Review proposal that this should be required in the Resilience Statement, including disclosure of uncertainties no longer judged material after mitigating action. This has the potential to drive better compliance and more informative reporting in this area.

3.1.11 The medium term section of the Statement would incorporate the existing viability statement requirements to provide an assessment of the company’s prospects and resilience, and to address matters which may threaten the company’s ability to continue in operation and meet its financial liabilities as they fall due^{[footnote 73]}. However, the government agrees with the Brydon Review that the mandatory assessment period should be 5 years, rather than the 3 year period currently chosen by most companies who produce viability statements. The government also agrees with the Brydon Review that viability reporting over the medium term should do more to evidence scenario planning by companies^{[footnote 74]} and views are invited on how this could best be achieved in practice. The government intends, at this stage, to require companies to include at least 2 reverse stress testing scenarios in their Resilience Statement.

3.1.12 The government also proposes to require further specific disclosures in both the short and medium term sections of the Resilience Statement. The existing going concern and viability statements largely leave it to companies’ discretion to determine which specific matters of risk and viability should be considered and reported. The government accepts that companies should continue to have flexibility in the Statement to report on resilience matters most relevant and material to their individual business. The government recognises, however, that there are resilience issues common to many, if not all, businesses, and that it could be helpful to shareholders and other users to have these addressed specifically in the Statement.

3.1.13 These might include:

threats to liquidity, solvency and business continuity in response to a major disruptive event (such as a pandemic) which disrupts normal trading conditions;
supply chain resilience and any other areas of significant business dependency (e.g. on particular markets, products or services);
digital security risks (both including external cyber security^{[footnote 75]} threats, and the risk of major data breaches arising from internal lapses);
the business investment needs of the company to remain productive and viable;
the sustainability of the company’s dividend and wider distribution policy.

Question 19. Do you agree that the above matters should be included by all companies in the Resilience Statement? If so, should they be addressed in the short or medium term sections of the Statement, or both? Should any other matters be addressed by all companies in the short and medium term sections of the Resilience Statement?

3.1.14 The government agrees with the Brydon Review that the content in the long-term section of the Resilience Statement should not in general be prescribed. This section should instead set out what the directors of the company consider to be the main long-term challenges to the company and its business model, and how these are being addressed. These might include the impact of long-term changes in demographics, technology, consumer preferences and other identified trends on the company’s long-term business model.

3.1.15 However, the government would welcome views on whether the Resilience Statement as a whole, including the long-term section, should specifically address the impact of climate change on the company’s business model and financial planning. In this respect, views are invited on whether the Resilience Statement could provide a means for companies in future^{[footnote 76]} to provide disclosures consistent with the recommendations of the Taskforce on Climate-related Financial Disclosures (TCFD)^{[footnote 77]}, in whole or part (or alternatively include a summary of TCFD reporting which cross-references to the company’s full TCFD disclosures).

3.1.16 The TCFD framework encourages companies to report on how they are identifying and managing climate change risks (and opportunities) over the short, medium and long-term, including with reference to their governance, strategy and risk assessment processes. UK companies are not currently required to report according to TCFD recommendations. The Financial Conduct Authority has recently consulted^{[footnote 78]} on a proposed new Listing Rule which would require listed companies to set out whether and where they have made disclosures in line with TCFD, and to explain why they may not have made any such disclosures. The TCFD focus on climate change-related disclosures across the short, medium and long term may complement the structure of reporting under the Resilience Statement. The government is interested to hear from all interested parties on whether, and if so how, these 2 reporting measures might be integrated.

3.1.17 The government also agrees with the Brydon Review that companies should consider, as part of their Audit and Assurance Policy^{[footnote 79]}, whether any independent assurance is required of the Resilience Statement, as well as outlining the company’s internal assurance of the Statement’s content. Any such independent assurance would be in addition to that required by the statutory audit.

Question 20. Should the Resilience Statement be a vehicle for TCFD reporting in whole or part?

Scope of company coverage and implementation route

3.1.18 Premium listed companies currently have more extensive experience of risk and viability reporting through disclosures they provide under the UK Corporate Governance Code and the UK Listing Rules. The government therefore intends to introduce the Resilience Statement initially in respect of premium listed companies only.

3.1.19 However, the government believes that the public interest in resilience reporting extends to other listed and to unlisted companies with a significant economic and social footprint. The government therefore intends to extend the requirement to provide a Resilience Statement to other Public Interest Entities within 2 years of it coming into force for premium listed companies, subject to the possible exclusion of recently listed companies as set out in paragraph 1.3.26 and Q4 above. Recently listed companies would retain the option of voluntary compliance in order to build investor confidence in their reporting and future prospects.

Question 21. Do you agree with the proposed company coverage for the Resilience Statement, and the proposal to delay the introduction of the Statement in respect of non-premium listed PIEs for 2 years? Should recently-listed companies be out of scope?

3.1.20 The government’s preferred implementation route at this stage is to implement the Resilience Statement through legislation as a new section of the existing Strategic Report, supported by non-statutory guidance to be maintained by the new Audit, Reporting and Governance Authority (ARGA). The government and regulators will consider what consequential changes may be needed to the UK Corporate Governance Code and relevant provisions in the UK Listing Rules to ensure that there is no duplication across the Strategic Report, the Code and the Listing Rules. Any changes to the Listing Rules would be for the Financial Conduct Authority to determine and would be subject to separate FCA consultation. The government will also consider what scope there may be for companies to report existing statutory disclosures on risk within the Resilience Statement.

3.2 Audit and Assurance Policy

The government agrees with the Brydon Review recommendation and proposes to introduce a statutory requirement on public interest entities to publish an annual Audit and Assurance Policy that describes the company’s approach to seeking assurance of its reported information over the next 3 years. In the case of quoted public listed entities, the Policy would be subject to an advisory shareholder vote at the time of its publication. The government is minded that the Policy would be required initially of premium listed companies, and extend to other public interest entities 2 years later.

Background

3.2.1 Shareholders and other stakeholders depend on company disclosures to be accurate, reliable, comparable and consistent. Historically, users of company reporting, and the company law framework, have placed particular emphasis on ensuring the integrity of the company’s accounts. This remains and will continue to be the main focus of the annual company audit, which is intended to provide ‘reasonable assurance’ – that is to say, a high level of assurance – by an independent person that a company’s accounts provide a true and fair view, are properly prepared in accordance with accounting standards and are free from material misstatement. (For the avoidance of doubt, references to ‘accounts’ in this section mean accounts prepared in accordance with Part 15 of the Companies Act 2006, on which the company’s auditor provides their audit opinion and referred to as ‘financial statements’ in international accounting standards, the auditing standards (UK) and the audit report).

3.2.2 There is also a range of other information that companies are required to include in their annual report and which is of growing importance and interest to shareholders and other users of the report and accounts as well^{[footnote 80]}. This information is primarily contained in the directors’ report, the strategic report and (in the case of premium listed companies) the corporate governance statement. It includes disclosures and commentary about how the company is handling risk and uncertainty, ensuring good corporate governance and meeting statutory obligations to report a wide range of non-financial information, including how directors have regard to stakeholders in their decision-making.

3.2.3 The annual company audit considers this information but to a much more limited degree. Generally speaking, the auditor’s role is to advise whether this information (which the auditing standards refer to as ‘statutory other information’) has been prepared in accordance with applicable legal requirements, and whether the auditor has identified any information that is materially inconsistent with the accounts or with the auditor’s knowledge gained during the audit^{[footnote 81]}. This requirement also extends, under auditing standards, to other information provided voluntarily in the annual report (which the FRC refer to as ‘non-statutory information’), although without the requirement to check legal compliance since such information is not required by law or regulation.

3.2.4 The auditor’s reporting on statutory other information and non-statutory information, while important, does not constitute either of the 2 types of assurance opinion (limited or reasonable) recognised and defined in international auditing standards^{[footnote 82]}. Shareholders and others may therefore be uncertain as to the degree of confidence they can place in the information.

3.2.5 As investors and others place increasing importance on company reporting beyond the accounts, their interest in the integrity and reliability of those disclosures is likely to grow. It is reasonable that users of reports and accounts should have a means of understanding what independent scrutiny, if any, has been applied to company reporting before it is presented to them.

Government proposals

3.2.6 As set out above, the auditor is required to consider the whole of the annual report but the auditor’s scrutiny of information beyond the accounts is generally not extensive and, arguably, not well understood by many users. There is an opportunity for companies to set out more clearly to users the extent to which the annual report and other disclosures have been scrutinised, whether by the existing company auditor^{[footnote 83]} or someone else. The government agrees with the Brydon Review that there needs to be a new framework to encourage and enable this, and in which companies can consider and respond to increased user expectations as to the reliability of company disclosures.

3.2.7 An Audit and Assurance Policy would provide a proportionate and flexible means for companies to explain whether, and if so how, they are obtaining assurance on any company reporting beyond that which is required by the annual company audit. The Policy also provides an opportunity for companies to explain their approach to internal audit and assurance and what improvements they might propose to this in the light of lessons learned, as well as to set out what policies the company might have in relation to the appointment of the company auditor. The government agrees that the annual company audit should remain focused on providing reasonable assurance that a company’s accounts provide a true and fair view.

3.2.8 The government also agrees with the Brydon Review that increased user expectations for assurance of corporate information is likely to require assurance services from other providers, as well as from the accountancy profession. Indeed, some companies already voluntarily choose to commission the services of specialist providers, for example in relation to reporting on the carbon footprint of the business^{[footnote 84]}. While the government is not mandating an extension of statutory audit, it recognises that an Audit and Assurance Policy can be expected to lead to more companies considering whether independent assurance is desirable on elements of company reporting that require specialist knowledge and skills which financial auditors may not be able to provide. In this respect, the Brydon Review proposal for a corporate auditing profession^{[footnote 85]}, underpinned by a common purpose and set of principles and extending to the auditing of all kinds of company reporting, will help enable existing and future auditors to meet increased business needs for assurance within a consistent auditing and assurance framework.

An Audit and Assurance Policy – implementation options

Required content of the Audit and Assurance Policy

3.2.9 Taking into account suggestions by the Brydon Review regarding the content of the Audit and Assurance Policy^{[footnote 86]}, and existing reporting requirements on company auditors and audit committees, the government invites views on whether the Policy should include the following new disclosures at a minimum:

An explanation of what independent assurance, if any, the company intends to obtain in the next 3 years in relation to the annual report and other company disclosures beyond required by statutory audit. The government proposes that this should include an explanation of what independent assurance, if any, the company plans to obtain in relation to:
- the company’s Resilience Statement in whole or part, and other disclosures related to risk^{[footnote 87]};
- the effectiveness of the company’s internal controls framework^{[footnote 88]}.
A description of the company’s internal auditing and assurance processes. This might include how management conclusions and judgements in the annual report and accounts can be challenged and verified internally, and whether, and if so how, the company is proposing to strengthen its internal audit and assurance capabilities over the next 3 years.
A description of what policies the company may have in relation to the tendering of external audit services (for example, whether the company is prepared to allow the external company auditor to provide permitted non-audit services).
An explanation of whether, and if so how, shareholder and employee views have been taken into account in the formulation of the Audit and Assurance Policy.

3.2.10 The government is proposing that risk and viability reporting, and the effectiveness of a company’s internal control framework, should be routinely considered for possible additional assurance as part of the formulation of every new Audit and Assurance Policy, since the consequences of inadequate reporting or processes in these areas could be particularly significant for the future of the company.

3.2.11 The Brydon Review also made recommendations in relation to the audit of Alternative Performance Measures (APMs) and Key Performance Indicators (KPIs), and company statements covering how directors have complied with their duty under Section 172 of the Companies Act to have regard to certain stakeholder interests and other matters. For reasons set out separately in this document, the government is not minded to require the statutory audit to cover these matters, but has invited views on how possible additional assurance on APMs/KPIs and the Section 172 statement might be considered through the Audit and Assurance Policy.

Question 22. Do you agree with the proposed minimum content for the Audit and Assurance Policy? Should any other matters be addressed in the Policy by all companies in scope?

Frequency of reporting and shareholder vote

3.2.12 The Brydon Review proposed that the Audit and Assurance Policy should be published annually, providing a 3 year rolling forward look on a company’s approach to the audit and assurance of its reporting, and subject to an annual advisory shareholder vote in the case of listed companies. The government agrees that the Policy should cover a 3 year period and be subject to an advisory shareholder vote^{[footnote 89]}. The government is also minded that the Policy should be published annually, as the Brydon Review proposes, in order to allow the Policy to be updated as required in relation to changing circumstances and demands.

3.2.13 The government recognises, though, that there is a potential case for a new Policy to be published at least once every 3 years, rather than annually. This might give companies more time to gather shareholder and other views in advance of a new Policy being published, with those views being informed by the experience of the previous Policy operating over more than 1 reporting year.

Question 23. Should the Audit and Assurance Policy be published annually and subject to an annual advisory shareholder vote, or should it be published and voted on at least once every 3 years?

Scope of company coverage and implementation route

3.2.14 The government believes all Public Interest Entities (PIEs) should publish an Audit and Assurance Policy, including unlisted PIEs under the expanded PIE definition proposed separately within this document. The consequences of unreliable reporting on matters of significant stakeholder and public interest can be as serious in the case of large private companies as with public companies. Nonetheless, the government recognises that the Audit and Assurance Policy requirement for unlisted PIEs would not include the requirement for a shareholder vote or statement of how shareholder views had been taken into account.

3.2.15 The government intends that the Audit and Assurance Policy would only be required initially of premium listed companies, given their existing experience of reporting on internal and external auditing matters through the work of their audit committees. The government is minded to provide that premium listed companies should have at least a year from the entry into force of the reporting requirement to prepare and publish their Audit and Assurance Policy and to put it to a shareholder vote. The government is also minded that other listed and unlisted PIEs should have a further 2 years to prepare and publish their Audit and Assurance Policy.

3.2.16 As with the existing Directors’ Remuneration Policy, the government believes that the Audit and Assurance Policy, and the corresponding shareholder vote, are best implemented as new statutory requirements under the Companies Act 2006. The government also believes that, while the proposed content of the Audit and Assurance Policy provides companies with flexibility over what additional assurance, if any, they may choose beyond the statutory audit, it is right that the requirement for the Policy is a statutory one. The government will consider with the FRC whether supplementary guidance to the statutory requirement can nonetheless be provided through additions to existing guidance under the UK Corporate Governance Code covering risk, internal controls and the work of audit committees.

Question 24. Do you agree with the proposed scope of coverage and method for implementing the Audit and Assurance Policy?

3.3 Reporting on Payment Practices

The government agrees with the Brydon Review’s conclusion that improved reporting on payment policies and performance would be valuable, and seeks views in this section on how this could best be achieved in respect of Public Interest Entities by drawing on existing reporting under the Payment Practices Reporting Duty.

Background

3.3.1 Late payment remains a significant problem for small businesses across the country and the government and regulators have been proactive in seeking to eradicate the worst kind of poor payment practices. Key recent developments include:

The introduction of the Payment Practices Reporting Duty^{[footnote 90]} for large companies, introduced in 2017, which has improved Board level responsibility for payment practices and requires that a qualifying company’s information for a reporting period must be approved by a director of that company before it is published.
A requirement on large companies to report each year (since 2019) how they are meeting their duty under Section 172 of the Companies Act to have regard to (among other things) the need to foster the company’s business relationships with suppliers, and the effect of that regard, including on the principal decisions taken by the company during the financial year^{[footnote 91]}.
The FRC’s most recent annual open letter^{[footnote 92]} to audit committee chairs and finance directors, part of which encourages companies’ Section 172 statements to include reporting on payment to suppliers in line with the BEIS response to their call for evidence on ‘Creating a Responsible Payment Culture’.

3.3.2 However, the Brydon Review saw value in disclosures on payment practices being made within company annual reports, so as to be more readily available to shareholders – since a company’s approach to paying suppliers can sometimes be an indicator of its own financial position. As it stands, such disclosures in annual reports are patchy. A number of companies state in their annual report that they comply with the Payment Practices Reporting Duty (PPRD), or are signatories to the voluntary Prompt Payment Code^{[footnote 93]}, but most do not provide detail on their supplier payment record over the previous year. In the case of companies with many subsidiaries, this can make it challenging for shareholders and other stakeholders to understand clearly and straightforwardly how a company at the group level is performing with regard to supplier payments, since the reporting under PPRD is done at a subsidiary level and is not required to be set out in the annual report.

Government proposals

3.3.3 In response to the Brydon Review proposal, the government is inclined to make supplier payments reporting more readily accessible to shareholders, and to make it easier to understand payment practices at corporate group level, not just for individual subsidiaries. A specific option being considered is to require the annual reports of Public Interest Entities (PIEs) to provide a summary of how the company – or group in the case of a parent company – has performed with regard to supplier payments over the previous reporting year, and to comment on how this compares to the year before that. This could be achieved by requiring companies to include this information in their strategic report^{[footnote 94]}.

3.3.4 A natural approach would be for this new requirement to apply to all PIEs that are large companies and which therefore already meet the large company criteria for reporting under the PPRD. An alternative would be to apply the requirement only to PIEs with more than 500 employees, which are the companies currently required to include a non-financial information statement in their strategic reports^{[footnote 95]}.

3.3.5 The government welcomes views on these options, and also on what minimum content could be required of supplier payment summaries in annual reports. The government suggests at this stage that companies in scope could be required to summarise (at a group level in the case of parent companies):

the company’s supplier payments policy, including its standard payment terms and shortest and longest standard payment period;
the percentage of the company’s supplier payments that met its standard terms and, where this figure is less than 80%, an explanation of why this occurred and what actions the company plans to take to improve its payments record;
where such an explanation was required in the previous year’s annual report, an update in the following year’s report on the actions that were taken to improve the payments record and any additional steps proposed.

3.3.6 Including this proposed new reporting requirement within the strategic report would mean that it was included within the annual company audit’s check that the reporting was prepared in accordance with applicable legal requirements, and was materially consistent with the accounts. Companies would also have the opportunity, in consultation with their shareholders, to consider whether and, if so, how they should seek any additional assurance on their supplier payment reporting as part of their Audit and Assurance Policy. A level of assurance over companies’ prompt payment reporting may help to address any scepticism about its accuracy.

3.3.7 However, the government is also mindful of the need to avoid duplication of the existing requirements under the PPRD. So the government is also open to suggestions of other ways to achieve the objective of improving supplier payments reporting to shareholders, for the reasons identified by the Brydon Review.

Question 25. In order to improve reporting on supplier payments, should larger companies be required to summarise their record on supplier payments over the previous 12 months as part of their annual Strategic Report (applying at a group level in the case of parent companies)? If so, what should the reporting summary include at a minimum? Do you have alternative suggestions on how to improve supplier payments reporting?

Question 26. To which companies should improvements in supplier payments reporting apply: companies which are PIEs and already report under the Payment Practices Reporting Duty, or PIEs with more than 500 employees?

3.4 Public Interest Statement

The government does not at this time propose to introduce a statutory requirement for a public interest statement but welcomes comments on the Brydon Review recommendation. The Financial Reporting Council is separately inviting stakeholder and public comments on a potential future ‘public interest report’ as part of its recently published discussion paper on ‘The Future of Corporate Reporting’^{[footnote 96]}.

Background

3.4.1 The public interest in the activities of companies is reflected in company law and a range of other regulatory requirements. In return for the privilege of limited liability, the law places requirements on directors to discharge statutory directors’ duties and govern their companies with due skill, care and diligence. This includes annual directors’ reporting to shareholders on their company’s future prospects and how they are managing the principal risks and uncertainties facing the company.

3.4.2 Additionally, and increasingly, directors are required to have regard to the interests of other stakeholders and to make disclosures on matters of interest to society as a whole. These include the following obligations and reporting requirements:

the duty on directors to promote the success of the company, and in doing so, have regard to (among other matters) the interests of employees, the impact of the company’s operations on the community and its environment and the likely consequences of any decision in the long-term^{[footnote 97]};
the requirement to publish annually a range of non-financial information, to enable understanding of the company’s impacts in relation to the environment, social matters, respect for human rights and certain other matters^{[footnote 98]};
annual disclosures on the company’s greenhouse gas emissions^{[footnote 99]}; and
gender pay gap reporting^{[footnote 100]}.

3.4.3 The government has also, since 2018, placed a reporting requirement on all large companies to report each year on how they are complying in practice with their Section 172 duty to have regard to the interests of various stakeholders and the environment (as well as their obligation to promote the success of the company for its shareholders)^{[footnote 101]}.

3.4.4 Taken together, these existing reporting requirements provide a range of opportunities for users of reports and accounts, and other stakeholders, to form a view on how a company’s activities are having an impact on matters of public interest.

3.4.5 The government recognises that there may be a case for going further than this. For example, companies could be required, as the Brydon Review has proposed, to report on what they perceive to be their responsibilities to the public interest in addition to their statutory and other regulatory obligations. This might involve a company identifying its key stakeholders and setting out how annual strategic and investment decisions taken by directors impact on these stakeholders, to the extent that this is not already covered in the Section 172 statement. It might also involve directors articulating the specific purpose of their company, how that purpose serves the public interest and how the purpose has informed the company’s activities over each annual reporting period.

3.4.6 At the same time, the government is mindful of the risk of any stand-alone public interest statement leading to duplication or unhelpful overlap with existing company reporting in this area. There would also be a risk that mandated company reporting on how directors are meeting non-statutory, self-determined public interest responsibilities would not produce consistent and rigorous reporting across all businesses.

Government proposals

3.4.7 At this stage, the government is minded to keep under review the case for a public interest statement but not introduce a new statutory requirement within this current reform package. The Financial Reporting Council’s recently published discussion paper on ‘The Future of Corporate Reporting’ includes ideas for how a public interest report might be designed, while building and complementing existing reporting requirements. Comments received in response to this consultation and in response to the FRC discussion paper will help inform the government’s and the FRC’s further consideration of the issue.

Question 27. Do you agree with the government’s proposal not to introduce a new statutory requirement at this time for directors to publish an annual public interest statement?

Question 7

4.  Supervision of corporate reporting

Accepted Answer

The regulator has a vital role in supervising, guiding and challenging the information that companies make public, in particular reviewing companies’ compliance with reporting requirements and applicable accounting standards. This Chapter sets out the government’s proposals to strengthen the regulator’s corporate reporting review (CRR) powers and extend its CRR activities to build on the current work of the FRC, in line with the recommendations of the FRC Review. Notably, the government proposes to broaden the regulator’s review powers so that it can scrutinise the entire contents of a company’s Annual Report and Accounts, give the regulator the power to direct changes to be made to a company’s report and accounts (where it is fair to do so) and increase the transparency of the regulator’s review work through the publication of more information about its findings.

4.1 Background

4.1.1 The FRC monitors corporate reporting and accounting through its corporate reporting review (CRR) activities^{[footnote 102]}. The regulator checks the directors’ report, strategic report and annual accounts of public and large private companies for compliance with the Companies Act 2006 and applicable reporting standards^{[footnote 103]}. It is also required to keep under review periodic accounts and reports that are produced by issuers of transferable securities and to assess whether they comply with any accounting requirements imposed by FCA rules^{[footnote 104]}. The FRC Review found that the regulator’s CRR activities were valuable, but hindered by a “lack of visibility, low levels of review activity and cumbersome enforcement mechanisms”. It made a set of recommendations for strengthening this aspect of the regulator’s work, both in strengthening the regulator’s CRR powers, but also in expanding its level of CRR activity.

4.2 Stronger powers for the regulator

Power to direct changes to company accounts

The FRC Review recommended that ARGA should be able to order amendments to company reports directly, rather than requiring a court order which is the current position. This would ensure parity with the regulator’s overseas counterparts and be consistent with the government’s vision of a stronger regulator. Consultees who addressed this issue supported the recommendation, although several respondents suggested that an appeal or reconsideration procedure should be introduced alongside the stronger power.

4.2.1 Accordingly, the government will replace the regulator’s current power to seek a court order with a power to direct changes to reports and accounts. It is working with the regulator to develop an appropriate mechanism which will ensure fairness to the companies and enable them to challenge the regulator’s decision. The intention of this measure is to simplify the process; it is not expected to have a significant impact on the number of cases in which amendments to company reports are required by the regulator.

4.2.2 Whilst the proposed new power to direct changes will strengthen the regulator’s ability to rectify cases of non-compliance with accounting and other reporting requirements, the government recognises the challenge associated with directing changes to matters involving significant judgements such as accounting for long term contracts and impairment reviews. The government therefore intends that the power to commission an expert review - explained in more detail in Chapter 11 - should allow the regulator to instigate a review into the underlying reasons for an accounting application and assess what changes might be required. The government will ensure that the power to direct extends to instances where an expert review has indicated that the report or accounts need to be amended.

Power to publish CRR correspondence and summary findings

The FRC Review suggested that the regulator’s CRR work should be more transparent to ensure that there is greater visibility for investors and other users of accounts about any deficiencies and shortcomings identified. It recommended that CRR findings should be reported publicly and that the regulator should publish full correspondence following all CRR reviews.

4.2.3 Many respondents to the initial consultation, particularly investors, favoured greater visibility for the outcomes of reviews. Views differed, however, on whether full publication of all the correspondence was required to achieve this. Some respondents suggested that publication of the outcomes of the review in a ‘summary findings’ document might be enough to achieve the necessary degree of transparency. Importantly, this might be less likely to discourage open correspondence between the company and the regulator and make it easier to avoid disclosure of commercially sensitive information.

4.2.4 The government will give the regulator powers allowing it to publish correspondence entered into during the course of a CRR review, as well as summary findings. It will ensure that there are safeguards in the legislation regarding the publication of information which a company regards as commercially confidential. However, before moving to a procedure involving the publication of full correspondence, the government wants the regulator to test whether a ‘summary of findings’ will provide sufficient transparency for investors and other stakeholders about the nature of the issues raised in the course of a review and the eventual outcome. The government expects the regulator to move to full publication of correspondence only if the initial approach fails to deliver adequate transparency.

4.2.5 As an interim step, ahead of legislation, the regulator intends to start publishing case summaries - subject to the existing legal restrictions on disclosing confidential information received from individuals or companies without their consent.

Extension of corporate reporting review powers to the entire annual report

The regulator’s CRR powers currently only extend to certain parts of the annual report and accounts, namely the strategic report, the accounts themselves and the directors’ report. This means that important – required - aspects of the annual report relating to corporate governance are not subject to formal FRC oversight. This includes the corporate governance statement (unless this is included in the directors’ report) and the directors’ remuneration and audit committee reports.

4.2.6 The government agrees with the FRC Review’s recommendation that the entire content of the annual report should be brought within the scope of the CRR process^{[footnote 105]} . The government will accordingly legislate to extend both the existing power to request information from companies and the new power to direct changes to accounts to cover the entire content of the annual report – both the legally required and voluntary elements of the report such as the CEO and chair’s reports. In approaching the voluntary content of the report, it is envisaged that the regulator will need to be alert to and challenge any material inconsistencies with the mandatory parts of the annual report. ARGA will not be expected to investigate or direct changes to disclosures required by regulators in other jurisdictions, for example SEC requirements for dual-listed entities.

4.2.7 Ahead of legislation, the government has asked the FRC to extend its CRR scrutiny to all elements of the annual report. Where the regulator has further questions or concerns about any aspects of this reporting – for example about the consistency of the chair’s statement with the rest of the report - these concerns will be included in an ‘issues letters’ as a separate section. Although the regulator will not initially have formal enforcement powers for these aspects of the annual report, it is expected that companies will be willing to engage with the regulator on a voluntary basis and, where necessary, to make revisions. The regulator will also liaise with the FCA where it has concerns about the accuracy and completeness of reporting which may cause harm, given the FCA’s remit as the UK’s securities regulator.

Power to offer a pre-clearance service

4.2.8 The FRC Review^{[footnote 106]} recommended that the regulator should be able to offer companies a pre-clearance service for novel and contentious matters connected with the interpretation of accounting standards in advance of the publication of the annual accounts. The Review noted that some accounting treatments can be very complex, and that instead of picking them up retrospectively as part of the corporate reporting review process, the regulator could do more to help companies get it right the first time. The Review noted that several equivalent overseas regulators can already provide such a service.

4.2.9 Responses to the initial consultation on this were mixed and did not suggest that there would be strong demand for such a service. That also appears to be the experience in other countries where the service is offered. In terms of a practical procedure, the following suggestions were made:

The regulator should publish guidelines setting out the type of pre-clearance requests that would be accepted and the information to be provided by applicants;
The regulator should set out the expected timeframe within which applications would be processed and the protocols that would be followed;
The regulator should explain the status of any pre-clearance decision, including the circumstances – if any - in which it could be re-opened in retrospective CRR work;
The regulator should set out the respective responsibilities of the company and the auditor in relation to an application. Any disagreement between the company and auditor should be made clear in the application. Alternatively, the regulator could insist that applications will only be considered where the auditor has confirmed that it would accept the accounting treatment being suggested;
Where there have been pre-clearance consultations with the regulator, these should be disclosed in the annual report in the year to which they relate so that there is transparency for investors; and
The regulator should publish an annual account detailing on an anonymised basis the queries it has received and the responses it has given. This would help others addressing similar issues, promote more consistent reporting and potentially have value particularly for challenger audit firms.

4.2.10 The government will ensure that ARGA has the necessary powers to provide a pre-clearance service, including a statutory exemption from liability where it offers this service^{[footnote 107]} . However, in view of the apparent lack of strong demand, the government considers that the decision on whether and when to offer a pre-clearance service, and whether it should be preceded by a pilot, should be a matter for the regulator. This will depend on its assessment of priorities, likely demand and having access to the necessary resources and high level expertise.

4.3 Measures to strengthen corporate reporting review activity

Expanding the volume of CRR activity

4.3.1 The FRC Review recommended an expansion to the volume of the regulator’s CRR activity. The government agrees. The regulator is already increasing the volume of CRR work and has allocated additional funding from its budget to secure the additional skilled technical experts needed to carry out this expanded function. The government expects ARGA to set out its policy for the volume of CRR activity and to review that policy at least once every 5 years, including through consultation with interested parties.

Focusing CRR activity on reporting by Public Interest Entities

4.3.2 The FRC Review recommended that the new regulator’s CRR work should be limited to PIEs as far as possible. This would significantly reduce the number of companies within its scope^{[footnote 108]}. In practice, the CRR work currently extends to approximately 15,000 companies in total including all large private companies as well as UK listed and AIM quoted companies. All limited liability partnerships are also covered.

4.3.3 Several responses to the government’s initial consultation expressed concerns that limiting CRR work to PIEs would create an important gap in regulatory oversight and could adversely affect standards of reporting by companies not within the new scope. The possibility of a reporting review in response to a complaint or other intelligence, even if remote in practice, encourages higher standards. It can also strengthen the position of auditors in their dealings with clients about the interpretation of accounting standards.

4.3.4 Expanding the definition of PIEs as proposed in Chapter 1 would partially address these concerns, but important gaps would remain. In principle, the gaps in regulatory oversight of reporting by non-PIEs could be filled by the professional accounting bodies. However, government is not convinced that these bodies could easily find the specialist skills needed to undertake the necessary review work and they would be competing with the regulator from a limited pool of specialists.

4.3.5 The government agrees that the new regulator should focus most of its pro-active CRR work on PIEs but should retain its current powers to investigate reporting by non-PIE companies. The regulator will be expected to set out its policy for the use of these powers, and review that policy periodically.

Extending CRR work to a wider range of investor information

The FRC Review recommended that the government, the FRC and the FCA should consider the case for strengthening qualitative regulation of a wider range of investor information than is covered by the FRC’s existing CRR work. This would include preliminary results and investor presentations. This information is of interest to investors, who often attach more importance to it than to the annual report and accounts, which are subject to closer regulatory and auditor scrutiny.

4.3.6 The government agrees that the prospect of retrospective scrutiny and the possibility of the regulator publishing adverse findings could be a strong incentive to companies to ensure that, for example, investor information is consistent with the annual report and accounts in terms of tone and content and is not misleading. The FCA already monitors investor communications from listed companies on a risk-of-harm basis under its existing market supervision and market abuse responsibilities. It does this both on a real time basis, and where it suspects misconduct may have occurred, ex post. The involvement of the FRC in the FCA’s real time work would risk regulatory overlap and confusion for issuers of securities. The government does not intend to bring the FRC into this area of supervision.

4.3.7 The government has instead asked the FRC to undertake a pilot study of preliminary results and investor presentations, working with the FCA, to establish the extent of any inconsistencies between this information and the subsequent annual report and accounts. Where it finds inconsistencies, the FRC will engage with companies via the ‘issues letter’. It will also liaise with the FCA where there is evidence of non-compliance with the FCA’s rules, and the FCA’s formal powers will be engaged where necessary.

4.3.8 The FRC, FCA and the government will review outcomes from the study once it is complete. If the conclusion is that applying the CRR process to a wider range of investor information has the potential to increase its quality and reliability and help strengthen the existing market supervisory regime, it should become a permanent feature of the regulator’s work. If that is the case, and subject to any further views from consultees, the government will ensure that the regulator is given the additional powers needed to undertake this work effectively.

4.4 Influencing the corporate reporting framework

Promoting brevity and comprehensibility in accounts and annual reports

The FRC Review identified concerns with the length and volume of company reporting, raising questions about its ability to deliver meaningful information to stakeholders. It recommended that the regulator should be required to promote brevity and comprehensibility in company reporting and engage meaningfully with users of accounts and asset owners about their information needs.

4.4.1 In response, the government plans to give ARGA a ‘regulatory principle’ relating to promoting brevity, comprehensibility and usefulness in corporate reporting to which it will have to have regard (see Chapter 10). It is intended that the concept of ‘usefulness’ will extend to work by the regulator to improve the digital accessibility of company reports in cooperation with other regulators such as Companies House and the FCA, such as reports’ availability in appropriate machine-readable formats. The regulator is already taking steps to improve its processes for engaging with the users of reports about their information needs, and the principle of usefulness is intended to capture efforts to improve the digital accessibility of company reports in cooperation with other regulators. .

4.4.2 The government also agrees with the FRC Review that the regulator should have a stronger role in influencing the overall corporate reporting framework and its application by reporting to BEIS once a Parliament with an assessment of the extent to which the statutory reporting framework is serving the interests of users, together with recommendations for improving it.

A more disciplined approach to guidance and discussion documents

The FRC publishes a wide range of guidance, including on audit committees and board effectiveness. The FRC Review recognised that this guidance was useful where the regulator was able to draw on its technical knowledge, but added less value where it was less expert.

4.4.3 The initial consultation showed support from many quarters for the FRC’s guidance material. Several respondents suggested that extensive collaboration with investors, companies and other stakeholders made it both practical and useful. The FRC’s Reporting Lab was widely admired. The government believes, however, that the regulator could do more to ensure that guidance and discussion documents are only issued where they add clear value.

4.4.4 The regulator is therefore ensuring that its existing framework and Principles for the Development of Codes, Standards and Guidance^{[footnote 109]} are being applied rigorously and consistently. Guidance will be targeted at those who need to see it and an improved stakeholder relationship management system will enable more effective engagement with stakeholders. This improved publication gateway process should ensure that the regulator’s guidance on reporting and other issues is only issued where it is needed and adds value.

Question 28. Do you have any comments on the government’s proposals for strengthening the regulator’s corporate reporting review function set out in this chapter?

Question 8

5.  Company directors

Accepted Answer

Directors are ultimately responsible for the company’s accounts and reports and have duties in relation to the auditing of those accounts and reports. However, the regulator currently has no direct powers to act if those duties are breached. The government proposes to give the regulator investigation and enforcement powers to hold company directors of public interest entities to account. The proposed scope of these powers and how these powers will interact with existing enforcement regimes are set out in this Chapter.

The government believes that this regime can be complemented further to ensure that remuneration can be withheld or recovered in the event of serious director failings, and is asking the regulator to consult on changes to the UK Corporate Governance Code to provide for minimum clawback conditions or ‘trigger points’ to be included in directors’ remuneration arrangements.

5.1 Enforcement against company directors

Company directors have various statutory duties in relation to the preparation of their company’s accounts and reports, and the auditing of those accounts and reports^{[footnote 110]}.The FRC currently has no direct powers to enforce these duties. The FRC may in limited cases be able to take enforcement action against a director if they are a chartered accountant who under voluntary arrangements with the chartered accountancy bodies are subject to the FRC’s disciplinary scheme for accountants^{[footnote 111]}. However, the FRC has no means of taking enforcement action against directors who are not chartered accountants where they have breached their duties relating to corporate reporting and audit.

5.1.1 Many of the duties of directors are backed up by criminal offences in the Companies Act 2006. The Insolvency Service is primarily responsible for investigating and prosecuting these offences^{[footnote 112]}. However, it is rare in practice that prosecutions are brought against company directors of solvent companies in relation to such offences. There can be significant resources involved in investigating complaints and bringing prosecutions, and the Insolvency Service’s enforcement efforts in this area tend to be directed towards ensuring fair competition in the marketplace as a whole and holding those who abuse the privilege of limited liability to account: for example, removing companies and directors who operate scams. The Insolvency Service also has the power to bring directors’ disqualification proceedings in relation to unfit conduct by directors, including a failure to keep proper accounting records or to prepare and file accounts.

5.1.2 For listed companies, the Financial Conduct Authority (FCA) already has a range of powers to take enforcement action against directors for failings relating to all forms of corporate reporting including where such failings occur in the context of company accounts and reports. For example, the FCA may impose penalties in circumstances where directors of listed companies are knowingly concerned in failures to report according to the applicable financial reporting framework or fail to establish adequate systems and controls to meet reporting requirements (breaches of the FCA’s Listing and Transparency Rules). Furthermore, for all companies with securities traded on the UK’s public markets^{[footnote 113]} the FCA may apply civil or, where appropriate, criminal sanctions to any person, not simply directors, where failings are so egregious as to constitute market abuse – for example where corporate disclosures (or the lack of them) constitute misleading statements.

5.1.3 The scope of the FCA’s powers as a securities regulator is wide and it also has a suite of powers that apply to financial firms that it regulates. Given the proposed scope of PIEs set out in section 1.3, a significant number could fall within FCA’s remit. However, the FCA’s powers only extend to the companies it regulates and do not cover directors of companies listed on AIM or large private companies operating outside of the financial sector.

5.1.4 The FRC Review recommended that there should be an effective enforcement regime that holds directors of PIEs to account for their duties in relation to corporate reporting and audits.^{[footnote 114]} It recommended that this should apply to the company’s CEO, CFO, chair and audit committee chair. It also recommended that this regime should follow similar principles to the audit enforcement regime.^{[footnote 115]} In addition, the FRC Review recommended that the responsibility for director disqualifications should remain with the Insolvency Service.^{[footnote 116]} Notably, the Review highlighted that in its call for evidence the regulator’s lack of enforcement powers in relation to company directors had been commented on perhaps more than any other single issue and with “the great majority concerned that the current position is inadequate”.

Consultation responses

5.1.5 Overall, there was broad support for the proposals from a range of stakeholders including from audit and accountancy firms, professional bodies, the legal profession, and investors. A small number of respondents suggested going further and requiring PIE directors holding key financial and reporting roles to have fulfilled certain criteria before appointment.

5.1.6 There were several concerns that if the proposal were to focus on 4 specific director roles, as suggested by the Review, this would undermine the collective responsibility of the board. A Big Four firm suggested extending the regime to non-directors in the finance function, such as the financial controller, and several respondents said specifically that the regime should apply to all directors. One professional body warned that the scheme might deter non-financial directors from serving on the board, which it argued would work against board diversity, and might deter candidates for audit committee chairs, particularly when the CMA Review envisages a greater role for the audit committee.

5.1.7 Several respondents, including 2 from the legal profession, suggested that existing powers held by the Insolvency Service or the FCA are sufficient and should be made more effective in practice. They also suggested that the proposals undermined the role of the courts and created uncertainty and risk for directors, making the UK a less attractive place for investment.

5.1.8 A large majority were broadly supportive of the directors’ enforcement regime being based on similar principles as the regulators’ sanctioning powers in relation to auditors. Two respondents suggested going further with a regime similar to the Senior Manager Regime administered by the FCA and PRA for financial institutions. These respondents commented that any proposal needed to be aligned with the Senior Manager Regime to avoid the financial services sector having to apply 2 different regimes. A respondent representing listed companies urged the government to ensure that requirements were broadly in line with similar regimes in other countries to avoid undermining UK competitiveness. One respondent cited Australia as a potential model.

5.1.9 There were varied views on whether the new regulator should have the power to disqualify directors with several wanting the new regulator to be responsible for disqualification rather than remitting such cases to the Insolvency Service; others thought that ARGA should investigate only, then refer to the Courts to interpret and enforce the law. A professional body thought that the government should consider making another body such as the FCA responsible for the regulation of directors.

Government proposals

5.1.10 The government has considered whether the enforcement of directors’ duties relating to corporate reporting and audit might be better achieved by strengthening the existing enforcement mechanisms, but does not consider that this approach would be sufficiently comprehensive or effective. Although the scope of the FCA’s powers extend to a significant number of companies within the proposed extended definition of a PIE, a large number of companies would not be covered. It is also only ever likely to be appropriate for the Insolvency Service to bring criminal prosecutions and directors’ disqualification proceedings against PIE directors in more serious cases, where it is in the public interest to do so.

5.1.11 The government considers that it is important that ARGA be given effective powers in respect of directors’ duties relating to corporate reporting and audit that can be exercised, whether or not a director is an accountant. It could undermine ARGA’s credibility as a regulator and the effectiveness of the regulatory regime as a whole if it can act against the auditors of a company’s accounts and reports, but not against those responsible for producing them. ARGA’s use of such powers will need to be coordinated with other regulators to avoid an overly complex regime for businesses; this is considered below under ‘relationship with existing enforcement regimes’.

5.1.12 The government considers that the introduction of an authorisation type scheme for company directors would represent a major extension of regulation and a disproportionate burden that potentially deters listing and investment in the UK, particularly by internationally mobile businesses. The government therefore does not propose to introduce such a regime.

5.1.13 However, providing the regulator with enforcement powers in relation to each of the main parties involved in a company’s reporting and audits will facilitate the pooling of resources and a single investigation into an issue at a company followed by action against auditors, accountants and/or directors as appropriate. The government therefore intends to legislate to provide ARGA with the necessary powers to investigate and sanction breaches of corporate reporting and audit-related responsibilities by PIE directors.

Relationship with existing enforcement regimes

5.1.14 The proposed regime will give the regulator new powers to take civil enforcement action against PIE directors in relation to breaches of existing PIE directors’ duties relating to corporate reporting and audit (and any new duties which are introduced further to this consultation, for example in relation to internal controls). This new enforcement regime for PIE directors would not replace existing arrangements for taking action against company directors, for example in respect of offences under the Companies Act or breaches of the FCA Listing Rules, FCA Transparency Rules or Market Abuse Regulation. The government agrees with the FRC Review’s recommendation^{[footnote 117]} that responsibility for bringing directors disqualification proceedings should remain with the Insolvency Service, so ARGA would continue to refer cases to the Insolvency Service where appropriate.

5.1.15 The government’s intention is for these powers to work in tandem with those held by the FCA as well as those held by other agencies including the Serious Fraud Office. There is already some overlap between the responsibilities of the FCA and FRC, but the government recognises that the extent of overlapping powers will be increased through the introduction of these powers in respect of enforcement against directors of listed companies and financial services firms. However, the remits of the 2 regulators are, and should remain, complementary. FCA sets, supervises and enforces the Listing Rules, Disclosure and Transparency Rules (which include corporate reporting and financial reporting), and the Senior Managers and Certification Regime. FCA also has civil and criminal powers in relation to market abuse on public markets. ARGA will carry out the standard-setting, supervision, monitoring and enforcement activities to ensure high standards of audit, and also in relation to corporate reporting where such matters do not fall within the remit of the FCA – and, in the context of those specific areas, certain director behaviours. It will be for the FCA to decide what if any action it is appropriate for it to take in relation to matters or behaviours that may give rise to breaches of FCA’s rules.

5.1.16 The government is committed to avoiding overlap or duplication between the role of ARGA and the existing scope or powers of the FCA wherever possible. However, where it has been decided that it is not appropriate for a case concerning the conduct of a director to be addressed by the FCA, ARGA will be able to take action for corporate reporting and audit related failings in relation to PIE directors, including those of listed companies and financial services firms. As such, a degree of overlap in powers will be necessary.

5.1.17 The FRC and FCA have committed to work together to put in place arrangements for the avoidance of unnecessary overlaps and duplication in practice and to identify the exceptional cases where both regulators may need to investigate, on the basis of clear principles of effective regulation. A memorandum of understanding will be established and published (as is the case now between FCA and FRC), setting out the framework for coordination and cooperation. Where the powers of ARGA and FCA do overlap, the regulators would cooperate fully, sharing information and agreeing an appropriate way forward.

Question 29. Are there any other arrangements the government should consider to ensure that overlapping powers are managed effectively?

Directors in scope of new enforcement powers

5.1.18 The Review proposed that a new director’s regime for Public Interest Entities should cover 4 key director roles (the Chief Executive Officer, Chief Finance Officer, Chair and Chair of the Audit Committee). However, the government agrees with several consultees who argued that all directors ought to be in scope due to the principles of collective responsibility and a unitary board. That is consistent with the scope of the duties themselves, for example section 414 of the Companies Act 2006 requires the company’s accounts to be approved by the whole board of directors. Having all PIE directors in scope reduces the risk of culpable directors escaping liability because they do not hold a particular position. The government therefore intends for all directors of companies which are public interest entities to be in scope.

5.1.19 The government believes that the risk of deterring candidates from non-financial backgrounds from applying for board positions is small. Under the scheme, directors will remain subject to the same legal duties as they are now, for which they are liable to the more serious penalty of either criminal prosecution or disqualification. The regulator could look to mitigate the risk of deterring directors when exercising their enforcement powers by applying their proportionality principle, taking into account the directors’ backgrounds and considering the size and complexity of the entity concerned.

5.1.20 The Review’s recommendation related only to company directors of PIEs, but some PIEs take other forms such as Limited Liability Partnerships (LLP). The regulator may also need to have enforcement powers in relation to persons responsible for managing such entities in respect of their obligations relating to corporate reporting and audits. The government therefore intends to ensure that, where appropriate, the scope of the regulator’s enforcement powers apply to PIEs which are not companies.

Duties in scope of new enforcement powers

5.1.21 The government’s intention is that the regulator’s new enforcement powers will apply to breaches by directors of the existing statutory duties relating to corporate reporting and company audits.^{[footnote 118]} Those include:

the duty to keep adequate accounting records^{[footnote 119]};
the duty to approve accounts only if they give a true and fair view^{[footnote 120]};
the duty to approve and sign the annual accounts^{[footnote 121]};
the duty to approve the directors’ report^{[footnote 122]};
the duty to provide a statement as to disclosure to auditors and to provide information or explanations at the request of the auditor^{[footnote 123]}.

5.1.22 The government believes that where new statutory duties for directors are introduced into the regulatory regime for which the regulator is responsible, it should be able to enforce those duties under this regime. This might include any new directors’ duties that are being proposed elsewhere in this consultation.

Question 30. Are there any additional duties that you think should be in scope of the regulator’s enforcement powers?

5.1.23 The statutory duties relating to corporate reporting and audit are not designed for enforcement by a regulator and may require further elaboration to provide greater clarity and certainty as to when directors may be subject to civil enforcement action. For example, the Brydon Review recommended that the government review the duty to keep adequate accounting records, so that ARGA may provide greater clarity as to what is meant by adequate accounting records^{[footnote 124]}. The government therefore proposes to give the regulator the power to impose more detailed requirements as to how certain statutory duties relating to corporate reporting and audit are to be met by directors.

Question 31. Are there any existing or proposed directors’ duties relating to corporate reporting and audit that you think should be specifically included or excluded from further elaboration for the purposes of the directors’ enforcement regime?

5.1.24 Directors are more generally required to meet certain general duties under the Companies Act 2006, including duties to exercise independent judgment, to exercise reasonable care, skill, and diligence, and to avoid conflicts of interest^{[footnote 125]}. The government is therefore considering whether directors of PIEs ought to be required more specifically to meet certain behavioural standards in the way they carry out their duties relating to corporate reporting and audit^{[footnote 126]}. For example, provision might be made to require directors to act with honesty and integrity when carrying out their corporate reporting and audit duties. This might allow the regulator to take action against a director who, for example, failed to act with honesty and integrity when deciding what information should be revealed to the auditor. In serious cases this might also result in criminal proceedings being brought as they can now, but this would not be for ARGA to pursue.

Question 32. Should directors of public interest entities be required to meet certain behavioural standards when carrying out their statutory duties relating to corporate reporting and audits? Should those standards be set by the regulator? What standards should directors have to meet in this context?

New investigation and enforcement powers

5.1.25 The government proposes to give the regulator powers to gather information and carry out investigations to establish whether a director has breached a relevant requirement, and to impose sanctions in cases where a breach is found to have occurred.

5.1.26 The regime would provide a graduated range of civil sanctions that could be applied by the regulator where a breach was proven. The civil standard of proof ‘on the balance of probabilities’ would apply when deciding disputed facts. Proposed sanctions include reprimands, fines, orders to take action to mitigate the effect of a breach (or the recurrence of a breach,) or to make declarations as to non-compliance and in the most serious of cases, temporary prohibition on acting as a director of a public interest entity.

5.1.27 The regulator would be required to apply sanctions in a proportionate manner according to the seriousness of the breach and risk posed by the director’s conduct.

Question 33. Should the government’s proposed enforcement powers be made available to the regulator in respect of breaches of directors’ duties?

5.2 Strengthening clawback and malus provisions in directors’ remuneration arrangements

Giving the new regulator stronger powers to take enforcement action against company directors for breaches of their existing statutory duties, particularly those relating to corporate reporting, is an important aspect of holding directors accountable to investors and other users of reports. The government believes that this regime can be complemented by giving further attention to contractual provisions in directors’ remuneration arrangements concerning malus and clawback to ensure that remuneration can be withheld or recovered in the event of serious director failings.

5.2.1 The ability to recover remuneration already paid to directors (clawback) or to withhold pending awards (malus) are important mechanisms in directors’ remuneration arrangements which can be exercised by remuneration committees and, where relevant, administrators or liquidators in the event of insolvency. Outside of the financial services sector there are no mandatory requirements for companies to include clawback provisions in directors’ remuneration arrangements. However, the UK Corporate Governance Code states that for premium listed entities, directors’ remuneration policies should “include provisions that would enable the company to recover and/or withhold sums or share awards and specify the circumstances in which it would be appropriate to do so.”

5.2.2 Research shows that about 90% of FTSE 350 companies already have malus and clawback provisions in place. However, whilst most companies have clawback triggers for misstatement of results or an error in performance calculations, far fewer companies have conditions for other provisions including for reputational damage or failure of risk management^{[footnote 127]}.

5.2.3 The BEIS Committee has taken a close interest in the adequacy of powers to clawback cash or shares paid to directors where a company has failed or underperformed. Following its report into the collapse of Thomas Cook, it recommended the need for provisions on clawback to be strengthened and for the scope of application to be extended^{[footnote 128]}. A practical challenge can be the enforceability of these provisions where they exist. If they are drawn too broadly they become difficult to enforce, but if drawn too narrowly and specifically, they can exclude clawback where it would seem self-evident that action should be taken.

5.2.4 The government proposes to strengthen malus and clawback arrangements to provide better reassurance against rewards for failure. It will do this by initially asking the regulator to consult on changes to the UK Corporate Governance Code to include provisions which recommend that certain minimum clawback conditions or ‘trigger points’ are included in directors’ remuneration arrangements and that these have a minimum period of application of at least 2 years after an award is made. Following a review, the government will consider whether there is a need to further extend this to all listed companies, potentially through the Listing Rules.

5.2.5 The government is clear that companies should be able to and should actively consider adding to these minimum conditions to reflect company-specific circumstances. The following are proposed as minimum conditions within which clawback provisions can be triggered:

material misstatement of results or an error in performance calculations;
material failure of risk management and internal controls;
misconduct;
conduct leading to financial loss;
reputational damage; and
unreasonable failure to protect the interests of employees and customers.

5.2.6 The government would welcome views on the proposed minimum list of malus and clawback conditions.

Question 34. Are there other conditions that should be considered for the proposed minimum list of malus and clawback conditions? What legal and other considerations need to be taken into account to ensure that these conditions can be enforced in practice?

Question 9

6.  Audit purpose and scope

Accepted Answer

Recognising the importance of audit in establishing confidence in a company and its directors and in informing those with an interest in its success, the Brydon Review looked not only at issues around audit performance but also what audit is for and what should be expected of it. The government welcomes the Review and the positive vision it sets out for the future.

This chapter considers the Review’s findings on audit and sets out the action the government proposes to take. These proposals include establishing a new corporate auditing profession, new principles for auditors to reinforce good audit practice, a new duty on auditors to take a wider range of information into account in reaching audit judgements, and new obligations on auditors and directors relating to the detection and prevention of material fraud.

6.1 The purpose of audit

Background

6.1.1 Having sought input through its Call for Views, the Brydon Review concluded that “audit is not broken but has lost its way”^{[footnote 129]}. Thus, the core activity of auditing financial statements should continue, and there is no immediate need for wholesale changes to auditing standards. But for audit to do better, the Review argued, “the concept of audit needs to be rethought and redefined… rooted in a widely accepted clarification of its purpose”. The Review was seeking to ensure that audit practice went beyond a narrow focus on financial statements’ compliance with accounting standards (and other legal and regulatory requirements) to be more sceptical, more informative and hence more trustworthy.

6.1.2 This rests on a judgement by the Review that not all auditors seem to be taking sufficient account of director conduct and wider financial and other information for their reports to be as informative and useful as they should ideally be.

6.1.3 The Brydon report refers to ongoing debates about what audit should or should not be expected to do, including the identification by some of an ‘expectations gap’ or ‘delivery gap’ between what audit currently delivers and what others think it delivers (or ought to deliver). The Review considered this focus on gaps to be a distraction – “Either audit is helping to reinforce deserved confidence in business or it is not” – and suggested that the way to deal with them is “to make audit a more informative process and product”. It recommends^{[footnote 130]} that this should be achieved, in part, by establishing a new purpose of audit:

To help establish and maintain deserved confidence in a company, in its directors and in the information for which they have responsibility to report, including the financial statements.

6.1.4 The Review recommended that this definition of audit should be endorsed and adopted by ARGA and that (in relation to statutory audit) the government should consider how best to ‘enshrine’ it within the Companies Act 2006. It also recommended^{[footnote 131]} that “auditing should provide information that is useful to present and potential investors, lenders, creditors and other users in making rational investment, credit and other decisions and assessments about the company”; and that the regulator should “adopt and monitor compliance with this obligation by auditors”, while government “should consider the extent to which it may be placed on a statutory footing in the Companies Act”^{[footnote 132]}. This criterion of providing useful information is similar to the strategic objective proposed for the new regulator by the FRC Review^{[footnote 133]}.

6.1.5 The Brydon Review argues that to make audit more informative requires both changes to audit practice and an increase in audit’s scope. Its proposed new purpose of audit and informativeness obligation are both intended to apply not just to audit as it is now (the audit of financial statements, i.e. statutory audit) but to the wider audit that the Review labels ‘corporate auditing’. This wider audit is discussed below under audit scope.

6.1.6 In line with its terms of reference, the Brydon Review focused on the audit of companies, principally Public Interest Entities. This chapter therefore does not consider whether the Review’s approach should apply to audits of public sector entities, but it is noted that ‘corporate auditing’ as a concept could accommodate public sector audit. The government has responded separately to Sir Tony Redmond’s review of local authority audit in England, as noted in section 11.5 below.

Government proposals

6.1.7 The government welcomes the more ambitious vision for audit set out by the Brydon Review, which better meets the needs of stakeholders through a focus on meeting future challenges as well as current ones. The new purpose of audit which it proposed is in line with the government’s aims to see audit become more trusted, more informative, and hence more valuable to the UK. The Review’s wording seeks to capture the spirit of audit as it should be, and hence to aid understanding of it; it is particularly important to understanding the intent of the Review’s other proposals.

6.1.8 Having a clear and unambiguous statement as to the purpose of an audit could help people understand the outcomes that are expected from the audit process. The Brydon Review however envisaged that this statement as to the purpose of an audit should be more than clarificatory: statutory auditors would be legally required to act in line with it.

6.1.9 The government agrees that audit needs to change along the broad lines proposed by the Brydon Review. That this change has not happened spontaneously despite the identified and growing need for it suggests that intervention is required. Such intervention may well need to have the force of law to change behaviour decisively and for the long term.

6.1.10 The government is therefore minded to give auditors a specific responsibility to consider relevant director conduct and wider financial or other information in reaching their judgements. This would be a statutory requirement of auditors. The intention is that in light of the additional information, auditors may reach different judgements in certain cases: in particular when reaching an overall judgement of whether the financial statements constitute a true and fair view of the entity’s financial position, but also for example judgements about line items in accounts such as revenue, goodwill and other intangible assets, the proposed new resilience statement, or other new reporting requirements proposed at Chapter 3. The requirement would not require the additional information to be audited, but the auditor would be expected to shape their work on the financial statements according to this broader understanding of the company’s position and strategy.

6.1.11 The actions taken by auditors to meet this new statutory requirement would not constitute a non-audit service, and hence could be undertaken by the statutory auditor. Meeting the new requirement would necessarily require a change in auditor mindset, skill set and behaviour. It should lead to innovations in the way auditors are trained; how audit and assurance engagements are conducted; and in the quality and nature of reporting.

6.1.12 Although the principle of considering wider information is relatively simple, the government considers that statutory auditors are likely to benefit from having detailed requirements set out, in a similar manner to auditing standards. These requirements would be set by the regulator and enforceable on statutory auditors, much as existing auditing standards are.

Question 35. Do you agree that a new statutory requirement on auditors to consider wider information, amplified by detailed standards set out and enforced by the regulator, would help deliver the government’s aims to see audit become more trusted, more informative and hence more valuable to the UK?

6.1.13 The intention of the Brydon Review was not only to widen the scope of information used in (and reported by) statutory audit but also to bring additional aspects of assurance alongside statutory audit to become what it termed ‘corporate auditing’. This aspect of the Review’s vision is considered below under audit scope.

6.1.14 The government considers that its proposed duty for auditors to consider wider information, alongside the other reforms proposed here, would go a significant way towards achieving the overall purpose set out by the Brydon Review. Adoption of new principles of corporate auditing (see section 6.3 below) would contribute further. The following paragraphs consider whether the adoption of a new statement of audit purpose could add further value.

6.1.15 A non-binding purpose statement might clarify responsibilities and influence auditor conduct, but could not in and of itself deliver change. Instead, it would need to act as the wrapper of the government’s substantive reforms, setting out their intended use and impact. However, there would be issues of interpretation around such a purpose statement, and it is not immediately clear how those could be resolved definitively.

6.1.16 Whether or not it used the wording proposed by the Review, a binding purpose statement would also leave a lot to interpretation in its (re)definition of audit. This could for example result in setting aside some areas of established case law, intentionally or otherwise. This would be a barrier to achieving the intended outcomes, as well as imposing potentially substantial costs of change on businesses.

6.1.17 To illustrate the interpretative challenge, consider an auditor carrying out statutory audit in the particular way that the Review has identified as deficient: focussed almost exclusively on one subset of a company’s published information – the financial statements – and potentially failing to take account of the rich alternative sources of information and signals which are available about the company being audited. This work would not meet the proposed duty to consider wider information. It might however be possible for the auditor to justify their conduct with reference to the current statutory duties placed on an auditor by the Companies Act 2006, and to argue that this work contributed to the achievement of the purpose set out in a purpose statement.

6.1.18 The government is also mindful of the Brydon Review’s desire to avoid revisiting “a debate which is notable only for its familiarity and circularity”^{[footnote 134]}. In that spirit, the government is keen to focus on achieving the intent of the Review’s proposed audit purpose rather than on its precise form of words.

6.1.19 As a way forward, the government is minded to adopt the Brydon Review’s proposed purpose of audit as a broad ambition for its own programme of reforms, and to ask the new regulator to incorporate that ambition across the relevant parts of its work, consistent with its statutory objectives. This would amount to a non-binding purpose statement that could evolve over time, coupled with a mechanism to deliver change. In ARGA’s regular work – for example, in reviewing auditing standards, both technical and ethical – it would then bear in mind the goal that audit should help establish and maintain deserved confidence in a company, in its directors and in the information that it publishes, so as to make audit more useful and informative to potential investors, lenders, creditors and other users of financial statements.

Question 36. In addition to any new statutory requirement on auditors to consider wider information, should a new purpose of audit be adopted by the regulator, or otherwise? How would you expect this to work?

6.2 Scope of audit

The government agrees with the Brydon Review that it should generally be for companies and their shareholders to decide the scope of the external auditing which is obtained beyond the statutory audit of the financial statements. The external auditing which a company chooses to obtain via its Audit and Assurance Policy should be subject to oversight by the regulator.

The Brydon Review’s vision for audit

6.2.1 Currently, statutory audits cover a company’s annual accounts which are required under the Companies Act (its financial statements). Statutory auditing forms part of a wider set of ‘assurance services’ which may be provided by auditors; other assurance services can be provided by auditors or non-auditors. The Brydon Review identified that if businesses were to have a wider range of information audited then this could enhance confidence in those businesses and thus improve the availability and cost of capital for them.

6.2.2 The Review’s report highlights a very wide range of types of information which it considers businesses could have audited in the future. These are illustrated in the following figure, from the Review’s final report (following para 5.4.8):

The Brydon Review’s new model for audit

6.2.3 A key feature of this proposed expansion of the information which businesses have audited is that it should be market-led beyond the core financial statements which businesses are obliged to have audited under legislation. Company directors would decide what other information should be audited, taking account of shareholders’ views in particular but also the interests of other stakeholders such as lenders, suppliers and employees.

Government response

6.2.4 For the auditing of additional information to have the benefits of increased confidence identified by the Review, it will need to be clear to users of company reporting what level of assurance, if any, has been obtained in respect of that information. As noted above in section 3.2, the government proposes that the Audit and Assurance Policy (AAP) should fulfil this function of indicating and defining what additional information has been subject to audit. The government is minded to introduce a regulatory framework to cover both audits of financial statements (referred to as statutory audit) and other types of information which companies decide to have audited via the Audit and Assurance Policy process (‘wider audit’).

6.2.5 The government proposes that the new regulator should oversee the provision of these wider audit services, including through the creation of a framework for all ‘corporate auditing’, covering both the auditing of financial statements and also the auditing of this wider information^{[footnote 135]}. As the Review indicates, the regulator will need to be mindful of the interaction with the ‘International Framework for Assurance Engagements’ issued by the International Auditing and Assurance Standards Board (IAASB)^{[footnote 136]}.

6.2.6 The scope of the wider auditing services which will be overseen by the regulator would be limited to auditing that companies choose to obtain, as set out in their published AAP. The assurance activities of these companies would be (wider) audit if, and only if, they were declared as such in the AAP and done to the relevant standards. (It follows that if there is not yet a relevant audit standard, then the work cannot be audit.) This would not preclude entities from procuring assurance services to the same standards as the wider audits obtained via the AAP which are overseen by the regulator, but this would be outside the proposed framework for corporate auditing set out in this document.

6.2.7 The government’s view is that it is appropriate to set the scope of the wider auditing services which are overseen by the regulator by reference to the AAP – and hence the choices made by companies about what wider audit to undertake – for the following reasons:

It is unclear which companies would benefit most from access to wider audit. Brydon’s terms of reference focused on Public Interest Entities (PIEs), which are strongly linked to financial markets^{[footnote 137]} and hence could benefit from lower costs of capital if investor confidence in them increases through higher levels of assurance being provided by wider audit. As section 3.2 sets out, the government is minded to require PIEs to publish AAPs. Other companies might well also benefit and should therefore not be excluded from scope. A market-led approach driven by companies’ own choices regarding wider audit achieves this without the need to define in advance the group of potential beneficiaries.
Conversely, smaller companies with limited ability to influence their own cost of capital and/or more concentrated ownership are less likely to obtain the benefits identified by the Review, and therefore should not be expected to commission a wider audit. A market-led approach avoids this problem.
The market mechanism would enable ongoing evolution of and innovation in audit, including the development of a new audit profession.

6.2.8 The regulator currently regulates statutory auditors and audits. To support the approach to wider audit set out above, the government proposes to give the regulator some functions in relation to all corporate auditors (i.e. statutory auditors and those providing wider audit services via the AAP), including setting and enforcing standards applicable to corporate auditing as a whole. The government would welcome views as to what powers and duties should be given to ARGA. For example, would it be necessary to require the regulator’s inspection regime for PIE audits (equivalent to the FRC’s Audit Quality Review) to cover all corporate auditing, or could that be left to the regulator’s discretion if given powers for that purpose?

Question 37. Do you agree with the government’s approach of defining the wider auditing services which are subject to some oversight by the regulator via the Audit and Assurance Policy?

Question 38. Should the regulator’s quality inspection regime for PIE audits be extended to corporate auditing? If not, how else should compliance with rules for wider audit services be assessed?

Question 39. What role should ARGA have in regulating these wider auditing services? Should its role extend beyond setting, supervising and enforcing standards?

6.3 Principles of corporate auditing

The government agrees with the Brydon Review that overarching requirements should be placed on auditors in order to direct the profession towards a stronger ethos of scepticism, challenge and informativeness. The government proposes to do this through a set of binding principles to be determined and enforced by the regulator. Those principles would apply to both statutory auditors and those providing wider auditing services via the Audit and Assurance Policy.

The Review’s proposals

6.3.1 The Brydon Review considered that its vision for the future of audit would be facilitated by a single set of principles developed by the regulator that auditors would be obliged to follow. As well as statutory auditors, the Review proposed that these principles would cover those carrying out wider audit. The Review refers to those in scope collectively as ‘corporate auditors’.

6.3.2 The Review intended these principles of corporate auditing to form part of an overarching framework applying to corporate auditors, with all relevant standards and rules sitting within this framework^{[footnote 138]}. It proposed that auditors should have a primary duty to act in a manner consistent with the principles when carrying out any audit and assurance work. It also recommended that each audit report be required to confirm that the auditor has conducted the audit in accordance with the principles^{[footnote 139]}.

6.3.3 In the Review’s conception, the regulator would determine a process for establishing the principles. The Review also suggested a possible set of principles that might be adopted (see table below). Many of these are similar to existing principles or requirements in the FRC’s Ethical Standard, Auditing Standards or the Ethical Codes issued by the professional bodies that statutory auditors must already follow; the Review states that regard should be had to all of these in developing a single set of principles. Some of the Review’s proposed principles go further: in particular, acting in the public interest and disclosing information about the company which is judged material to users’ understanding if the directors decline to do so.

Audit Principles suggested by the Brydon Review (from para 6.4.2 of the Review)

Auditors act with integrity, fulfilling their responsibilities with honesty, fairness, candour, courage and confidentiality;
Auditors are appropriately qualified and exercise professional judgment and appropriate scepticism or suspicion throughout their work;
Auditors act in the public interest and have regard to the interests of the users of their report beyond solely those of shareholders;
Auditors maintain independence from the entity and its officers on whom they are engaged to report;
Auditors are objective and provide findings and opinions unaffected by bias, prejudice, compromise and personal or corporate conflicts of interest;
Auditors work to verify and encourage openness and honesty in financial and other company reporting;
Auditors ask the directors to report any material information that may legitimately be disclosed to assist the understanding of users of an audit report, and, if necessary, disclose it themselves;
Auditors provide appropriate challenge to management, assessing critically information and explanations received for signs of over-optimism, judgmental bias or possible fraud;
Auditors’ reports contain clear findings and expressions of opinion setting out all information necessary for a proper understanding of the opinion and its basis; and
Auditors’ reports give transparency to any differences of view with management and how they were resolved.

Government response and consultation questions

6.3.4 The government welcomes the proposal for an overarching set of audit principles, applying to all those carrying out corporate auditing. The Brydon Review noted that some recent FRC sanctions against auditors referenced breaches of the professional accountancy bodies’ ethical principles^{[footnote 140]}, demonstrating that such principles are enforceable in practice.

6.3.5 As noted above, the government agrees that audit needs to change along the lines proposed by the Brydon Review, and that the lack of spontaneous change to date suggests that intervention is required to achieve this. The government is therefore minded to introduce a new legal framework to empower the regulator to set and enforce new principles of corporate auditing that would apply to both statutory auditors and those appointed to provide auditing services via the AAP. It commends the principles suggested by the Brydon Review as a starting point for the regulator’s consideration, along with responses to this consultation.

Question 40. Would establishing new, enforceable principles of corporate auditing help to improve audit quality and achieve the government’s aims for audit? Do you agree that the principles suggested by the Brydon Review would be a good basis for the regulator to start from?

6.3.6 It will be important for auditors to understand how the proposed legal framework for principles will interact with existing requirements such as auditing standards which apply to statutory auditors. The government interprets the Review’s intention as giving the principles a form of priority over other existing requirements. For example, an auditor who has met the letter of auditing standards but has not done so in a way that is compatible with the principles would be subject to sanction, whereas an auditor who – exceptionally – had failed to comply with the letter of standards in order to comply with the principles would be able to justify their conduct.

6.3.7 The government is minded to follow the broad approach recommended by the Brydon Review, but is keen to understand potential downsides (e.g. potential for significant divergence from international standards), mitigations and alternatives before committing to it. For example, any cases of divergence from standards to meet the principles might need to be cleared with the regulator rather than simply done at the auditor’s discretion.

Question 41. Do you agree that new principles for all corporate auditors should be set by the regulator and that other applicable standards or requirements should be subject to those principles? What alternatives, mitigations or downsides should the government consider?

6.4 Tackling fraud

The Brydon Review identified fraud and auditors’ related responsibilities as the most complex and misunderstood of all the topics the Review covered. It proposed a package of measures, including greater clarity regarding the respective roles of directors and auditors, to restore public confidence in auditors’ work. The government agrees that a holistic approach is needed in relation to fraud.

6.4.1 A company’s directors are responsible for approving the company’s annual accounts, having satisfied themselves that they give a true and fair view of the company’s financial position and performance^{[footnote 141]}. They are also responsible for safeguarding the assets of the company and expected to take reasonable steps to prevent and detect any material fraud. Such actions may include undertaking an appropriate fraud risk assessment and responding appropriately to identified risks; promoting an appropriate corporate culture and corporate values; and ensuring appropriate controls are in place and operating effectively.^{[footnote 142]}

6.4.2 In line with the Brydon Review’s recommendation^{[footnote 143]}, and to improve transparency as to the measures directors are taking in relation to fraud, the government proposes to legislate to require directors of Public Interest Entities to report on the steps they have taken to prevent and detect material fraud^{[footnote 144]}.The government believes this will reinforce directors’ primary responsibility for fraud prevention and detection and may also, in some cases, enhance their focus on the risks relating to fraudulent financial reporting. It will discuss with the FRC and other interested parties the need for supporting guidance for directors to be developed and issued (for example, for premium listed companies, through the UK Corporate Governance Code).

Auditors’ responsibilities regarding fraud detection

6.4.3 Statutory auditors are required to take certain steps where they suspect that irregularities including fraud may have occurred in relation to the financial statements of a Public Interest Entity.^{[footnote 145]} They must inform the audited entity, invite it to investigate the matter and, if the entity fails to take action, inform the FRC.

6.4.4 The Brydon Review identified “both confusion and a gap between the reality and the expectations of performance of auditors [regarding detecting material fraud]”^{[footnote 146]}. To dispel such confusion, it recommended that the regulator amend the auditing standard on fraud “to make clear that it is the obligation of an auditor to endeavour to detect material fraud in all reasonable ways”^{[footnote 147]}. The FRC has considered this recommendation as part of a wider review of the UK auditing standard on fraud^{[footnote 148]} and is currently consulting on proposed revisions to this standard which will address it^{[footnote 149]}.

Auditor reporting on fraud

6.4.5 In line with the Brydon Review’s recommendation^{[footnote 150]}, the government intends to legislate to require auditors of Public Interest Entities, as part of their statutory audit, to report on the work they performed to conclude whether the proposed directors’ statement regarding actions taken to prevent and detect material fraud is factually accurate^{[footnote 151]}. Such reporting will enable users to understand the nature and extent of the work performed and the evidence obtained by the auditors relating to the actions which the directors state they have taken.

6.4.6 The Review also recommended that auditors be required to report on the steps they took to detect any material fraud and assess the effectiveness of relevant controls^{[footnote 152]}. The government supports this recommendation which complements the proposed obligation for directors to report on the actions they have taken. It will therefore discuss with the FRC the changes to company law and/or the auditor reporting standards which will be needed to give effect to it.

Auditor education and skills

6.4.7 The Brydon Review found that auditors’ mindset and skillset needed to change if public expectations regarding their role in detecting fraud were to be reconciled with their performance in practice. It recommended that fraud awareness and forensic accounting training form part of the qualification and continuous learning process for financial statement auditors, with parallel training being developed for auditors whose expertise lies in other areas.^{[footnote 153]}

6.4.8 The government notes that the findings of a 2013 FRC review of auditors’ identification of and response to fraud risks also indicated a need to take action to change both auditors’ mindset and skillset. The FRC review found evidence of a presumption by auditors that fraudulent financial reporting was unlikely to arise^{[footnote 154]} and that auditors tended to view fraud-related audit procedures as a compliance exercise rather than an important part of their audit. It recommended that audit firms provide more frequent and up-to-date training on fraud.

6.4.9 The FRC plans to consider, together with the professional bodies, how the current regulatory framework for auditor education and continuing professional development can be strengthened to embed fraud awareness training throughout auditors’ careers. Greater use of forensic accounting expertise on audits, in particular where specific fraud risks have been identified, is also likely to improve audit effectiveness (as also referenced in the findings of the FRC’s 2013 review). The government will therefore discuss with the FRC and the professional bodies what action is needed to achieve this.

6.4.10 The Brydon Review further recommended that an accessible case study register of corporate frauds be maintained by the regulator to enable auditors to learn from such cases^{[footnote 155]}. The government believes that a fraud register could well be a useful education tool for auditors and that auditors should collectively seek to take forward such an initiative, with the regulator providing any necessary input.

Enforcement decisions

6.4.11 The Brydon Review identified “a deep anxiety that, as the role of the auditor explicitly involves increased focus on fraud detection, failure to find fraud is judged in hindsight in a prejudiced manner”. It emphasised a need for the framework in place for judging the culpability of the auditor to be trusted as impartial and reasonable and therefore recommended establishing an independent panel to determine any sanctions^{[footnote 156]}.

6.4.12 Confidence in the integrity and independence of the processes for determining any sanctions to be imposed on auditors in relation to undetected corporate frauds is, of course, essential. The government notes, however, that the FRC’s Audit Enforcement Procedure already provides for an independent and impartial decision-making Tribunal, comprising members with appropriate experience and expertise, and is not aware of any concerns being raised as to how similar Tribunals under the Accountancy Scheme reached their decisions^{[footnote 157]}.

6.4.13 The government is therefore unconvinced that the arrangements for determining the culpability of auditors in fraud-related cases should differ from those applying in other cases. It will consider this matter further, however, in the light of the responses to this consultation.

Question 42. Do you agree with the government’s proposed response to the package of reforms relating to fraud recommended by the Brydon Review? Please explain why.

6.5 Auditor reporting

The government believes, in the light of the Brydon and FRC Reviews, that auditors should provide users with more meaningful and useful opinions and information. Auditors should seek to report in a clear, concise and transparent manner to increase the value of their reports to shareholders and other users.

Enhancing auditor reporting, including graduated findings

6.5.1 When auditors produce their report, they are putting forward a professional judgement on evidence. Users of the report can therefore benefit from additional information about how that judgement was reached: how the audit was conducted and how certain risks have been factored into the auditor’s judgement.

6.5.2 The Brydon Review made a number of specific recommendations for improvements to auditor reporting. These include auditors being required to report on the following areas:

The extent to which their audit work was informed by external signals of an enhanced risk profile for the company whose financial statements were being audited (Brydon Review paragraph 16.4).
An update on Key Audit Matters reported in the previous 2 years, along with how the company has responded to deficiencies identified in the prior year’s audit (17.3.3).
The reasons for and basis of any sampling techniques used in the audit (24.1.11).
The number of hours spent conducting the audit, analysed by level of seniority (25.2.5).
Any risks omitted from the Risk Report which the auditor considers to be significant (9.1.6).
In the light of the auditor’s knowledge of the company and its processes, whether the company’s section 172 statement^{[footnote 158]} reflects ‘observed reality’ (8.4.3).

6.5.3 The FRC Review noted that the inclusion of ‘graduated findings’^{[footnote 159]} in an auditor’s report could ensure greater transparency regarding conclusions reached, ultimately providing more information with which shareholders can challenge management. It also noted, however, an apparent lack of appetite amongst companies for such reporting by auditors. The Review recommended that the regulator consult appropriately on requiring further enhancements to auditor reporting, including the reporting of graduated findings^{[footnote 160]}.

6.5.4 The Brydon Review recommended that “the evolution of graduated findings be left to the marketplace for audit services”^{[footnote 161]}, with Boards reflecting their decisions (after taking account of shareholders’ views) in their Audit and Assurance Policy. It suggested that allowing freer form reporting to develop was likely to lead to users being better informed, while requiring a particular type of ‘graduated findings’ to be reported was more likely to lead to a new form of boilerplate. It also noted that a choice of product for directors would be good for competition in the audit market. The Review concluded that the proposed Principles of Corporate Auditing, rather than more rules, should inform auditor behaviour in this area^{[footnote 162]}.

6.5.5 The proposed new duty for the auditor to consider wider information (paragraph 6.1.10 above) should encompass assessing external signals of an enhanced risk profile for the company, any significant risks omitted from the Risk Report, and whether the company’s section 172 statement reflects ‘observed reality’.

6.5.6 The FRC has agreed to consider the recommendations of the Brydon Review and the FRC Review relating to auditor reporting holistically and will consult, as appropriate, on any proposed changes to its standards. In doing so, it will seek to balance promoting innovation and competition amongst auditors with the potential benefits, in terms of comparability between companies, of a common framework for enhanced reporting.

Question 43. Will the proposed duty to consider wider information be sufficient to encourage the more detailed consideration of i) risks and ii) director conduct, as set out in the section 172 statement? Please explain your answer.

Reporting new information

6.5.7 Currently auditors rely on the information reported on by an audited company’s directors. If auditors are to take into account a wider range of information in order to reach better-informed judgements, this raises the question of whether and how they should also report the additional information used. However, this information is potentially market-sensitive, so the benefits of orderly disclosure need to be weighed against the need to guard against the risks of inappropriate release of the information.

6.5.8 The Brydon Review recommended that auditors should be free to report new information materially useful to a wide range of users, in their audit report and at the AGM, rather than be confined to commenting solely on the information reported on by the directors^{[footnote 163]}. This was linked to a suggestion that the proposed Principles of Corporate Auditing could require auditors to ask the directors to report any material information that may legitimately be disclosed to assist users’ understanding and, should the directors decline to do so, disclose it themselves^{[footnote 164]}.

6.5.9 Under the Market Abuse Regulation (MAR), issuers (e.g. companies whose shares are quoted on a regulated market)^{[footnote 165]} are obliged to disclose inside information to the public as soon as possible. Issuers are not required to notify the FCA. Issuers can decide to delay the disclosure of inside information if immediate disclosure is likely to prejudice the legitimate interest of the issuer, the delay is not likely to mislead the public and the issuer is able to ensure the confidentiality of that information. The issuer is required to notify the FCA if it delayed the disclosure of inside information, immediately after that information is disclosed to the market. The issuer can only disclose inside information to any third party in the normal course of their employment, profession, or duties. The person receiving that information would owe a duty of confidentiality regarding that inside information.

6.5.10 The Brydon Review took the view that directors would be very unlikely to persist with non-disclosure of any other information that their auditors considered materially useful to a wide range of users, if advised that the auditors would otherwise disclose it in their report^{[footnote 166]}. The Review also noted that some auditors interpret an auditor reporting standard^{[footnote 167]} as directing them not to disclose any new information about the company but to request management or the directors to do so instead where considered necessary; it suggested this interpretation was arguable, and that auditors were not constrained from providing their own inferences and opinions^{[footnote 168]}.

6.5.11 The Brydon Review draws an important distinction between regulated systemically important companies and all other companies. In respect of the former, it proposes that the auditor be required to first report non-public information to the relevant regulator (likely to be the PRA and/or the FCA). The regulator should then advise on public disclosure, with a presumption in favour of this unless it would clearly be contrary to the public interest^{[footnote 169]}. As noted above, this is different to the approach in MAR for the handling and disclosure of inside information.

6.5.12 The FRC’s review of its auditor reporting standards will examine the need to address any ambiguity regarding auditors’ ability to disclose new information about the company. The proposal that auditors be required to disclose in their report certain information meeting a materiality test in terms of its likely value to users^{[footnote 170]}, if the directors decline to do so, gives rise to issues regarding its consistency and compatibility with requirements under the MAR for the handling and disclosure of inside information. Issuers would breach their obligations under MAR if they did not disclose inside information as soon as possible to the public or if their decision to delay the disclosure of inside information did not meet the relevant conditions in MAR. Accordingly, the complex interaction of the Review’s proposal and the current law on market abuse needs to be explored further. If the FRC decides to take this proposal forward, therefore, it will need to discuss this matter further with the FCA (before deciding whether to consult, in due course, on introducing any such requirement).

6.6 True and fair view requirement

Use of ‘true and fair view’

6.6.1 As set out above, directors must only approve a company’s annual accounts if they are satisfied that they “give a true and fair view of the assets, liabilities, financial position and profit or loss” for the company and/or the group^{[footnote 171]}. Statutory auditors are in turn required to report on whether, in their opinion, the annual accounts give a true and fair view of the company/group’s financial position and profit or loss for the financial year^{[footnote 172]}.

6.6.2 Giving ‘a true and fair view’ is a longstanding requirement in company legislation but its meaning is not expressly defined. The FRC has obtained various legal opinions in recent years and issued guidance, for directors and auditors, on applying ‘true and fair’ in practice^{[footnote 173]}.There is also an overarching requirement in International Financial Reporting Standards for the financial statements to give a fair presentation of financial position and performance^{[footnote 174]}. The FRC’s view – as reflected in its guidance and auditor reporting standards^{[footnote 175]} – is that the ‘true and fair view’ and ‘fair presentation’ requirements are different articulations of the same test.

6.6.3 The Brydon Review recommended replacing the “true and fair view” wording in the Companies Act 2006^{[footnote 176]} with “present fairly, in all material respects”, the latter being the alternative form of wording recognised internationally and used in some other major jurisdictions. It considered that the “present fairly” wording better reflected the purpose now served by financial statements, which typically reflect a number of forward-looking accounting estimates and judgements and therefore cannot be ‘true’ in a literal sense^{[footnote 177]}. The Review considered that the use of the phrase ‘true and fair view’ confuses rather than informs some users of audit reports.

6.6.4 The Review also recommended that a new user guide to audit be developed by the regulator, with input from the Plain English Campaign, to explain clearly the meaning of the different elements of an audit report; and that it should be signposted in every Annual Report^{[footnote 178]}.

6.6.5 The government supports developing a new user guide to audit and the FRC has agreed to take this forward. The government considers this is likely to prove more effective in improving user understanding than replacing ‘true and fair’ in audit reports with ‘present fairly, in all material respects’. Changing the wording of the legislative test also carries the risk of unintended consequences. A new user guide could explain how the true and fair requirement is applied by auditors in practice, making clear that this involves an assessment of whether key accounting estimates and judgements underlying the numbers reported in the financial statements are both reasonable and adequately disclosed.

‘True and fair override’

6.6.6 International Financial Reporting Standards and UK Generally Accepted Accounting Practice are both ‘fair presentation’ financial reporting frameworks which recognise that achieving a fair presentation, or a true and fair view, may require providing disclosures beyond those specified or, exceptionally, departing from a relevant requirement of the framework. Such a departure is referred to as invoking the ‘true and fair override’.

6.6.7 It is now very rare in practice for directors or auditors to conclude that meeting the true and fair view requirement necessitates a departure from a relevant requirement of the financial reporting framework. IFRS and FRC guidance both indicate that, while additional disclosures may sometimes be needed, in the vast majority of cases compliance with the requirements of accounting standards should be consistent with giving a true and fair view.

6.6.8 The Brydon Review considered the ‘true and fair override’ to be a valuable safety valve, requiring both directors and auditors to exercise judgement beyond assessing compliance with the applicable financial reporting framework. It recommended that auditors apply the proposed new Principles of Corporate Auditing in judging the appropriateness of its use or proposed use by directors^{[footnote 179]} (which might, in turn, lead to directors giving greater consideration as to whether departing from a requirement of the framework is necessary to achieve a true and fair view).

6.6.9 As set out above in relation to audit purpose, the government agrees that the consideration of ‘true and fair’ needs to go beyond nominal compliance with the financial reporting framework, with the possible need to provide additional disclosures being an important element of this. However, it is not aware of any systemic issues in this respect and believes that the bar for justifying a departure from a requirement of the framework needs to be set at a high level.

Question 44. Do you agree that auditors’ judgements regarding the appropriateness of any departure from the financial reporting framework proposed by the directors should be informed by the proposed Principles of Corporate Auditing? What impact might this have on how both directors and auditors assess whether financial statements give a true and fair view?

6.7 Audit of Alternative Performance Measures and Key Performance Indicators linked to executive remuneration The government recognises that companies and their shareholders may wish to obtain specific assurance on Alternative Performance Measures (APMs) and Key Performance Indicators (KPIs) reported within and outside the Annual Report, beyond any arising from the statutory audit requirement for the financial statements.

6.7.1 APMs are measures which are used by companies to report on their performance but which are not prescribed by the relevant financial reporting framework nor currently included in financial statements^{[footnote 180]}. They include, for example, ‘adjusted’ or ‘underlying’ profit measures which do not reflect certain costs required to be recognised under accounting standards. APMs are often given a high degree of prominence in public communications and are typically included in investor briefings and preliminary announcements, for example, as well as in the ‘front half’ of the Annual Report.

6.7.2 KPIs which are linked to executive remuneration can be financial and/or non-financial in nature and, in the financial sector, may include metrics such as regulatory capital and liquidity. Quoted companies have to produce an annual Directors’ Remuneration Report (DRR) which must include details of the performance measures used to determine executive pay. This part of the DRR is already within the scope of a statutory audit, the auditor being required to state whether the information provided on performance measures and targets linked to remuneration complies with the relevant legislative requirements.

6.7.3 A survey of investors commissioned for the Brydon Review identified APMs and any KPIs reported which are linked to executive remuneration as areas in which there was support for extending the scope of the statutory audit; and the Review recommended that companies be required to have both of these audited. The Review also concluded, however, that requiring the calculation of risk weighted assets (which links directly to regulatory capital requirements) to be audited would be disproportionate^{[footnote 181]}.

6.7.4 The International Accounting Standards Board (IASB) has consulted^{[footnote 182]} on requiring companies to disclose ‘Management Performance Measures’ (MPMs) in a single note to the financial statements, explaining why they provide useful information, how they are calculated and how they can be reconciled to the most comparable IFRS measure. It notes that investors have called for improved disclosures regarding such measures. If taken forward, the IASB’s proposals will bring such disclosures within the scope of the statutory audit.

6.7.5 The IASB defines MPMs as subtotals of income and expenses not specified by International Financial Reporting Standards (IFRS) which communicate management’s view of an aspect of financial performance. This would not include all APMs or financial KPIs but the proposed scope of the financial statements note extends to MPMs communicated outside the Annual Report, such as in investor presentations.

6.7.6 The FRC has published its response to the IASB’s consultation^{[footnote 183]}. If the IASB issues a new IFRS which includes a requirement along these lines, it will be for the new UK Endorsement Board to decide whether it should be adopted in the UK and for the FRC to decide whether to introduce any similar requirement in UK Standards. This may, in turn, mean that some APMs/financial KPIs are brought within the scope of the statutory audit, including any MPMs which are currently only reported outside the Annual Report.

6.7.7 The proposed Audit and Assurance Policy (AAP) process will empower investors to ask companies to obtain specific assurance on APMs and KPIs linked to remuneration, beyond any arising from the statutory audit of the financial statements, should they wish to do so. In addition, the part of the DRR which details the performance measures used to determine executive pay is already within the scope of the statutory audit. To maintain proportionality, therefore, the government does not propose to introduce any further audit requirement. It would welcome views, however, as to the effectiveness of the existing audit requirement for part of the DRR and whether this could be improved to promote better disclosure of financial metrics.

6.7.8 The government also notes that companies may wish to engage a different firm to provide specific assurance on APMs or KPIs linked to remuneration, in particular non-financial KPIs for which specialist expertise is needed (e.g. employee satisfaction metrics, carbon emissions or oil reserves). It therefore cannot be assumed that the statutory auditor is always best placed to provide any assurance which companies and their shareholders may wish to obtain. The Audit and Assurance Policy will enable companies to explain their rationale for proposing to engage a particular firm and invite shareholders’ views as appropriate.

Question 45. Do you agree that the need for specific assurance on APMs or KPIs, beyond the scope of the statutory audit, should be decided by companies and shareholders through the Audit and Assurance Policy process?

Investor presentations and RNS announcements

6.7.9 The Brydon Review recommended that auditors be required to read and consider material outside the Annual Report used in investor presentations and Regulatory News Service (RNS) announcements and report if they consider it to be materially misstated^{[footnote 184]}. Auditors are believed typically to consider such material in practice already, although there is no specific requirement for them to do so and no existing reporting obligation.

6.7.10 The government notes that a ‘read and consider’ requirement for such material would not provide any meaningful assurance to users and believes that formalising existing practice is unlikely to be of substantive benefit to investors and other users of audit reports. There is also a risk that a ‘read and consider’ requirement could lead some users to wrongly believe that this material is within the scope of the statutory audit. The AAP process will enable companies and investors to seek specific assurance on such material, as well as on information within the ‘front half’ of the Annual Report, if they wish. This should provide the necessary clarity for users as to whether the auditor is providing any level of assurance regarding this material.

6.8 Auditor liability

The government welcomes the Brydon Review’s recommendation that a structured dialogue begin involving both investors and auditors about any obstacles to audit innovation arising from the current statutory liability regime and how to overcome them.

Liability Limitation Agreements

6.8.1 Auditors may enter into a ‘liability limitation agreement’ (‘LLA’) to limit their liability in relation to an audit provided that it meets certain requirements and does not limit the auditor’s liability to an amount which is less than fair and reasonable^{[footnote 185]}. The Review noted that very few, if any, such agreements have been entered into since these provisions were enacted in 2006, with one view being that directors believe they would be in breach of their general duties if they recommended that shareholders authorise such an agreement^{[footnote 186]}. To address this, the Review recommended that the Act make clear that directors will not be in breach of their duties if they recommend, in good faith, that the company’s members authorise an LLA^{[footnote 187]}.

6.8.2 As the Review indicates, however, this is unlikely to be the sole barrier to companies entering into LLAs with their auditors. The government considers it already to be the case that directors who recommend an LLA to shareholders in good faith will not be in breach of their duties. It therefore welcomes views from directors themselves, investors and auditors as to why LLAs have not generally been agreed and whether the relevant statutory provisions are serving a useful purpose.

Question 46. Why have companies generally not agreed LLAs with their statutory auditor? Have directors been concerned about being judged to be in breach of their duties by recommending an LLA? Or have other factors been more significant considerations for directors?

Liability and innovation

6.8.3 The Brydon Review identified that a barrier to audit becoming more useful and informative may be perceptions that audit innovation, beyond what is currently mandated in law or standards, may increase auditors’ exposure to litigation^{[footnote 188]}. It therefore recommended that a new dialogue begin between investors and auditors regarding an auditor liability regime that will facilitate a more informative audit^{[footnote 189]}. It suggested this should also cover other liability issues arising, for example, from the CMA’s proposals to promote competition in the audit market. The government agrees that such a dialogue is likely to be helpful and that it should extend to the market opening measures proposed in Chapter 8 (in particular, the introduction of managed shared audits); and potential issues relating to statements made by auditors on ceasing to hold office, and in response to questions at AGMs, discussed in Chapter 7. It considers, however, that the views of directors and other users of audit reports should also be sought. The proposed Audit Users Review Board^{[footnote 190]} may facilitate such a broader dialogue.

6.8.4 The current statutory regime which limits the extent to which companies and auditors can agree to exclude or limit an auditor’s liability applies only in relation to the audit of the financial statements^{[footnote 191]}. As set out above, the Brydon Review recommended only limited extensions to the scope of statutory audit, proposing instead a new process (the Audit and Assurance Policy) for companies and shareholders to decide on any wider assurance they wish to obtain from auditors. It also proposed that, while auditors should recognise that non-shareholders will make use of their report, their legal liability should not be extended beyond that owed to the shareholders as a body^{[footnote 192]}. The government intends that company directors and auditors should remain free to agree whatever liability arrangements they consider appropriate for all non-statutory engagements to ‘assure and inform’ the users of corporate information.

Question 47. Are auditors’ concerns about their exposure to litigation likely to constrain audit innovation, such as more informative auditor reporting, the level of competition in the audit market (including new entrants) or auditors’ willingness to embrace other proposals discussed in this consultation? If so, in what way and how might such obstacles be overcome?

6.9 A new professional body for corporate auditors

The Brydon Review identified that there is currently no separate professional body for external auditors. Instead, today’s statutory auditors are required to be members of one of a handful of professional accountancy bodies, reflecting their traditional focus on financial statement audits.

Corporate auditing, with a new ethos and wider scope, will require tomorrow’s auditors to include individuals with different skillsets. A new professional body for auditors of all corporate information could also help to elevate the status of auditors and reinforce their ethical and public interest obligations.

The government therefore proposes to put an appropriate framework in place to facilitate the establishment of a new professional body for external auditors of all types of corporate information.

Background

6.9.1 As set out above, statutory audit work is a distinct part of a wider set of ‘assurance services’ which may be provided by auditors and others. The statutory auditor of a Public Interest Entity may also provide some other assurance services to that company, subject to (among other things) restrictions and disclosure requirements set out in the FRC’s Ethical Standard.

6.9.2 As noted above, the Brydon Review proposes a new process, the Audit and Assurance Policy, for a company to identify information outside the financial statements that it wishes to have audited, as well as information that will be assured in other ways. As discussed, the government is minded to introduce a regulatory framework for all corporate auditing covering both audits of financial statements (referred to as statutory audit) and other types of information which companies decide to have audited via the Audit and Assurance Policy process (‘wider audit’).

6.9.3 The Brydon Review concluded that the corporate auditors of the future would need to include some individuals with different professional skills to today’s statutory auditors of financial statements. The Review recommended setting up a new profession to encompass all corporate audit professionals with appropriate education and authorisation^{[footnote 193]}. This contrasts with the current regulatory framework under which all auditors have to possess an audit qualification granted by 1 of the 5 professional accountancy bodies which are Recognised Qualifying Bodies (RQBs)^{[footnote 194]} and all auditors and firms have to be registered with 1 of the 4 Recognised Supervisory Bodies (RSBs)^{[footnote 195]}.

6.9.4 To support its proposed new profession, the Brydon Review recommended that the regulator facilitate the setting up of a new professional body for corporate auditors and act as the statutory supervisory body for the new audit profession:

In the first instance such a new profession for [corporate] auditors would best be achieved by a statutory regulatory body establishing the rules. It may well be that, in due course, those authorised earn the right to organise themselves into a profession with various strands of specialisation and their own governance, the legitimacy of which would be bestowed on them by the regulator. The government is committed to establishing ARGA and it would be appropriate for this body to establish the governance, setting of principles, education standards and authorisation of this new profession.

Accordingly, I recommend that ARGA acts as the midwife to create a new profession of corporate auditing, establishing the necessary professional body, to encompass today’s auditors and others with appropriate education and authorisation. ARGA would be the statutory supervisory body for that profession.

– Brydon Review, paras 6.0.9-6.0.11

6.9.5 The Review also recommended that the regulator ensures education and training takes place consistently across the new corporate auditing profession^{[footnote 196]}, prioritising the development of a specific auditor qualification^{[footnote 197]}, with an auditor’s authorisation to carry out particular types of corporate audit flowing from tailored qualifications which they have achieved^{[footnote 198]}.

6.9.6 For many professions, the skills and competences required to perform a service are accredited by a professional body. Royal charters have been granted to some professional bodies in recognition of a public interest role which they play. Membership of professional bodies is restricted to those who have demonstrated their competence, for example by completing the required level of practical experience and passing professional exams. Governance structures of professional bodies typically provide for significant member input at all levels and may also seek to reflect the different specialisms of members^{[footnote 199]}.

6.9.7 Members of a professional body are generally required to uphold certain professional standards, undertake continuing professional development (CPD) appropriate to their role and observe a Code of Ethics set by the body. Members can be disciplined or expelled by the body for failing to uphold the expected standards or otherwise acting in a way likely to bring the profession into disrepute.

Government response and consultation questions

The case for a professional body for corporate auditors

6.9.8 The government accepts the Review’s conclusion that corporate auditors would be more likely to acquire the skills and attitudes needed to deliver better audit if they were members of a professional body which was focused solely on audit. The arguments made by the Review about audit being treated as a subset of accountancy rather than as a distinct profession are focused specifically on statutory audit. An expansion of audit to new areas of what is currently termed assurance, as discussed above, would in many cases require appropriate additional training and certification of auditors of the information concerned.

6.9.9 A dedicated professional body, or bodies, for auditors could help establish a pool of people with the necessary skills and attitudes to conduct the different types of corporate auditing the Review envisages. It would also clarify and, arguably, elevate the status of corporate auditors as professionals with a public interest remit. This should assist with the recruitment and retention of high calibre individuals looking to build a career in audit, thereby supporting the delivery of higher quality, more effective audit in line with the government’s objectives. The government is therefore of the view that creation of a new dedicated professional body would benefit statutory audit, and would be highly desirable if not essential for the development of wider audit.

6.9.10 As a result, the government believes that a new, distinct professional body for corporate auditors should be created to help create a climate for wider audit and enable good audit practice to thrive across corporate audit disciplines. The Review makes a strong case^{[footnote 200]} for the distinctive mindset and range of skills that corporate auditors will need. In the case of statutory auditors there will be a continuing need for expertise in financial reporting, while corporate auditors of other information will need other skills and subject matter expertise. The qualifications and continuous learning framework for members of the new profession will also need to ensure that all auditors have a core set of audit-specific skills and experience.

Question 48. Do you agree that a new, distinct professional body for corporate auditors would help drive better audit? Please explain the reasons for your view.

A new professional body for corporate auditing

6.9.11 The expansion of audit to corporate auditing is a significant change, and is likely to require significant change to the current professional arrangements for audit. Such a change would require both government to ensure an appropriate legal framework is in place and the regulator’s involvement in the development and operation of the new regime. It is nonetheless vital that audit practitioners – and prospective audit practitioners – are at the heart of developing new arrangements. It will also be important to seek to avoid any disruption to the continued availability of suitably trained and registered auditors, including making appropriate provision for any necessary transitional arrangements over a suitable time period. Some options are considered below.

6.9.12 In principle, a new corporate auditing profession could arise organically without a new professional body being required, through increasing numbers of people undertaking wider audit activities and relevant standards being developed by the regulator in the manner envisaged in section 6.2 on audit scope above. Accountancy bodies could begin to serve new entrants to the profession, as well as maintaining their role as providers of approved qualifications and as supervisory bodies in relation to statutory auditors. This would require the existing bodies to provide subject matter CPD outside of matters linked to the financial statements; their willingness and ability to do so has not yet been tested. However, the government notes the Review’s report of ‘scepticism’ that establishing a new profession would be successful if left to the accounting profession alone^{[footnote 201]}. On this view, it looks unlikely that organic growth of corporate auditing would fully deliver the government’s objectives.

6.9.13 Auditors have to be members of, and obtain qualifications from, professional accountancy bodies formally recognised by the regulator in order to perform statutory audits of a company’s accounts. It would be possible to achieve some of the benefits of reform by requiring in legislation that the regulator only ‘recognise’ bodies which have certain rules in place (for example adoption of a set of audit principles with which their members must comply when carrying out corporate audits). However, simply enforcing compliance with the principles might not lead to bodies promoting the benefits of the ‘wider audit’ discussed above or developing the training needed to underpin higher standards of audit (though the latter could potentially also be made a requirement). The establishment of a distinct professional body therefore has potential to do more.

6.9.14 Another way to address the issue of reliance on the accountancy professional bodies would be to require separation as between the functions of those bodies in relation to auditors and their functions relating to other members. However, there are risks that effecting the functional separation of these bodies might not create the cultural and other separation that the Review saw as essential to delivering the intended benefits of reform. There is also a risk that professional bodies could simply opt to cease supervising and providing qualification to statutory auditors, which would not be an acceptable outcome unless there were appropriate alternative supervision and qualification arrangements.

6.9.15 A cleaner break with audit’s ties to accountancy might involve requiring that corporate auditors are members of an audit professional body that is not an accountancy professional body, and have qualifications from a body providing only audit qualifications. Auditors of financial statements would still require a suitable accountancy qualification in order to practise, and those accountancy qualifications would continue to be provided by the existing professional bodies. Both auditors of financial statements and other corporate auditors would also require an audit qualification from a separate audit body. This separation would not necessarily rule out an accountancy body acting as a training provider for an audit body, or vice versa, but is intended to require that the professional skills requirements for the new audit profession are set and validated by auditors not accountants.

6.9.16 Separation of audit and accountancy bodies would impact on the current designation of accountancy bodies as RQBs and RSBs, and in turn would mean changes to the current arrangements for oversight and sanctioning of statutory audit. The availability of suitably trained and registered auditors would need to be maintained, including providing clarity to prospective accountants and auditors about their training and career options. Achieving a smooth transition from the current situation where only professional accountancy bodies are recognised to supervise and provide qualifications to auditors could therefore present significant challenges. Nonetheless, the government is currently attracted to the potential for this option to deliver a genuinely distinct, reformed and expanded audit profession.

Question 49. What would be the best way of establishing a new professional body for corporate auditors that helps deliver the government’s objectives for audit? What transitional arrangements would be needed for the new professional body to be successful?

Question 50. Should corporate auditors be required to be members of, and to obtain qualifications from, professional bodies that are focused only on auditing?

6.9.17 The Brydon Review envisages a single new professional body for corporate auditors, with the intention that it takes over functions specific to audit from the professional accountancy bodies in a managed transition. The government believes that the existing professional bodies will have an important role to play in achieving this goal, however, alongside current and prospective auditors. The Review recommended that the regulator play a central role in setting up the new professional body, notwithstanding the independent supervisory role it will need to take on once the new body is established.

6.9.18 While in principle more than one new audit professional body could be created, the government’s initial view is that any benefits that might be gained from this would be outweighed by the greater complexity of establishing multiple bodies and a loss of cohesion in the new profession.

6.9.19 A further option would be for the new professional body to focus on PIE auditors only. The government believes, however, that this would also involve greater complexity as well as effectively creating a two-tier audit profession, which it does not view as a desirable outcome.

Question 51. Do you agree that a new audit professional body should cover all corporate auditors, not just PIE auditors?

Question 10

7.  Audit Committee Oversight and Engagement with Shareholders

Accepted Answer

Professional scepticism and the ability to exercise constructive challenge are both key in delivering quality audits. The CMA Review and Kingman Review noted that the commercial relationship between a company’s audit committee and its chosen auditor could result in a lack of that professional scepticism being exercised by both parties.

The government proposes to give ARGA powers to set additional requirements as to the audit committee’s role in the appointment and oversight of auditors to ensure the committee acts effectively as an independent body responsible for safeguarding the interests of shareholders and other users of accounts. The government is also proposing regulatory powers for ARGA where problems exist, such as when an auditor resigns, when a public interest entity (PIE) is unable to find an auditor and when a persistent issue with audit quality is identified.

In responding to the Brydon Review, the government has also set out a number of new measures which will encourage greater dialogue and transparency between a company and its shareholders; empowering shareholders to engage more with improving audit quality.

7.1 Audit Committees – role and oversight

The government agrees with the CMA that ARGA should be given powers to set, monitor and enforce compliance with additional requirements for audit committees in the appointment and oversight of auditors. This will help to ensure the committee acts effectively as an independent body responsible for safeguarding the interests of shareholders and other users of accounts.

7.1.1 Most PIEs are required to establish an audit committee (or body performing equivalent functions)^{[footnote 202]}. The audit committee is independent of the company’s board,^{[footnote 203]} and acts as an important safeguard in protecting the interests of the company’s shareholders in relation to the company’s external audits.

7.1.2 The audit committee (or equivalent body) has a specific role in the appointment of a PIE’s external auditor. They are required to carry out a prescribed selection process after which they make a recommendation to the board as to who should be appointed as the company’s auditor.^{[footnote 204]}

7.1.3 The audit committee (or equivalent body) must also carry out various other functions in relation to the appointment and oversight of a PIE external auditor including^{[footnote 205]}:

making recommendations to the board as to the auditor’s fee and terms of engagement
reviewing and monitoring the auditor’s independence and objectivity
reviewing the effectiveness of the audit
informing the board as to the outcome of the audit

7.1.4 The FRC produces guidance on audit committees which is intended both to assist company boards in implementing their obligations in relation to audit committees, and to assist directors serving on audit committees in carrying out their role.^{[footnote 206]}

7.1.5 The CMA study recommended that audit committees should come under greater scrutiny by ARGA. This should include ensuring audit committees’ work, in selecting and overseeing auditors, is focused on audit quality. The government agrees with the CMA and proposes to give the regulator the power and duty to mandate requirements for the appointment and oversight of auditors, as well as a role in monitoring compliance with those requirements and in enforcing them.

7.1.6 The FRC produces guidance on audit committees which is intended to assist both company boards in implementing their obligations in relation to audit committees, and directors serving on audit committees in carrying out their role.

Review recommendations and consultation responses

CMA market study

7.1.7 The CMA market study considered that audit committees have a vital role to play in selecting and managing the performance of auditors to ensure that they maintain professional scepticism, challenge directors, and deliver high quality audits. However, they found that there was significant variation in the performance of audit committees within FTSE 350 companies. They considered the existing requirements applying to audit committees to be insufficient.

7.1.8 The CMA study highlighted concerns that when tendering for audits, audit committees were not consistently prioritising scepticism and challenge over ‘cultural fit’ and ‘chemistry’; and that management were significantly involved in the tender process. In relation to ongoing audits, the CMA study found that it was hard for audit committees to directly observe the quality of the audit work undertaken and that there was significant variation in the resources available to audit committees and the effectiveness of their oversight.

7.1.9 The CMA study recommended that: ARGA should be required to set standards that would apply to audit committees when carrying out their functions relating to the appointment and oversight of auditors; ARGA should be required to monitor compliance with those standards and be given powers to require information and (where necessary) to place an observer on the audit committee for that purpose; and that ARGA should have the power to take action where audit committees failed to comply with those standards.^{[footnote 207]} This could include publishing findings on poorly performing audit committees and writing to audit committees or shareholders to highlight specific areas of concern.

7.1.10 The CMA study and the Brydon Review^{[footnote 208]} also recommended that the regulator could consider further measures to improve the exchange of information between the audit committee and shareholders. This issue is dealt with later in the chapter.

Initial consultation on the CMA Market Study

7.1.11 The government previously consulted on the CMA market study’s suite of proposals on audit committee scrutiny.^{[footnote 209]} Respondents said that audit committees should be able to seek an auditor whose working style and culture were conducive to open and positive conversations with management. The respondents to the previous consultation also stated that constructive challenge is critical to an auditor’s role, and that independence and sceptical challenge should be prioritised over cultural fit when selecting an auditor.

7.1.12 In relation to audit committee observers, respondents to the initial consultation were concerned that if the regulator had the power to place an observer on an audit committee on a regular or routine basis, it could create confusion about the role and responsibility of the regulator and would interrupt the effective functioning of audit committee discussions. Therefore, the power for the regulator to place and observer should only be used as a remedial option where the regulator’s supervision activities raise reasonable concerns that an audit committee is not complying with the regulator’s expectations in this area.

7.1.13 Respondents also highlighted the risk that mandating standards too prescriptively could disempower audit committees and reduce the level of judgement needed by audit committee members. This could discourage high quality individuals from seeking appointment to audit committees and encourage a ‘tick box’ approach.

7.1.14 On enforcement, stakeholders were supportive of the proposal to enforce a change in the functioning of the audit committees if the penalties applied were staged and proportionate.

Government response and proposals

7.1.15 The government proposes to require ARGA to impose additional requirements on audit committees in relation to the appointment and oversight of auditors. These requirements will cover the need for audit committees to continuously monitor audit quality, and consistently demand challenge and scepticism from auditors. It will be for ARGA to consider how the new requirements it develops will fit alongside the existing obligations which apply to audit committees. The regulator would also continue to issue guidance to assist companies and those serving on audit committees. This might also include appropriate examples of good practice^{[footnote 210]} to allow companies to build on the experience and expertise of others.

7.1.16 The government considers that any new requirements imposed by ARGA should allow for audit committees to exercise discretion and professional judgment and for innovative best practice to develop. The requirements set by the regulator will set minimum standards which audit committees will be free to exceed as they wish^{[footnote 211]}. The government agrees with the CMA market study that the additional requirements which are set by the regulator should initially apply in relation to audit committees of FTSE 350 companies. The government will monitor the implementation and effectiveness of the requirements and consider extending to the wider community of PIEs in due course.

7.1.17 The government also proposes to impose a duty on ARGA to monitor compliance with the new audit committee requirements, including through a power to require information and/or reports from audit committees, and a power to place an observer on audit committees if necessary. Appropriate safeguards will be put in place to deal with confidential information which the regulator obtains using these powers. It is anticipated that most of the information the regulator would require would be information that committees already have available or are already providing, for example, to the board. ARGA should take a risk-based approach to monitoring ongoing compliance, exercising its expert judgement. Where the regulator is particularly concerned about an audit committee’s compliance with the requirements it would be able to meet the audit committee chair to discuss any issues arising in the first instance. However, if sufficient progress is not made to resolve ARGA’s concerns through this engagement, then the regulator would have the power to place an observer on the audit committee where it has concerns. These monitoring powers will enable the regulator to consider whether any remedial action is required without imposing undue burdens on audit committees.

7.1.18 The government proposes to give ARGA appropriate powers to take action in relation to breaches of the new audit committee requirements. The government intends to provide ARGA with the ability to take action against the company directors and/or the audit committee for breaching the requirements. The regulator will take action in proportionate stages: as set out above, the regulator would give the audit committee the opportunity to address any issues of regulatory concern before taking remedial steps publicly. The government agrees with the CMA study’s proposal that further steps could include issuing public notices detailing their findings, or making direct statements to shareholders in circumstances where it is unsatisfied with an Audit Committee’s response. Appropriate safeguards would need to be put in place to deal with sensitive information.

Question 52. Do you agree that ARGA should be given the power to set additional requirements which will apply in relation to FTSE 350 audit committees?

Question 53. Would the proposed powers for ARGA go far enough to ensure effective compliance with these requirements? Is there anything further the government would need to consider in taking forward this proposal?

7.2 Independent auditor appointment

In December 2018, Sir John Kingman recommended that ARGA should be given powers to independently appoint auditors in certain circumstances. This section considers this proposal and seeks stakeholder views on how it might operate in practice.

7.2.1 The CMA study’s proposals for the scrutiny of audit committees were designed to place a greater emphasis on quality during the appointment and oversight of auditors, to enhance external accountability and to minimise bias against challenger firms. When making these recommendations, the CMA study also considered the merits of providing ARGA with powers to independently appoint auditors of PIEs,^{[footnote 212]} a proposal that was also assessed by Sir John Kingman in a letter to the then Secretary of State in December 2018.^{[footnote 213]}

7.2.2 In his letter, Sir John argued that the commercial relationship between a company and its chosen auditor may undermine the latter’s professional scepticism. In principle, therefore, he favoured the proposal to give ARGA appointment powers on the basis that the independent appointment of an auditor would reduce any allegiance an auditor may feel to the corporate management of the company it is auditing. This would remove the function from audit committees in favour of a regulator-led process. However, Sir John noted that there was little support for this radical change in approach particularly among the investment community that rely on high-quality audits to make investment decisions. As a result, he concluded that significant reform was not appropriate at this time and that it would not be right to pursue a proposal so widely opposed by its intended beneficiaries. The CMA study shared this view and recommended that the government revisit this question once the full suite of measures have been implemented and assessed^{[footnote 214]}. The government accepts this recommendation, and the independent appointment of auditors will be considered within the implementation and efficacy review discussed in Chapter 1.

7.2.3 Although Sir John rejected a general independent power of appointment, he recommended that the regulator should be given limited powers to appoint auditors in specific circumstances. He recommended that the regulator should be able to exercise the powers where reasonable and proportionate, and where:

quality issues have been identified around the company’s audit
a company has parted with its auditor outside the normal rotation cycle
there has been a meaningful shareholder vote against an auditor appointment (‘even one well short of 50%’)

7.2.4 The government has considered Sir John’s specific recommendations and recognises that on the face of it there are potential benefits to giving the regulator powers to appoint auditors in these limited circumstances. However, the government has seen little evidence to suggest that even in these circumstances (or in others which the FRC have encountered in recent years) the powers would be useful in practice. It is also mindful that in cases where there were no willing appointees the powers would only work if accompanied by the ability to compel auditors to take on the audit engagement in question. This would be a significant step, as it would give the regulator the power to override an auditor’s freedom to choose their audit engagements. It has also been highlighted that the power to appoint an auditor may conflict with ARGA’s regulatory oversight of the appointed auditor. Further consideration is required to establish how this would be managed.

7.2.5 Given these concerns, the government is not persuaded that it is appropriate to give ARGA independent powers of appointment at this time. However, the government is considering, and consulting on, whether to legislate to provide flexibility for ARGA to be given such powers by the government in the future. The Secretary of State would only grant these powers to ARGA after further consultation, if sufficient evidence emerged to justify them, and once further information and experience had been gained as a result of ARGA’s regulatory oversight of audit committees. The appointment powers would be introduced using secondary legislation and so would be subject to further Parliamentary scrutiny.

7.2.6 Before reaching a final decision on these questions, the government will consider whether other regulatory tools might be more appropriate and useful, both in the circumstances Sir John describes and when a company has failed to find an auditor as it ought to through the tendering process. For instance, where quality issues persist ARGA could find it useful to require a company to retender or to remove an auditor from an audit engagement, subject to appropriate checks and balances. The FRC currently has the powers to apply to the court to remove an auditor from office where there are proper grounds for doing so and the government will consider how these powers should be transferred to ARGA.^{[footnote 215]} Equally, where a company struggles to find an auditor, the regulator may benefit from having a power to require an auditor to explain in a private report why it has chosen not to compete for a tender. This information could then be used by the regulator to help audit committees find an auditor in a subsequent tendering process.

Question 54. Do you agree with Sir John Kingman’s proposal to give the regulator the power to appoint auditors in specific, limited circumstances (i.e. when quality issues have been identified around the company’s audit; when a company has parted with its auditor outside the normal rotation cycle; and when there has been a meaningful shareholder vote against an auditor appointment)?

Question 55. To work in practice, ARGA’s power to appoint an auditor may need to be accompanied by a further power to require an auditor to take on an audit. What do you think the impact of this would be?

Question 56. What processes should be put in place to ensure that ARGA can continue to undertake its normal regulatory oversight of an audit firm, when ARGA has appointed the auditor?

Question 57. What other regulatory tools might be useful when a company has failed to find an auditor or in the circumstances described by Sir John Kingman (i.e. when quality issues have been identified around the company’s audit; when a company has parted with its auditor outside the normal rotation cycle; and when there has been a meaningful shareholder vote against an auditor appointment)?

7.3 Shareholder engagement with audit

Shareholders are the primary users of company accounts and reports and rely on them to make informed, long-term investment and engagement decisions. The accounts also serve a public interest and are important for a wide range of other stakeholders. The Brydon Review was concerned that asset managers as stewards of investment may not in general be giving sufficient attention to the quality and robustness of audit and believed that audit might deliver more if shareholders were interested and involved.

This section responds to the Review’s recommendations on this matter, as well as taking account of relevant CMA Market Study recommendations^{[footnote 216]}, and sets out the measures that the government now intends to take forward to ensure that shareholders are able to engage more meaningfully both with individual audits and with matters affecting audit quality as a whole.

Shareholder engagement on risk and audit planning

The Brydon Review called for more informed and meaningful shareholder engagement in the annual audit planning process through the establishment of a formal mechanism, where shareholders can share their suggestions for the audit plan with the audit committee. The Review noted that those suggestions would be better informed by the company’s latest risk report.

7.3.1 The Brydon Review argued that shareholders should have greater opportunity to propose ‘areas of emphasis’ they would like considered within the annual audit plan, with the company’s latest risk report helping to inform shareholder views. The Review recommended that this could be achieved by the audit committee establishing a formal mechanism for engagement. To increase transparency around the process, the Review stated that the audit committee publish whether proposals had been accepted or rejected by the auditor.

7.3.2 Auditors are required to develop an overall strategy and plan for each audit^{[footnote 217]}. The plan is an interconnected set of working papers detailing the auditor’s understanding of the entity and its environment^{[footnote 218]}, its assessment of the risk of material misstatement at the entity^{[footnote 219]}, and proposed responses to these risks. Auditors are required to communicate the overall scope and timing of the audit to the audit committee, but there is no current requirement for the auditor or audit committee to engage with shareholders on the development of the audit plan.

7.3.3 The Brydon Review envisaged creating a better and more formal opportunity for shareholders to put forward views on particular areas of interest or concern for consideration as part of the audit. The Review recommended that audit committees create this opportunity by inviting shareholders to set out their views on particular risks and other areas of emphasis that they would like the auditor to address. Furthermore, shareholders should be provided with the directors’ latest statement of the company’s emerging and principal risks to inform their suggestions. This assessment of risks should be provided in good time ahead of the finalisation of the audit plan.

7.3.4 The government agrees that a formal mechanism should be established to enable audit committees to gather shareholder views on the audit plan^{[footnote 220]}. In practice, shareholders might also benefit from a summary version of the audit plan provided to the audit committee (subject to the necessary safeguards on the publication of commercially sensitive information), setting out key audit matters, information on materiality and the proposed areas of focus for the audit. The government is clear, however, that shareholder views should be purely advisory in nature and supplemental to the auditor’s to ensure that the auditor retains autonomy for the way the audit is conducted. While a wide range of risks affecting the audited entity will be of interest to shareholders, the auditor should not be required to consider proposals which fall outside of the scope of the company audit^{[footnote 221]}.

7.3.5 The government agrees that shareholders would benefit from having access to the latest risk assessment but considers that the audit committee should only be expected to make an additional disclosure if there has been a material change to the principal risks facing the company since those already disclosed in the last annual or interim report. Where suggestions from shareholders go wider than issues that can be considered as part of the company audit (for example business or strategic risks), these could be considered as part of the proposed Audit and Assurance Policy (see chapter 3).

7.3.6 ARGA will need to consider further in liaison with audit committees, auditors and shareholder bodies how this engagement would work in practice, but would need to include consideration of the following:

the timing and methods of engagement with shareholders
how a summary version of the audit plan will be communicated to shareholders^{[footnote 222]}
how the updated risks statement will be communicated to shareholders
the types of shareholder request which should require formal consideration – the Brydon Review suggested this could be related to the size of shareholdings or a materiality test

7.3.7 The government considers that these proposals should initially apply only to the audit committees of premium listed companies and be addressed through a change to the UK Corporate Governance Code (and/or associated guidance on audit committees). Depending on the outcome of this consultation process, ARGA would be invited to consult on these changes. The government will work with the regulator to review the operation of these new obligations after a suitable period, and will then consider and consult on whether they need to be extended more widely.

7.3.8 The Brydon Review also recommended that the audit committee’s annual report should set out which shareholder suggestions put forward for consideration had been accepted or rejected by the auditor^{[footnote 223]}. The government agrees with this recommendation. To help maintain auditor independence, it has concluded that it would be more appropriate for the audit committee to communicate this feedback. The obligation on auditors to consider suggestions put forward by shareholders and to provide feedback to the audit committee on the extent to which these have been adopted could be achieved through contractual provisions in the auditor’s ‘terms of engagement’. In recognising the iterative nature of the audit plan, any such disclosure in the audit committee report should also highlight material changes in the summary audit plan communicated to shareholders, including the impact on areas of focus proposed by shareholders^{[footnote 224]}.

Question 58. Do you agree with the proposals and implementation method for giving shareholders a formal opportunity to engage with risk and audit planning? Are there further practical issues connected with the implementation of these proposals which should be considered?

Shareholder engagement on audits at general meetings

The Brydon Review highlighted that it is the exception rather than the rule for a company’s auditor to attend and take questions from shareholders at a company’s annual general meeting. The Review recommended that a standing item be added to annual general meetings at which the audit committee chair and auditor would take shareholder questions.

7.3.9 The Companies Act 2006 gives the auditor the right to attend general meetings and to be heard on any part of the meeting which concerns him or her as auditor^{[footnote 225]}. Where a sufficient number of shareholders request it, companies are required to publish a statement of members’ concerns about an audit which then has to be discussed at the next AGM^{[footnote 226]}. However, these rights are rarely exercised and are not suited to encouraging a more regular dialogue between auditors and shareholders.

7.3.10 The Brydon Review suggested adding a standing item to AGM agendas for questions to be put to the auditor and the audit committee chair^{[footnote 227]}. The government agrees that shareholders should have better opportunities to ask questions about the audit. This would be a logical development if, as suggested above, shareholders are to be given the opportunity to comment on the audit plan in advance of it being confirmed. The government, however, does not believe a standing AGM agenda item is necessary or sufficient to achieve greater shareholder engagement. Instead, the government proposes to encourage better engagement with the auditor by inviting the regulator to revise its guidance to audit committees to encourage questions from shareholders about the company audit. The government also invites the regulator to consider revisions to its guidance on the recently revised Stewardship Code to promote greater engagement from investors on matters relating to audit quality.

7.3.11 The Brydon Review also suggested that the senior company auditor be required to attend the AGM and be prepared to answer questions^{[footnote 228]}. The government does not think that such a requirement would be proportionate as the senior auditor’s presence may not be necessary or justifiable in all cases. However, the government believes that better attendance from both the audit committee chair and senior auditor at the AGM should be encouraged, and suggests that this could be implemented through updating the regulator’s existing guidance to audit committees^{[footnote 229]}. It would also be open to audit committees to require as part of an auditor’s contractual ‘terms of engagement’ that they attend the AGM and answer questions if asked to do so. The government notes the concerns around implications for auditor and audit firm liability, if shareholders expect the auditor to answer questions which go beyond the conduct of the audit and the content of the audit report.

Question 59. Do you agree with the proposed approach for ensuring greater audit committee chair and auditor participation at the AGM? How could this be improved?

Shareholder engagement on auditor removal or resignation

The Brydon Review was concerned that auditors who resign, choose not to retender or are dismissed from PIEs do not, in general, provide meaningful reasons for their departure from the company, despite company law requiring a statement of reasons for the departure to be provided to the company, shareholders and the regulator. The Review recommended that the statement given by departing auditors should, at a minimum, state whether certain matters led to their departure, and that a general meeting be held subsequently at which shareholders can ask the audit committee chair and the auditor about the departure.

7.3.12 Auditors of PIEs^{[footnote 230]} are required to make a statement to the company, copied to the audit regulator, of the reasons for their ceasing to hold office^{[footnote 231]}. The statement must include details of any matters which the auditor considers need to be brought to the attention of the shareholders or creditors of the company in connection with them ceasing to hold office. The company must in turn communicate this statement to shareholders (and any other holders of the company’s securities) within 14 days of it being received from the auditor^{[footnote 232]}. Additionally, the auditor has the right to require that the company convenes a general meeting of its shareholders at which the auditor’s reasons for resigning can be considered.

7.3.13 The Brydon Review argued that this existing process is not serving to inform shareholders in practice^{[footnote 233]}. It was found that it is very rare for the auditor’s statement to go into any significant detail about their reasons for ceasing to hold office, and rarer still for a resigning auditor to exercise their right to have their reasons for resigning considered at a general meeting of the shareholders.

7.3.14 The Review recommended that the process should be strengthened so that shareholders are better informed as to the reasons for an auditor’s early departure^{[footnote 234]}. In particular, the Review said that the departing auditor be required to state, at a minimum, whether the auditor’s departure was due to:

a disagreement with the audit committee
the withholding of information by the company
a lack of co-operation by the company during the audit
the disproportionate cost of the audit due to the company’s processes
a company has parted with its auditor outside the normal rotation cycle
any issue of trust between the auditor and the company’s management or board

7.3.15 The Brydon Review further recommended that the company should be required to hold a general meeting, within 42 days of receiving the auditor’s resignation (or sending a notice of dismissal to the auditor), at which the departing auditor would be required to answer questions from shareholders, and the company would have to explain how it proposes to appoint a new auditor^{[footnote 235]}.

7.3.16 The government agrees with the Brydon Review that the existing Companies Act provisions which apply when an auditor ceases to hold office are generally failing to provide meaningful information to shareholders and the regulator as to the reasons for an auditor’s departure.

7.3.17 The unexpected departure of an auditor can be for many reasons. It may simply be because the audit firm wishes to redeploy its resources elsewhere but there could be more substantive reasons of material interest to shareholders and the regulator. For example, it could be because the auditor believes the audit fee no longer justifies the extent of work required to audit a particular company’s accounts, or because there has been a breakdown in the relationship between the audit team and the company’s management. In some cases it may even be due to auditor concerns over the reporting of the company’s financial position, or the quality of its underlying processes.

7.3.18 Shareholders should arguably be given greater opportunity than at present to understand the reasons for an auditor ceasing to hold office, and to question both the auditor and the company’s directors on the matters connected with those reasons and the company’s proposed next steps. However, the government also recognises that the unexpected resignation or dismissal of an auditor may already be perceived by shareholders and others as a sign that a company has questions to answer about its financial reporting, regardless of whether the precise reasons are set out in the auditor’s departing statement. Additionally, shareholders already have the power to require the directors to hold a general meeting (although this power is rarely, if ever, exercised in response to an auditor resigning or being dismissed).

7.3.19 The government also recognises that audit firms may have concerns over potential liability issues arising from being obliged to state whether certain factors contributed to an auditor ceasing to hold office, both in their departing statement and at the proposed general meeting. Chapter 5 invites views on the broader question of auditor liability in the context of delivering a more informative and useful audit.

7.3.20 The government will reach a final view on whether and how to implement these 2 Brydon Review recommendations, in whole or part, after taking account of responses to this consultation.

Question 60. Do you believe that the existing Companies Act provisions covering the departure of an auditor from a PIE ensure adequate information is provided to shareholders about an auditor’s departure? If you believe those provisions are inadequate, do you think that the Brydon Review recommendations will address concerns in this area? What else could be done to keep shareholders informed?

Audit fee disclosures in audit committee reports

The Brydon Review believed that there was an opportunity for the accounting treatment of audit fees to reflect more clearly the fact that this is a cost borne by the company’s shareholders.

7.3.21 The Brydon Review recommended that the company’s audit fees “be shown on the face of the profit and loss account as being struck, like the dividend, after the reporting of post- incentive compensation profit”^{[footnote 236]}. It considered that reporting audit fees in this way would make it clear that they are “costs incurred by the company at the behest of the audit committee and paid for by shareholders”; and that it should also help to improve confidence that an appropriate relationship exists between auditors and management.

7.3.22 The government does not believe that it would be proportionate to amend company law to require a different accounting treatment for audit fees to that currently applied under both IFRS and UK GAAP. It considers, however, that there is scope to improve audit committees’ disclosures relating to audit fees and is pleased that the FRC is reviewing its guidance for audit committees in this area.

Establishment of an Audit Users Review Board (AURB)

The Brydon Review was concerned that there is currently no independent body which facilitates discussion and ideas on audit quality affecting users of the audit report (shareholders, companies, regulators and others), and that current discussion forums in this area are disproportionately led by the producers of audit (audit firms).

7.3.23 The Brydon Review recommended establishing a new body, independent of the regulator and comprising solely of users of audit to provide a strong forum for considering audit matters from users’ perspectives^{[footnote 237]}. The government agrees and welcomes the work that has been undertaken to establish this new body. It notes growing investor calls for better representation of investors, asset managers and analysts in the audit standard-setting process in order to drive forward innovation, and is pleased that the Investment Association has announced its intention to act as the Secretariat to the Audit Users Review Board (AURB^{[footnote 238]}).

7.3.24 The government will work with the regulator and the Investment Association to ensure that the Board’s terms of reference reflect the importance of a more ‘user driven’ audit. Advice from the AURB will help the regulator to act consistently with its new general objective to protect and promote the interests of investors and users of accounts (see 10.1.12).

Question 11

8.  Competition, choice and resilience in the audit market

Accepted Answer

The audit market for companies in the FTSE 350 is highly concentrated, limiting choice for audited companies and limiting incentives for audit firms to compete on quality. This concentration has created a ‘ceiling’ to growth, establishing a segmented market whereby Challenger firms often struggle to win FTSE 350 tenders and to gain the experience of auditing FTSE 350 clients that they can then apply to their wider client base. Combined, this is detrimental to audit quality and audit market resilience. The CMA’s statutory audit services market study recommended a suite of measures that taken together would improve quality and competition. Having consulted on CMA’s recommendations, the government considers that the most effective and efficient way to increase choice, competition and resilience in the audit market is through the following reforms:

giving the new regulator stronger powers and duties increase choice and competition in the FTSE 350 audit market, initially through a managed shared audit regime and, if needed, a managed market share cap
requiring operational separation between the audit and non-audit arms of certain firms, as determined by the new regulator. This will include separate governance, financial statements prepared on an arm’s length basis, and regulatory oversight of audit partner remuneration and audit practice governance
giving the regulator statutory powers to proactively monitor the resilience of audit firms and the audit market, require audit firms to address concerns, and to act in the event of audit firm failure

Collectively, these proposals address the major issues identified in the audit market that were identified by the CMA’s Market Study, having taken into account responses to the government’s 2019 consultation. Specifically, they are designed to improve choice and resilience in the market, and to adjust the balance of incentives within firms so that audit partners are more likely to prioritise audit quality and professional scepticism. It is envisaged that these measures will be delivered through a combination of primary and secondary legislation, as well as by giving ARGA rule making powers that will give it the autonomy to refine and adjust elements of detail over time as the market adjusts. The exact scope of these powers will be refined when legislation is drafted and ARGA will also be given appropriate powers to enforce compliance with these proposals as part of that drafting process. The government is considering whether, and in what circumstances, ARGA would need to consult when exercising its rule-making powers.

8.1 Market opening measures

The government agrees with the CMA’s conclusion that the market will benefit from increased participation by a wider range of firms. The government therefore proposes introducing a mandatory managed shared audit requirement for UK-registered FTSE 350 companies. The government considers this will increase choice and support new entrants to the FTSE 350 audit market in an effective, efficient and proportionate way.

Review recommendations and consultation responses

CMA Review

8.1.1 In its Market Study, the CMA found that the FTSE 350 statutory audit market exhibits a number of deep-seated problems, one of which was market concentration, resulting in limited choice and a market that is not resilient. The CMA considered that more choice, action on barriers to entry and greater resilience^{[footnote 239]} are needed for the market to work effectively.

8.1.2 The CMA’s proposal to address choice and barriers to entry was to introduce a mandatory joint audit regime for FTSE 350 companies. The joint audit regime would require 2 audit firms to sign off companies’ accounts, of which at least one must be from a smaller firm (a so-called ‘Challenger’ firm). The CMA recommended that the audits of the largest and most complex companies that would not be suitable for a joint audit should instead be subject peer review mechanism overseen by the regulator whereby a challenger firm would review an audit or part of an audit undertaken by a company’s appointed auditor.

8.1.3 The CMA’s joint audit proposal would require the 2 audit firms to divide the necessary audit fieldwork between them, and for both to audit areas that are material or involve a high level of judgement. Under this model, responsibility for the audit opinion and, therefore, audit liability would rest with both auditors. The CMA further recommended that no changes should be made to the UK audit liability framework, meaning that the joint auditors would have joint and several liability for the engagement.

8.1.4 The CMA envisaged that joint audit would be introduced over time to allow for adaptation, rather than requiring all FTSE 350 companies to make the switch immediately. The CMA’s initial modelling indicated that after 10 years of the measure, Challenger firms could expect to have at least a 10-12% share of FTSE 350 audit fees.

8.1.5 The CMA considered shared audits as an alternative to joint audit, but was concerned that they would result in the Challenger firm essentially being sub-contracted and remaining subordinate to the larger firm, making it harder for Challengers to transition to sole auditors over time and thereby limiting the effectiveness of the measure. The CMA was also concerned that shared audits would risk audit quality because the smaller firm would not be jointly liable for the audit.

8.1.6 A market share cap remedy was also considered but the CMA identified potential problems, including the risk of ‘cherry picking’ whereby the largest firms would be incentivised to shed their highest-risk or least-profitable clients, undermining audit quality and the Challenger firms’ positions. The CMA was also concerned that a market share cap could result in Challenger firms acting as sole auditors to companies that are significantly more complex than, or different to, their existing audit clients, thereby risking quality.

8.1.7 The concerns over shared audits and market share caps led the CMA to conclude - on balance - that joint audit should be pursued for early action, although it did not rule out the use of share caps as a possible future solution depending on how the market developed, and if a design could be found that avoided identified risks.

8.1.8 In the July 2019 consultation, the government consulted on the CMA’s recommendations. Key responses were:

of the 76 respondents who gave views on the CMA’s joint audit proposal, 61 were firmly against the proposal, and 15 supportive or supportive with reservations
of the 47 respondents who responded on joint and several liability for audits, 34 were not persuaded that mandatory joint audit would be effective without liability reform, with 13 being supportive or supportive with some reservations
on whether Challenger firms had sufficient capacity to provide joint audit services to the FTSE 350, 25 respondents were supportive or supportive with some reservations, while 31 disagreed
in response to whether the joint audit proposal would lead to an increase in cost of 25- 50%, 36 agreed or broadly agreed with this estimate and 13 disagreed
34 out of 61 respondents disagreed with the CMA’s assessment of the alternatives to joint audit, including shared audit, with many speaking positively regarding the opportunities around shared audits or market share caps as an alternative. There were balanced, mixed views on both alternatives, with benefits and drawbacks highlighted
there were balanced, mixed views on the CMA’s peer review proposal with 34 supportive or supportive with some reservations, and 29 against

8.1.9 The key concerns about joint audit that were raised by stakeholders are set out below:

There was considerable concern from both large audit firms and challenger firms that the joint and several liability associated with a joint audit would dissuade audit firms from tendering for audits and create significant duplication between the joint auditors. Both audit firms would be fully liable for the risks of the whole audit, while only receiving a proportion of the fee. This could lead to significantly increased fees to cover the additional liability and the amount of duplication of audit work that each firm would need to do to assure the quality of their joint audit partner.

There was significant doubt that Challengers would have the risk appetite or financial resources to take on the scale of new contracts required by the joint audit mechanism.

Even allowing for a gradual introduction of joint audit, there were reservations about whether Challenger firms could (individually or collectively) build their audit practices at the pace needed to tender for and deliver 30-50% of the majority of FTSE 350 audits without risking audit quality. The availability of experienced senior auditors was identified as a notable barrier.

Multiple respondents considered that the estimate of a 25-50% increase in audit costs was low, noting that the joint and several liability would potentially lead to more work being re-performed by the firms to manage their financial exposure and to increased insurance costs for the audit firms.

Several respondents were not persuaded that joint audit would support Challengers to transition, over time, to become sole auditors across the FTSE 350. In particular, the proposed exemption for the largest and most complex FTSE 100 firms would limit Challengers’ participation in this segment of the market, despite it being the segment where choice is currently most limited.

Government response and proposals

8.1.10 The government agrees with the CMA’s assessment that the FTSE 350 audit market is not working effectively and needs greater choice and resilience in order to deliver the desired improvements in quality. However, following the 2019 consultation on the CMA recommendations the government has identified significant barriers to implementing the remedies identified by the CMA. These barriers are the ability of challenger firms to grow and increase capability in order to undertake larger more complex audits and the joint and several liability risks associated with the CMA’s preferred solution of joint audit.

8.1.11 The government has identified that Challenger audit firms need to invest heavily in resources and expertise in order to effectively compete in the FTSE 350 audit market. Challenger firms will need confidence in their revenue streams in order to make this investment. Additionally, Challenger firms need to build their reputations and credibility with FTSE 350 audit committees as being able to conduct complicated and large scale audits. The government considers that any approach to opening up the audit market to greater competition needs to take these issues into consideration.

8.1.12 The core of the government’s proposal is a managed shared audit requirement for UK-registered FTSE 350 companies. This form of shared audit would see an audit firm appointed to lead the group audit, for which it bears the overall liability. When tendering the statutory audits of entities within the group, companies would be required to appoint a Challenger audit firm to conduct a meaningful proportion of the statutory audits. The requirement would apply across the FTSE 350, giving the audit firms the opportunity to gain exposure to the statutory audit engagements and audit committees of the largest and most complex companies, and giving those companies greater choice of auditor. The approach to audits of FTSE 350 entities which are not groups is set out in paragraph 8.1.20.

8.1.13 The government’s expectation is that these shared audits will enable smaller audit firms to invest in their capacity and capabilities in order to grow and compete across the FTSE 350 audit market, but without the requirement to bear joint and several liability for the entire group audit. This approach is no less ambitious in the medium to long term than the CMA’s envisaged joint audit approach, but adopts a more gradual introduction to reduce the risks of the overall reform programme.

8.1.14 Beyond this, the government also proposes a reserve power for the Secretary of State to allow the regulator to introduce a market share cap. This would be operated following a joint review by BEIS and the regulator, if mandatory shared audits do not bring about the desired change to the FTSE 350 audit market within a reasonable period of time. By providing a power to introduce a market share cap at a later stage, the government would be able to act on pervasive concentration in the FTSE 350 audit market if shared audits are not leading to Challenger audit firms becoming sole auditors of FTSE 350 companies. The government has outlined the expected parameters of the future market share cap in paragraphs 8.1.27 – 8.1.30 of this document, which it considers respond to the risks identified by the CMA on the introduction of a market share cap.

Managed shared audit

8.1.15 The government proposes that managed shared audit will apply to all UK-registered FTSE 350 companies, with limited exceptions (discussed below). The requirement would be phased-in by requiring companies, acting through their audit committees, to adopt Managed Shared Audit when their audit contract is re-tendered, rather than at an annual reappointment.

8.1.16 Managed shared audit would require the companies to identify a meaningful proportion of the audits of statutory entities within the group (see further discussion below) for bids from Challenger firms only, unless they select a Challenger firm as the group auditor or receive an exemption (further details below). The government’s working definition of a Challenger for these purposes is a firm that provides statutory audits to Public Interest Entities (PIEs) and whose audit revenues did not represent more than 15% of the FTSE 350 statutory audit market by fees in either of the prior 2 years. However, the government would be grateful for views on the appropriate threshold. It will ultimately be for the new regulator to determine the initial scope of these measures and adjust it over time to reflect changes to the structure of the market.

8.1.17 Detailed and binding requirements for managed shared audit would be issued, supported by guidance. The extent to which the requirements would be set out in regulations or in rules made by the regulator remains under consideration. It is currently proposed that requirements would include the below.

A Challenger firm to be appointed to carry out a meaningful proportion of the group’s statutory audits (e.g. a subsidiary or collection of subsidiaries). ‘Meaningful’ would be defined and calculated with reference to one or more of the total audit fee (in the prior year), group revenues, profits and assets of the company, with the Challenger’s proportion to be no less than 10% of these criteria and preferably closer to 30%. It is recognised that the Challenger’s proportion is likely to be at the lower end of this range for the largest and most complex FTSE 350 companies, at least at the outset.

The company’s audit committee would identify through its audit tender planning the subsidiary or subsidiaries that could be audited by a Challenger. The tender process would see the audit committee appoint the group and other (Challenger) auditor independently, with no joint bidding permitted. It is expected that the group and other audit engagements would be tendered at the same time.

There would be merit in the Challenger subsidiaries being rotated during the term of the audit contract, to provide the Challenger with greater exposure to the company. The regulator would encourage this but not require it. The subsidiaries would, as a minimum, be subject to the same mandatory periodic rotation requirements as the group audit.

The Challenger would be liable for its audit of the relevant subsidiaries but would not bear joint and several liability for the group audit. Any work performed by the Challenger would fall within the scope of the regulator’s audit quality review regime^{[footnote 240]}. This addresses the CMA’s concern that the smaller firm would be less motivated by audit quality under shared audit.

The Challenger firm would have access to, and engagement with, the FTSE 350 company’s main (group) audit committee. This aims to mitigate the CMA’s concern that the audit committee would only engage meaningfully with the group auditor.

Question 61. Should the ‘meaningful proportion’ envisaged to be carried out by a Challenger be based on legal subsidiaries? How should the proportion be measured and what minimum percentage should be chosen under managed shared audit to encourage the most effective participation of Challenger firms and best increase choice?

8.1.18 Managed shared audit requirements will not apply to companies that:

appoint a Challenger firm as their sole audit firm
have not been a FTSE 350 company for at least half of the annual accounting period prior to the auditor appointment and are not a FTSE 350 company when the audit tender process begins

8.1.19 The government does not propose a blanket exemption for the largest and most complex FTSE 100 companies. A positive feature of managed shared audit is that the selection of the subsidiary allows for greater flexibility in the division of work to ensure the subsidiary is appropriate for a Challenger, so they can engage across the FTSE 350 from the outset. However, the government intends to provide for exemptions for companies from the managed shared audit requirements in exceptional circumstances and give the regulator the power to assess when such circumstances have been met. The use of this power would be subject to further consultation and limited by criteria to ensure that its use was exceptional. The government proposes exceptional circumstances could also cover companies who do not receive bids or bids of sufficient quality. To ensure coherence across ARGA’s suite of powers, the government will continue to consider these practical questions within the wider context of defective tenders that occasionally arise under the current legislative framework.

8.1.20 The CMA proposed an exemption for investment trusts and individual entities that do not prepare consolidated accounts. The government agrees that it may not be proportionate or practical for these companies to implement a shared audit. However, as there is reason to consider that many Challengers have the capacity to carry out these less complex engagements as sole auditor, the government would expect their audit committees to carry out an audit tender that encouraged the appointment of a Challenger firm. Therefore, an automatic exemption is not proposed for these entities. The government instead intends to work with the regulator to develop a modified approach for these entities to follow, which will be set out in regulations.

8.1.21 If a company implemented managed shared audit and subsequently stopped being classified as a FTSE 350 company, it is expected that the requirements would remain in force until the audit engagement is retendered (other than under annual reappointment). The exception to this would be if the company ceased trading in its current form, was delisted from the LSE Main Market or was acquired by an overseas entity that was not subject to the requirements.

8.1.22 The regulator would monitor companies’ compliance with the managed shared audit requirements. To do this, it would have powers to request information from, and engagement with, FTSE 350 companies and audit firms. This would include details of upcoming and current audit tenders, the split of work between the group and subsidiary audit firms, details of the how the tender would be run and the outcomes of the tenders, as well as the audit firms’ growth plans. It is expected that the regulator would issue guidance on the details of this information gathering.

8.1.23 It is also proposed that the regulator would have enforcement and sanctioning powers against companies that do not comply with the requirements, through:

proportionate financial penalties for delay or failure to provide required information on the audit tenders in the form and timetable required by the regulator^{[footnote 241]}
a requirement for FTSE 350 companies, acting through their audit committees, to take into consideration before appointing an auditor(s) any recommendations from the regulator intended to ensure the appointment is compliant with the managed shared audit requirements. The emphasis of the regulator’s oversight would be to issue recommendations and guidance before the appointment has concluded, in order to reduce the likelihood of a non-compliant audit engagement
treating a failure to comply with the managed shared audit requirements (without an agreed exemption from the regulator) the same way as a ‘defective tender’ under the Companies Act 2006. This would mean that a company may be granted exceptional permission to make a temporary or occasional appointment for the forthcoming audit year, to ensure that the company’s listing is not jeopardised, but they would be required to conduct a full and compliant tender exercise the following year

8.1.24 The Regulator would have a duty to monitor the effectiveness of managed shared audit. The metrics by which the effectiveness would be assessed will be subject to further policy development but are likely to include the trend in Challenger firms’ combined FTSE 350 market share, as sole and shared auditor. Indicative modelling by BEIS, summarised in the accompanying Impact Assessment, indicates that Challengers could achieve 9.1% to 12% share of the FTSE 350 audit market by share of fees after 10 years, in line with the CMA’s modelling for joint audit.

8.1.25 The regulator would publish an annual progress report from the first full year after managed shared audit was introduced. The government would be able to respond to this through the annual BEIS Secretary of State remit letter.

8.1.26 The government does not propose an automatic sunset clause for managed shared audit. After a period of time, expected to be between 5 and 9 years, there would be a review of its effectiveness in increasing choice and supporting new entrants to the FTSE 350 audit market. If the review concluded that managed shared audit was making sufficient progress it would be expected to be retained for a further period.

8.1.27 If the review outlined above concludes that managed shared audit is not making sufficient progress in supporting Challenger firms to become sole auditors of FTSE 350 companies then the government would engage its reserve power (to be taken forward as part of the audit reform legislative package) to introduce a market share cap. A market share cap would be particularly relevant if, despite Challengers investing in capacity and capabilities, the firms were only securing a very limited portion of the FTSE 350 audit market. This reserve power could also be activated in the event of an audit firm collapse (as set out at paragraph 8.3.24 below).

8.1.28 The government would undertake further consultation on the detailed design of the market share cap before the measure was introduced. However, the government currently considers that the following principles would feature:

the measure would apply to all UK-registered FTSE 350 companies, although in practice only a proportion of those would be directly affected by it
there would not be a single numerical or percentage market share cap applied to any single audit firm, or group of audit firms. Instead, the regulator would review the pipeline of FTSE 350 audit tenders for an upcoming period and reserve a proportion of them for Challengers (‘Restricted Tenders’)
the regulator’s determination of which upcoming tenders would be Restricted Tenders would take into consideration Challenger capacity and capability to carry out the audits and whether the FTSE 350 company would be able to comply with the prevailing tendering and audit requirements if it ran a Challenger-only audit tender. The regulator would not identify a particular Challenger that could carry out the audit, but rather consider whether the cohort of Challenger firms included sufficient capability to undertake the audit
the market share cap would not remove the FTSE 350 company’s obligation to run a competitive tender process or to hold a shareholder vote on the auditor appointment
the market share cap would not restrict FTSE 350 companies from appointing a Big Four firm to carry out a proportion of the subsidiary audits, as long as a Challenger firm was appointed as the group auditor

8.1.29 This approach acts to preserve choice and competition between the largest audit firms by not setting individual market share caps and to ensure there is independent regulator oversight and supervision of which FTSE 350 audits are reserved for Challengers.

8.1.30 The market share cap would be a temporary measure, with its removal contingent on progress towards the objective of increased choice in the FTSE 350 audit market. Periodic reviews of the market opening measures would continue to feature in order to monitor the appropriateness of the measure and overall progress. Given the length of the audit tender cycle, it is likely that the cap would need to be in place for a reasonably long period of time in order to have an impact.

8.1.31 The CMA identified several ancillary measures that could further reduce barriers to Challenger growth. Previous consultation on these measures did not generate clear or consistent support. However, as the previous consultation discussed these in the context of joint audit, the government is open to considering further if they could support the implementation of managed shared audit or a market share cap.

Question 62. How could managed shared audit be designed to incentivise Challenger firms to invest in building their capability and capacity? What, if any, other measures, would be needed?

Question 63. Do you have comments on the possible introduction in future of a managed market share cap, including on the outlined approach and principles? Are there other mechanisms that you think should be considered for introduction at a future date?

8.2 Operational separation between audit and non-audit practices

Independence and professional scepticism are key attributes when completing a statutory audit that provides investors and shareholders with the information they need to take an informed view of a company’s accounts. In its Market Study, however, the CMA concluded that the multidisciplinary structure within large firms has resulted in behavioural and financial incentives that undermine both attributes and sometimes lead to poor quality audits. The government shares these concerns and – while it recognises that a multidisciplinary structure brings advantages – has decided to take forward the CMA’s central recommendation to strengthen the oversight of audit practice through an ‘operational separation’ between the audit and non-audit sides of the firm.

Review recommendations and consultation responses

CMA Review

8.2.1 In its Market Study, the CMA considered whether the organisational structure of firms conducting both audit and non-audit work had an impact on the quality of audit engagements. They concluded that tensions can arise between a firm’s non-audit and audit functions, with the result that the greater revenue and profits accruing from non-audit work may have a detrimental impact on auditor incentives and working culture. In particular, the CMA concluded that there is a ‘one firm’ culture in multidisciplinary firms, diluting the culture of objectivity and challenge required by auditors performing a public interest function.^{[footnote 242]}

8.2.2 In response to these issues, the CMA recommended an operational split of firms, with the regulator responsible for designing specific elements of the separation and refining it over time. The CMA recommended that this proposal would initially apply to the ‘Big Four’ firms and that the regulator should consider extending elements of the operational separation principles to the challengers. The key features of this recommendation included:

the creation of a new board for the audit practice, which would be responsible for remuneration decisions and developing and maintaining audit quality standards
a requirement to produce separate financial statements that would reflect the costs of services provided by the non-audit part of the firm^{[footnote 243]}
a requirement that profits should not be shared between the audit and non-audit practice^{[footnote 244]}

8.2.3 In making these recommendations, the CMA decided against an alternative proposal that would have mandated a full structural separation between audit and non-audit functions.

However, it also noted that a re-examination of the merits of a full structural split may be necessary if an operational separation does not deliver the expected improvements.^{[footnote 245]}

8.2.4 The government consulted on the CMA’s proposals in relation to operational separation in 2019 and respondents broadly agreed with the CMA’s suggestion to create separate governance structures within firms. However, respondents disagreed with specific aspects of the CMA’s proposals, including its proposal to prevent profit sharing, which some stakeholders suggested would erode the multidisciplinary culture within firms and result in a loss of access to expert non-audit staff. Thirty-four respondents also opposed or expressed concern about the CMA’s proposal to revisit the merits of a full structural split at a later stage, while a further 19 supported it.

Government response and proposals

8.2.5 The government has taken account of the CMA’s recommendations alongside responses to the 2019 consultation and has reached the view that there is merit in taking steps to reform the balance of incentives and working culture within audit firms while maintaining their multidisciplinary structure. The government proposes to require:

the strengthening of governance within audit practices through the creation of independent Audit Boards within firms;
Audit Boards to have oversight of audit partner remuneration and ensure it is linked to audit quality;
the publication of a separate profit and loss account for the audit practice, accounting for cross subsidies between the audit practice and the rest of the firm through arm’s-length transfer pricing; and
regulatory oversight of the remuneration of audit partners, with a view to supporting policies and practices that reward high-quality audits.

8.2.6 As described in more detail below, these proposals share many of the key elements of the CMA’s recommendations and will be implemented through a combination of primary and secondary legislation and by the new regulator, which will be given an appropriate statutory framework to ensure effective delivery and to make regulatory rules. The government notes that the largest audit firms are already working with the Financial Reporting Council to implement these measures on a voluntary basis by 2024. The government supports this work and welcomes the weight it places on openness, professional scepticism and judgment, and independence from influences that might divert attention away from audit quality.

8.2.7 In terms of scope, the government envisages that the measures described below will apply initially to audit firms who carry out statutory audits of 15% or more of the FTSE 350 by audit fees. This percentage could be reduced in future to create a level playing field for all audit practices in the market. However, it will ultimately be for the new regulator to determine the initial scope of these measures and then adjust it over time to reflect future changes to the structure of the market. The government also recognises that a threshold of this kind may produce unintended market distortions and would be interested in views on whether this approach might disincentivise challenger firms from scaling up operations in the FTSE 350 market. Comment on these initial proposals and alternative suggestions would be welcomed.

8.2.8 In line with the CMA’s recommendations, the government’s central proposal is to give ARGA powers to strengthen the governance of audit practices, building on the Financial Reporting Council’s principles published in July 2020. The government supports the CMA’s vision of an independent Audit Board (consisting of an independent Chair, and majority of independent non-executives with appropriate skills and seniority) focused on creating a culture that supports audit quality and encourages ethical behaviour, openness, teamwork, challenge and professional scepticism. The board would be responsible for providing independent oversight of the audit practice, its audit strategy and the approval of the CEO of audit.

8.2.9 As part of these proposals, it is envisaged that the Audit Board will have delegated authority to link remuneration and career progression with audit quality, through clear quality metrics. This is in line with the CMA’s recommendations and under these proposals audit partner remuneration would be determined above all by contribution to audit quality. As a result, it is expected that auditors would stand to lose more from poor audit quality than they would gain by prioritising or assisting non-audit work.

8.2.10 Alongside these proposals, the government intends to require the publication of separate financial profit and loss financial statements for audit practices. The accounts would be required to account for material cross-subsidies by transfer pricing when the audit practice transacts with services and expertise in the rest of the firm. Such accounts would enable stakeholders to understand the true costs and profits of the audit business, and would also enable the regulator to draw on reliable published data when assessing the impact of any further regulatory interventions.

8.2.11 The final strand of the government’s proposals is to provide powers for the regulatory oversight of audit partners’ remuneration structures to ensure that partners’ incentives are effectively aligned to audit quality. The regulator would work with audit firms and their new audit boards to set the principles of what constitutes high audit quality and how it can be measured, and then provide guidance or rules on quality metrics and audit partner appraisals. The regulator would review how these principles are translated into policies by the firm’s management with oversight from the audit boards and monitor their application on an ongoing basis. The regulator will have the powers to require the provision of relevant information and make recommendations to audit boards in this regard. This is a new measure that was not part of the CMA’s recommendations, but one that the government considers will assist in achieving the goals of the proposed remedies.

8.2.12 In coming to these proposals, the government has considered carefully related recommendations from Sir Donald Brydon’s review. For instance, the government is implementing his broad proposal to require the publication of separate financial statements and disclosure of remuneration policies^{[footnote 246]}, but has opted to apply this proposal initially to firms within scope of the remedy rather than extend it to all firms conducting statutory audits of Public Interest Entities. The government has not seen evidence that the measures need widening at this stage and has concerns that this would create additional burdens for smaller firms. The government expects the regulator to monitor this question closely and to review whether it may be necessary for all auditors of Public Interest Entities to be subject to further transparency measures in future.

8.2.13 In addition, the government considered Brydon’s recommendation for audit firms to establish an independent fee setting function separated from those conducting the audit^{[footnote 247]}. It is not minded to take this recommendation forward at this time, given that the operational separation of the audit function and publication of its accounts should address the underlying rationale for this recommendation. However, the government will keep this recommendation under review as part of the efficacy and implementation review discussed in Chapter 1^{[footnote 248]}.

Future options

8.2.14 At this stage, the government has decided not to take forward the CMA’s proposal to introduce audit-practice profit pools. During the consultation, respondents raised a wide range of concerns about this proposal, with several noting that it may precipitate a separation of the larger firms by undermining their partnership model, which would in turn have negative implications for the stability of the market. The government shares this concern and, without further evidence of the internal economics within firms, does not view this element of the CMA’s proposal as proportionate at this time. Additionally, the CMA’s rationale for this remedy was that if audit partners were remunerated from the wider firm profit pool their decisions would not be solely focused on audit quality. The government considers that the measures to allow the regulator to supervise partner remuneration structures within firms will be more effective in ensuring that audit partners’ incentives are focused on audit quality. However, it will revisit this proposal at a later stage if further evidence becomes available to suggest this is needed. As a result, this element of the CMA’s proposals will fall within the scope of the implementation and efficacy review discussed in Chapter 1.^{[footnote 249]}

8.2.15 Finally, the government has noted the CMA’s proposal to revisit the option to require a full structural split once its recommendations have been implemented and had time to take effect. It also shares the CMA’s view that a full separation is not the correct option at this time and have noted the important concerns raised in the consultation about the effects that a full separation may have in raising costs, duplicating functions and creating barriers to accessing specialist expertise during ‘busy seasons’. However, other respondents supported the CMA’s proposal and the government intends to take appropriate powers to enable the regulator to deliver a full structural separation in future, subject to consultation and Parliamentary scrutiny. While it is recognised that a full split would pose significant challenges, these powers will provide the policy flexibility to act once the government and regulator have gained further evidence on the efficacy of the proposed suite of measures.

Question 64. Do you have any further comments on how the operational separation proposals should be designed, codified (in legislation and regulatory rules), and enforced in order to achieve the intended outcome of incentivising higher audit quality?

Question 65. The government proposes to require that all audit firms provide annual reports on their partner remuneration to the regulator. This will include pay, split of profits, and which audited entities they worked on. Do you have any comments on this approach?

Question 66. In the event that the government wishes to go further than the existing operational split proposals in future and implement split profit pools in line with the CMA recommendation, do you have any comments on how these can be made to work effectively?

Question 67. The government believes these proposals will meet its objectives. In the event that they prove insufficient to improve audit quality, and full separation of professional services firms is required, do you have any comments on how to make this work most effectively?

8.3 Resilience of audit firms and the audit market

The CMA’s study of the statutory audit market and the independent review of the FRC recommended a suite of measures, that taken together, would improve the resilience of individual audit firms and the PIE audit market. To give these measures effect, the government is proposing to enhance the range of statutory powers available to the regulator, so that it has a more powerful role in monitoring the resilience of individual audit firms and the PIE audit market.

Review recommendations and consultation responses

8.3.1 In relation to monitoring the audit market, its resilience, and that of individual firms, the current situation is that:

the regulator monitors and reports on developments in the PIE audit market, including on market concentration levels, risks to audit quality and measures to mitigate them, and the performance of audit committees. The regulator then reports on its findings every 3 years
the FRC has established a voluntary arrangement with the 7 largest audit firms to monitor and examine a wide range of factors within these firms for the purposes of ensuring audit quality and firm resilience. This includes assessing the firm’s leadership, governance, business models, financial soundness, and risk management
firms are asked to draw up contingency plans to mitigate the impact and risks associated with firm failure in the event they become distressed

8.3.2 Both the CMA’s Market Study and the Independent Review of the FRC recommended that the audit regulator should be given a more powerful role in monitoring audit firms from the perspective of their individual resilience and that of the PIE audit market as a whole. This chapter focuses on the competition and resilience aspects of the relevant recommendations. Chapter 9 looks at improving the regulator’s powers to monitor audit quality^{[footnote 250]}; and Chapter 10 sets out the regulator’s proposed competition objective^{[footnote 251]}.

Review recommendations and consultation responses

The FRC Review

8.3.3 The independent review of the FRC recommended that the government should build on the regulator’s existing market monitoring duty, by requiring it to examine broader market and competition developments, specifically including market concentration levels, risks to audit quality and measures to mitigate them, including the performance of audit committees, and other matters relevant to the effectiveness of competition. To support this, the review recommended that the regulator should be given powers to undertake this monitoring; require audit firms to provide the necessary information; and to monitor the effectiveness of the CMA’s competition remedies ^{[footnote 252]}. This would enable the regulator to identify systemic problems in audit firms, which might in turn lead to adverse consequences for audit quality.

8.3.4 Respondents to the initial consultation on the independent review of the FRC strongly agreed, that the voluntary regime that the FRC has established, should be put on a statutory footing and that those carrying out the work should have a sufficient level of seniority and experience. One respondent commented that the proposals should ensure the regulator had sufficient powers to carry out its market monitoring duties.

The CMA Review

8.3.5 The CMA Review found that there was very little choice in the market for the provision of statutory audits to FTSE 350 companies, which is dominated by the ‘Big Four’ audit firms. It concluded that while the risk of one of these firms failing was small, there would be significant adverse impacts if it were to happen. Choice would be significantly restricted, which would further undermine competition and might lead to a decline in audit quality. This led the CMA to conclude that the FTSE 350 audit market lacked resilience.

8.3.6 To address these concerns, the CMA Review recommended that the regulator should be given powers to obtain the information it needs to monitor the health of the ‘Big Four’ audit firms, and to intervene, as necessary. The suggested powers of intervention included giving the regulator powers to take executive control of an audit firm to prevent its failure and to take action to lessen the adverse impacts on competition - for example, by preventing the failing firm’s clients or employees from moving to another Big Four firm. The CMA Review considered that these powers could work alongside those recommended by the FRC Review to enable the regulator to monitor the largest audit firms.

8.3.7 The initial government consultation on the CMA Market Study asked what factors the regulator should take into account when considering action in the case of a distressed audit practice (Question 15), what powers the regulator should have in those circumstances, and (Question 16) what the regulator’s duties should be in exercising them.

8.3.8 Respondents commented that proposals should take account of how an audit firm’s assets were different in nature to other firms, due to the Limited Liability Partnership (LLP) structure. Further, that its brand name and retaining existing clients and employees were considered essential to the success of an audit firm. Overall, it was suggested that increased powers to monitor the largest audit firms were likely to be helpful, including the power to require firms to work with the regulator on contingency planning and risk management, but that powers to intervene directly should be judged carefully and should be limited. Comments included that the regulator had a pivotal role to play in ensuring an ongoing functioning market, and that exceptional intervention powers may be necessary for emergency situations. These included proposals to limit the movement of clients or staff of failing larger firms. Other respondents, however, felt that these proposals could contravene the human rights of clients and staff, and restrict market operations, and therefore should not be implemented.

Government response and proposals

Strengthening the regulator’s monitoring of audit firms and the audit market

8.3.9 The government welcomes the recommendations by the CMA and the independent review of the FRC. As has been set out in the narrative of this document, the financial health of public interest entities is of key importance to everyone, not just shareholders and investors, but employees, creditors, and the public at large. The government therefore believes that the regulator needs to play a key role in monitoring the health of this important sector of the economy, as well as the audit firms, whose role it is to scrutinise their financial health and provide assurance to the market.

8.3.10 In recent years the consequences of large corporate failures such as BHS and Carillion have been evident. Corporate failure will always be a fact of life in a well-functioning economy, as much as corporate creation is. However, it is important that these events can be avoided where possible or mitigated appropriately, to minimise the risks to investors and other stakeholders. Key to this is good quality audit. Increasing concentration and loss of choice in the audit market has had an adverse impact on quality; this trend cannot continue.

8.3.11 The government believes that the regulator should be equipped with powers to monitor the health of auditors, including sufficient powers to address concerns in an audit firm’s resilience. However, it is acknowledged that there is no feasible way to remove the risk of auditor failure in its entirety. Therefore, the measures proposed below aim to provide appropriate powers for the regulator to find and address issues of resilience without directly interfering in the effective functioning of the market.

8.3.12 The FRC already has a duty to monitor developments in the PIE audit market including in relation to resilience and market concentration levels. However, the FRC does not currently have sufficient powers to demand the information it needs from audit firms. The government agrees that this duty should be maintained and extended to cover the whole statutory audit market, requiring ARGA to monitor and regularly report on competition and developments in the broader statutory audit market^{[footnote 253]}; and giving ARGA appropriate information gathering powers to carry out that role effectively^{[footnote 254]}.

8.3.13 The government proposes to give the regulator the power to carry out market studies under Part 4 of the Enterprise Act 2002, which it will exercise concurrently with the CMA. It will exercise those powers in relation to the statutory audit market in respect of which the regulator will have sector-specific expertise and access to a wide range of information at the market and firm level, thereby enabling it to assess market-wide competition issues. Having conducted a market study, the regulator will also be able to make a referral to the CMA to conduct a full market investigation.

8.3.14 In addition, the government proposes to give the regulator powers to take enforcement action to address anti-competitive practices and an abuse of dominant position within the statutory audit market, under the Competition Act 1998. Several sectoral regulators such as the FCA and the Payments Systems Regulator already have similar competition powers, which they exercise concurrently with the CMA in respect of the sectors which they regulate. The government proposes to give ARGA similar reactive powers to address anti-competitive practices^{[footnote 255]}, and any abuse of dominant market position^{[footnote 256]}, within the statutory audit market.

8.3.15 The government also agrees with the recommendation from the FRC Review that the FRC’s existing voluntary firm monitoring arrangement with the 7 largest audit firms should be supported by legislation^{[footnote 257]}, by giving the regulator appropriate powers to require information and examine PIE audit firms, to identify any systemic issues that might have adverse consequences for either audit quality or firm-level resilience. This will include powers that require audit firms to provide information about their ongoing financial viability, including in relation to their performance, risk management, internal controls, financial resources, budgets and insurance arrangements, so that the regulator can assess any potential risk of financial distress and the likely impact of failure.

8.3.16 The government proposes to give the regulator the power to commission an expert review of PIE audit firms. This will enable the regulator to receive expert information about particular aspects of firm activities (those covered by the regulator’s monitoring activities), if it has concerns or requires further analysis. The fees for the report would be payable by the audit firm. Details of this mechanism, as it applies to PIE audit firms, is outlined in Chapter 11 below.

8.3.17 However, the government also considers that further measures are necessary. It shares the concern of the CMA Review that the FTSE 350 audit market lacks resilience, and that there is a need to put further safeguards in place to mitigate the risk of audit firm failure. While the risk of failure of a large audit firm is relatively low, any failure would lead to an even more severe lack of choice for FTSE 350 companies. The market opening measures set out in this document^{[footnote 258]} will have the biggest impact on the resilience of the FTSE 350 audit market, by introducing new participants to the market. However, it will take time for new entrants to grow to a scale where they could step in if a large audit firm failed. The government therefore believes that preventative measures are needed to minimise the risks of firm failures from occurring.

8.3.18 One risk to large audit firms is through legal liability and consequential cashflow problems. Audit firms currently protect themselves from these risks through a combination of commercial and in-house ‘captive’ insurance. These arrangements are understandably opaque due to their commercial and legal sensitivity. The government respects that need for confidentiality but believes that the regulator needs to understand these arrangements in order to assess the resilience of the market as a whole. Therefore, the government proposes to give the regulator powers to secure information on audit firms’ wider insurance arrangements as well as their capital reserves. These include obtaining details of the structure, reinsurance arrangements and solvency of the overseas captive insurers that are used by the UK firms.

8.3.19 Alongside this, the government also intends to ensure that the regulator can act if they are concerned that an audit firm’s contingency plans are insufficient, or if the firm is exposing itself to undue risk. The government therefore proposes to give the regulator powers to require audit firms^{[footnote 259]} to address any viability concerns that are identified. This would include requiring firms to put in place appropriate plans to address viability risks identified, for example modelling distress scenarios, maintaining and testing effective contingency plans (including for the loss of key staff, clients, reputational damage, network contagion and major operational incidents and on financial stability, for example). These plans would ensure that firms have appropriate strategies in place to avoid failure, and that risks to audit firms’ viability are being properly assessed and managed by those firms.

8.3.20 Finally, the government is considering whether to give the regulator powers to mandate minimum insurance levels and capital requirements. This would include the regulator having the ability to mandate that a minimum proportion of insurance is secured commercially to ensure that the insurance cover for the audit part of the business is sufficiently robust. Given the sensitivity of these financial arrangements, the government proposes that any statutory requirements imposed by the regulator will remain confidential between the regulator and the audit firm and are not to be disclosed publicly. The government recognises that this proposal would increase the cost of audit firm insurance and welcomes views on this proposal.

Regulatory approach in the event of an audit firm failure

8.3.21 The CMA’s final report recognises that resilience will be supported by building challenger capacity and thereby enabling a more ‘normal’ dynamic in which if a firm is failing as a result of poor quality, it will be replaced by another better performing firm^{[footnote 260]}. But it recommended that – until that is the case – if a ‘Big Four’ firm was likely to fail the regulator should have the power to take executive control of the distressed firm to limit the movement of clients to the remaining ‘Big Three’ firms. The government does not agree with this proposal.

8.3.22 The proposals above, set out substantial but proportionate actions, to develop preventative measures to reduce the risk of a firm failure, but the government disagrees that the regulator intervening to take over the running of an audit firm – albeit on a temporary basis – would be proportionate or effective. Audit firms are not, for example, guardians of individual deposits or essential infrastructure in the same way as banks or energy producers; and such an intervention would result in a private company being run by and its assets being acquired by the regulator. It is also not clear how this could be achieved without significant knock-on impacts on the freedoms of partners and staff to exercise choice in where they worked, and in the choice of audit clients. Furthermore, the government does not consider that the regulator would be better placed to deliver a successful recovery than the owners and partners of the firm, or its international network.

8.3.23 Therefore, the government considers that the intervention to achieve a ‘managed collapse’ scenario is not realistic, nor best served by regulatory intervention. Instead, in the event of an acute firm failure, the government believes that the audit market is best placed to ensure the continuation of service for corporate clients.

8.3.24 However, one major concern of a firm failure is that clients and employees will automatically migrate to one of the remaining large audit firms, leading to further concentration of the market. This would clearly be undesirable. The government therefore proposes that the regulator’s reserve power to introduce a market share cap could be activated if an acute firm collapse were under way. The power could be used to limit the proportion of audit clients which could be taken on by the remaining large audit firms and would create further opportunities for challenger firms. The government also considers that this would have a determinative effect on the choices of the failed firm’s audit partners and staff; they are likely to go where the work goes. As set out in section 8.3.24, the government would expect the regulator to consult on the detailed design and operation of the market share cap, to prepare for its operation in the event of a sudden failure. This will enable the regulator to test its proposed implementation of these measures before they are introduced.

8.3.25 The government will review the effectiveness of these statutory measures through a Post-Implementation Review, as set out in section 1.2.8 of this document. This review will assess the success of these legislative measures against its stated aims, including in promoting competition and boosting resilience of the statutory audit market and it will also consider whether additional intervention is needed to deliver against those aims.

Question 68. Do you have comments on the proposed measures? Are there any other measures the government should consider taking forward to address the lack of resilience in the audit market?

8.4 Additional competition proposals from the CMA

The CMA’s Market Study also suggested 5 smaller interventions to improve competition that may be worthy of further consideration by the government and ARGA but did not form part of its core package of remedies.^{[footnote 261]} The government has considered these interventions and, in view of the scale of reform throughout this document, has chosen to not to pursue these measures at this time.

Review recommendations and consultation responses

8.4.1 The CMA’s first proposal was to introduce a remuneration deferral and clawback mechanism whereby awards to partners could be deferred, with a portion of the award vesting in subsequent years. The retained amounts could be subject to a clawback provision, giving the option to the Audit Board to reduce payment. This would aim to discourage irresponsible risk-taking, lack of effective oversight and short-termism, in a similar way to the framework introduced in the financial services sector in 2015. The proposal was suggested as a supplement to the CMA’s operational separation recommendation if the regulator considered it necessary to strengthen the remedy package at a later stage.

8.4.2 The CMA’s second suggestion involved reconsidering the current requirement for audit firms to be majority owned by qualified auditors and/or approved audit firms. Although the CMA did not develop or analyse this proposal, they noted that a liberalisation of ownership rules could, in theory, encourage greater capital investment by new entrants and challengers. On the other hand, they noted that these potential advantages would need to be weighed against potential impacts on independence.

8.4.3 A third proposal related to technology licensing, which the CMA suggested might be co- ordinated across the audit sector with the assistance of ARGA or the professional bodies. The CMA noted that access to technology has not been cited as a major barrier to growth and that compulsory licensing regimes created by either the regulator or government could deter investment and innovation. However, the CMA suggested that this should be kept under review in case technology proves to be an increasing barrier to competition in future.

8.4.4 Fourth, the CMA received information during its Market Study that barriers to challenger firms growing could be reduced if notice periods for partners and senior staff in Big Four firms were reduced and if non-compete clauses were limited in scope.^{[footnote 262]} As a result, the CMA suggested that ARGA may wish to consider whether to create rules to limit or provide consistency in the application of notice periods across the Big Four firms.^{[footnote 263]}

8.4.5 Finally, the CMA noted that the BEIS Select Committee had recommended that the government revisit current rules that require PIEs to carry out a tender every 10 years and to change an audit firm at least every 20 years.^{[footnote 264]} The BEIS Select Committee recommended a fixed term of 7 years,^{[footnote 265]} but the CMA did not consider this proposal in detail as they did not find evidence that a lack of tendering opportunities was a barrier to expansion for challenger firms.

8.4.6 Stakeholder views on each of these proposals are summarised in the separate document that accompanies this publication, which summarises responses to the government’s initial consultation on the CMA’s Market Study.

Government response

8.4.7 Taking each of these proposals in turn, the government is committed to strengthening the connection between audit partner remuneration and audit quality. Rather than introduce the CMA’s first suggestion for a deferral and clawback mechanism, the government has chosen to prioritise its central measures, including the proposal described above to require an operational separation between the audit and non-audit functions within multidisciplinary firms. These proposals include the creation of an audit board, which would be responsible for overseeing audit partner remuneration and ensuring that it is strongly linked to audit quality. The government has also noted stakeholders’ observations that a clawback mechanism may be disproportionately complicated to administer within the context of a Limited Liability Partnership. It also notes the observation from some stakeholders that the auditing and financial service sectors operate in different contexts, and that concerns around short-term financial decision-making are more acutely felt in the financial services sector.

8.4.8 With respect to ownership rules, the government agrees that there may be benefits to liberalisation, and that amendments to the current regime may, in theory, encourage new entrants into the market. However, the government believes that the larger issues around the structure of the audit market and the barriers faced by challenger firms in winning tenders with FTSE 350 companies are more significant at this time. The government has therefore chosen to prioritise the measures outlined above, and is mindful that several respondents expressed concern that the principles of independence and professional scepticism could be undermined if ownership rules are relaxed. The government will re-assess the recommendation to amend ownership rules as part of the efficacy and implementation review that will take place once its central measures have been implemented.

8.4.9 Turning to the CMA’s remarks regarding technology licensing, the government would support any voluntary efforts from the sector to facilitate technology sharing. The government does not propose to pursue mandatory requirements, however, and shares respondents’ concerns that regulatory requirements would be undeliverable in the context of the global licensing arrangements within the major audit networks.

8.4.10 With respect to notice periods and non-compete clauses, the government would welcome voluntary efforts that the sector may wish to pursue, either to ensure consistent practice across firms or to ease the transfer of senior staff. At this stage the government does not intend to intervene in the market at the micro level of employment contracts for the audit sector and has chosen to prioritise the managed shared audit proposal described above, which will be the primary mechanism by which challenger firms build capacity and expertise to win tenders for audit engagements by FTSE 350 companies. Responses to the 2019 consultation did not suggest that non-compete clauses were a major impediment to the growth of challenger firms. However, readers of this document should note that the government is currently consulting on possible measures to reform post-termination non- complete clause across the economy. Interested parties are encouraged to respond to that consultation before 26 February; the government will consider responses within the broader context of audit market reform proposals.^{[footnote 266]}

8.4.11 Finally, the government does not intend to shorten tendering and rotation periods when legislating to create ARGA at this time, though this proposal could be subject to review as part of the efficacy and implementation review that will take place once the government’s central proposals have been implemented. The government agrees with those respondents who argued that further time is required to assess the impact of the 2016 regulations that introduced the current 10 and 20 year limits: as a result, there is insufficient evidence that the perceived benefits of shorter periods would justify the increased tendering costs.

Question 12

9 Supervision  of audit quality

Accepted Answer

As the body that will promote high quality audits in the UK, the government aims to ensure that the regulator’s responsibilities and powers will allow it to do this effectively. This Chapter covers the regulator’s role in supervising statutory auditors and audits to ensure their quality, including the approval of auditors and audit firms carrying out audits of public interest entities, monitoring the quality of their audits and responding to shareholder concerns relating to individual audits, and regulating component audit work undertaken outside the UK. It mainly relates to recommendations of the FRC and Brydon Reviews.

9.1 Approval and registration of statutory auditors of PIEs

The FRC Review was concerned that the delegation of the approval and registration of statutory auditors leaves the regulator without sufficient power to act where systemic quality issues are identified. The Review called for approval and registration to instead by carried out by the regulator, which would be able to impose a range of sanctions.

9.1.1 Recognised Supervisory Bodies (RSBs) – professional accountancy bodies recognised by the FRC^{[footnote 267]} – currently determine whether individuals and firms are eligible for appointment as a statutory auditor and register those who have been approved as eligible for appointment. The FRC have delegated those tasks to the RSBs further to a direction issued by the Secretary of State requiring that the tasks be delegated other than in certain circumstances (for example, where the FRC agrees with the RSBs that the task should not be delegated).^{[footnote 268]}

9.1.2 The FRC Review was concerned that the delegation of the approval and registration of statutory auditors and audit firms conducting audits of Public Interest Entities (PIEs) leaves the regulator without sufficient power to act in relation to firms where systemic quality issues in respect of audits are identified. It concluded that the approval and registration of audit firms carrying out PIE audits should instead be carried out by the regulator, and that the regulator should have the power to impose an appropriate range of sanctions less severe than audit firm deregistration in support of this role.^{[footnote 269]}

9.1.3 In its initial consultation on the Review, the government welcomed the recommendation to review the arrangements for approval and registration of the PIE audit firms, as well as the sanctions that should apply to those firms.

9.1.4 Only a limited number of responses were received on this issue, largely from those directly affected. Responses from audit firms included:

questioning whether there were any problems with audit registration in practice;
suggestions of duplication and inefficiency should audit firms conducting both PIE and non-PIE audits have to seek approval and registration from both the regulator and an RSB; and
concerns about the possible creation of a barrier to entry to the PIE audit market for some challenger firms.

9.1.5 An RSB that registers PIE audit firms under current delegation arrangements strongly disagreed with the Review’s recommendation. The body stated it could not identify the problem being solved and suggested the Review had failed to give due account to the independence of the body’s audit registration committees. Other such bodies indicated support for the new regulator being concerned with the entire regulatory process relating to PIE audits. One professional body cautioned against any unintended impacts on challenger firms.

9.1.6 The government has concluded the regulator should carry out the task of determining whether individuals and firms are eligible for appointment as statutory auditors of PIEs, rather than continuing the present delegation of this task to the RSBs. The RSBs would continue to carry out the delegated task of determining whether individuals and firms are eligible to be appointed as statutory auditors of non-PIE entities.

9.1.7 The government considers it a priority for the regulator to reclaim the task of determining the eligibility of individuals and firms to carry out PIE statutory audits so as to raise the quality of those audits. It further considers that the concerns raised by consultees to date can largely be mitigated by the FRC consulting with RSBs on the design of the new regime.

9.1.8 The FRC Review recommended that the regulator should also be responsible for keeping the register of firms that have been approved as being eligible for appointment as a statutory auditor. The government considers that the task of entering ARGA-approved individuals and firms onto the register of statutory auditors should fall to the RSBs, which are better placed to carry it out.

9.1.9 An important cause of poor quality audits is weak performance by the lead auditor with overall responsibility for the audit. Although the FRC Review’s recommendations focused on the approval of firms, the government considers that in order to improve the quality of PIE statutory audits, it is important that the regulator directly approves both the individuals and firms which carry out PIE audits.

9.1.10 The FRC is working with the government to develop proposals on how it would carry out the function of approving individuals and firms as eligible to carry out statutory audits of PIEs, and will consult with the affected audit firms and RSBs. The government intends to revoke the current direction requiring the FRC to delegate these and other tasks to the RSBs other than in certain circumstances. This will give the FRC greater autonomy as to the regulatory tasks it chooses to perform directly in relation to the oversight of statutory auditors, and those which it considers should be delegated to the RSBs. Further legislative changes may follow in due course.

Question 69. Do you agree with the government’s approach of allowing the FRC to reclaim the function of determining whether individuals and firms are eligible for appointment as statutory auditors of PIEs?

9.1.11 The FRC Review also recommended that the regulator should have the power to apply a range of sanctions in relation to PIE auditors to enable it to carry out its new role effectively.^{[footnote 270]} The initial consultation on the Review noted however that the FRC already has a range of sanctioning powers in relation to PIE audits, and not just audit firm deregistration.^{[footnote 271]} The government does not therefore consider any changes to the FRC’s sanctioning powers are needed as a consequence of the FRC reclaiming this function. It will be for the FRC to consider whether any changes are needed to the criteria and process under which persons are approved as eligible to carry out PIE audits in consequence of them taking on this new role^{[footnote 272]}.

9.2 Monitoring of audit quality

The FRC Review commended the value of the FRC’s monitoring of audit quality but noted that this continues to identify shortfalls in audit quality. The Review called for additional transparency around the results of the regulator’s quality monitoring, currently reported annually.

Inspection of statutory auditors

9.2.1 The FRC is required to carry out inspections of statutory auditors of PIEs.^{[footnote 273]} The FRC has also retained responsibility for carrying out inspections of statutory auditors of certain other entities.^{[footnote 274]} These inspections are known as Audit Quality Reviews (AQRs) and are required to be performed at least once every 3 years, although in some cases the inspection can be carried out every 6 years. An AQR inspection must include the review of one or more audits carried out by the auditor and assess the auditor’s compliance with relevant standards, as well as the resources allocated to statutory audit work, the firm’s internal quality control system, and the remuneration received in respect of statutory audit work.^{[footnote 275]}

9.2.2 The FRC reports on the results of AQR inspections, including information on recommendations issued and any follow-up action it has taken.^{[footnote 276]} The reports are shared with the relevant audit firms on a confidential basis by the FRC before being finalised.^{[footnote 277]} In the case of the 7 largest UK Audit firms, which are inspected annually, the FRC also issues a public report on these inspections. In this regard the FRC is one of the most transparent international audit regulators. AQR inspection reports on individual audits reviewed are also issued to the audit firms who conducted the audit, and, on a confidential basis, to the audit committee chair of the audited entity. The FRC is required to publish aggregated information on the findings of its inspections but there is no requirement to publish AQR inspection reports on each individual audit reviewed. In addition, the FRC occasionally publishes thematic reviews that look at audit firms’ policies and procedures in specific areas or aspects of the audit, or firm-wide procedures. This is to make comparisons between firms to identify good practice and areas of common weakness. The government welcomes the regulator continuing to publish thematic reviews and will ensure that ARGA is able to do likewise.

9.2.3 The FRC Review noted that listed companies and investors would like access to audit quality inspection findings on each individual audit reviewed. It recommended that AQR reports should be “published in full” upon completion. The Review also acknowledged that this would be a major step, and that as an interim step, AQR reports should be published on an anonymised basis.^{[footnote 278]}

9.2.4 In response to the government’s initial consultation, while a small number were strongly in favour of the Review’s recommendation to publish AQR reports in full, many respondents expressed concerns and proposed anonymised publication of AQR reports as their preferred solution. A significant number of stakeholders questioned the practicality of disclosure in full of individual AQR inspection reports, even if they were anonymised. Respondents did not challenge the Review’s conclusion that greater transparency is needed with regards to audit quality findings, but some expressed scepticism that the reports would deliver information useful to investors.

9.2.5 The government agrees with the FRC Review that full publication of AQR reports is a major step, and so interim steps should also be considered. In the initial consultation, the government committed to work with the FRC to develop an appropriate way to publish AQR inspection reports on individual audits in full, to help achieve a proportionate and transparent AQR system. The FRC has since tested anonymisation of a sample of AQR reports, in line with the FRC Review’s recommendation, but has found the level of redaction required results in anodyne reports likely to be of limited use to investors. This would not meet the aims of the Review.

9.2.6 The FRC has instead developed a revised, publishable reporting template for summarising the key findings of an individual AQR inspection in order to fulfil the intention of maximum transparency. The FRC is planning to publish the results of all AQR inspections (including an assessment of the quality of the audit work) of individual audits using this revised reporting template where consent is obtained from both the audited entity and the audit firm. The government welcomes this ongoing work but is concerned that its effectiveness will be constrained by the regulator’s need to seek consent from the audit firm and the audited entity for publication of its AQR inspection report, in any form.

9.2.7 The government recognises that publication of AQR reports even in summary form could result in the inappropriate disclosure of sensitive information, for example, commercially sensitive information relating to the audited entity or information subject to legal professional privilege. Disclosure of this information might undermine the willingness of audited entities to co-operate with their auditors.

9.2.8 To ensure higher levels of transparency as to the performance of PIE auditors, the government intends to legislate to allow AQR reports on individual audits to be published by the regulator without the need for consent from the audit firm and the audited entity. The regulator will be free to decide whether this is publication ‘in full’ or in summary form. The government will put in place safeguards to prohibit the publication of sensitive information about audited entities.

9.2.9 These proposals would operate in addition to those set out in Chapter 7 on the Audit Firm Monitoring Approach (which the government proposes should be put on a statutory footing). As well as enabling the regulator to examine firms’ practices from the perspective of firm-level resilience, this statutory supervision will also allow the regulator to monitor the governance and financial health of those firms to address systemic issues which may have adverse consequences for audit quality.

Question 70. What types of sensitive information within AQR reports on individual audits should be exempt from disclosure?

Question 71. In addition to redacting sensitive information within AQR reports on individual audits, what other safeguards would be required to offer adequate protection to the entity being audited whilst maintaining co-operation with their auditors?

Shareholder ability to raise concerns on individual audits

The Brydon Review was concerned that shareholders lacked a confidential channel through which to raise concerns about individual audits, and called for a mechanism to be established to facilitate shareholder engagement with the regulator.

9.2.10 In addition to the regulator’s own monitoring of PIE auditors, the Brydon Review recommended that shareholders and other stakeholders with concerns about particular audits should have a safe and confidential channel through which to engage with the regulator^{[footnote 279]}. There is currently a mechanism for this to happen via the FRC’s complaints process. Whilst there are no restrictions on shareholders approaching the regulator, the perceived lack of assurances about confidentiality mean that this rarely happens in practice. Shareholders have the ability to raise concerns about this informally via the FRC‘s Stakeholder Engagement team.

9.2.11 The government expects the regulator to publicise the existing channels through which shareholders are able to raise issues regarding individual audits, and publicise the confidentiality of the complaints procedure. This would be consistent with ARGA’s new general objective^{[footnote 280]} to protect the interests of investors and other users of corporate reporting.

9.3 Regulating component audit work done outside the UK

The FRC Review identified a potential source of difficulty with monitoring audit quality in situations where a UK group auditor depends on the work of one or more auditors of overseas components in relation to a UK entity’s group accounts. The review called for the FRC’s monitoring approach in respect of the work of overseas component auditors to be changed, on a risk-based basis.

Reviewing the audit work of overseas component auditors

9.3.1 A UK-registered entity may have components^{[footnote 281]} overseas that form part of its group-level financial statements^{[footnote 282]}, and it is possible the component audit work was conducted overseas by component auditors^{[footnote 283]}. The FRC does not have any direct remit to inspect the audit work performed by the auditors of overseas components, unlike the United States’ Public Company Accounting Oversight Board (PCAOB). Currently, the scope of AQR reviews of UK group audits only includes the review of working papers^{[footnote 284]} for selected significant UK components, having regard to the requirements of auditing standards: in particular, ISA (UK) 600: Special considerations — audits of group financial statements (including the work of component auditors).

9.3.2 In the initial consultation the government indicated that the FRC would immediately take forward FRC Review recommendation 21 to change its approach to examining the quality of component audit work conducted overseas. In response to this recommendation, the FRC’s AQR team is now reviewing working papers for a small number of significant overseas components, selected using a risk-based approach, in order to assess the work performed by the UK group auditor and their reporting in respect of overseas components. The FRC considers that access to overseas component working papers is important to the FRC’s overall assessment of the quality of UK group audits and that its AQR process will be more effective as a result.

9.3.3 This is only currently possible as the RSB rules^{[footnote 285]} provide that where a UK audit firm undertakes an audit of a UK group, the UK audit firm must make arrangements for the non- EEA component working papers to be available, upon request, for the regulator’s inspection of the UK audit firm’s work.

9.3.4 The government does not consider it is appropriate for the regulator to rely on other bodies’ rules in order to carry out its regulatory functions effectively. In addition to future-proofing, a direct power for the regulator will provide clarity on the third country component working papers in scope following the end of the Transition Period.

9.3.5 Therefore, the government intends to provide the regulator with its own powers to require a UK group auditor to provide it with access to overseas component working papers, instead of relying on the RSB rules, in order to enable the regulator to assess more thoroughly how well the UK group auditor has discharged its responsibilities.

Ability to enforce against auditors of overseas components

9.3.6 The Review suggested that the “international reach of the regulator’s statutory audit enforcement should be extended on a risk-based basis”^{[footnote 286]}. In the UK, the UK group auditor bears the full responsibility for the auditor’s report on the UK group financial statements. The FRC’s regulatory and investigative functions focus on whether the work performed by the UK group auditor complies with the relevant audit requirements, particularly ISA (UK) 600.

9.3.7 Under the proposed power for the regulator to access overseas component working papers, where those papers are accessed and examined as part of an AQR inspection, the regulator might have concerns about the UK group auditor’s engagement with the overseas component auditors, or could identify a potential breach by the UK group auditor of a relevant audit requirement. In these cases, it is intended the regulator could investigate and, if appropriate, take enforcement action against the UK group auditor under existing audit enforcement procedures. The government considers enforcement action against the UK group auditor is appropriate, and there are sufficient powers to enable this. In addition, the regulator could continue to refer concerns about the work of overseas component auditors to the relevant overseas audit regulators, where permissible and applicable.

Question 72. Do you agree with the government’s approach to component audit work done outside the UK? How could it be improved?

9.4 The application of legal professional privilege in the regulation of statutory audit

The FRC has identified that its inspections and investigations of statutory audit risk are being hampered because certain documents that may be crucial to the auditor’s work are in some cases inaccessible to the regulator, since they are covered by the audited entity’s legal professional privilege. The government is seeking input as it considers whether a proportionate and effective solution is possible.

9.4.1 Legal Professional Privilege (‘LPP’) provides special legal protection to certain confidential communications between a client and their lawyer, as well as communications and documents generated in the context of litigation. It enables lawyers and their clients to communicate freely without fear of prejudice. The government recognises that it is essential that LPP be properly protected as an indispensable component of an effective and fair justice system. Any reform would have to be made in accordance with the law, including convention rights.

9.4.2 The FRC is – and in due course the new regulator will be – responsible for inspecting and, where appropriate, investigating the audits of public interest entities and other large companies. The consequences of this inspection and investigation impact directly on the auditor, not on the audited entity. The regulator needs to be able to access the material on which an auditor has based their opinion in order to assess whether the auditor has performed their functions properly.

9.4.3 Companies may from time to time make judgements in their accounts which are based on legal advice (for example, as to the likelihood of the company being exposed to successful litigation). The government understands that audited entities tend to provide that advice to their auditor where it may help to evidence the basis upon which those judgements have been reached^{[footnote 287]}.

9.4.4 The FRC is however unable to obtain any documents belonging to the audited entity where they are subject to LPP^{[footnote 288]}, unless the audited entity agrees. This includes documents which the audited entity has voluntarily disclosed to its auditor and may have informed the auditor’s opinion on the company’s accounts. The government is concerned that it may be difficult or impossible for the FRC properly to inspect or investigate the audits of those companies without accessing all the information, including the audited entity’s privileged information, which the auditor has relied upon in reaching their opinion. The FRC is reliant on the audited entity agreeing to waive privilege, which they may be unwilling to do. In some cases companies have agreed to waive privilege but only for the purpose of inspection, not investigation. This potentially limits the FRC’s effectiveness as a regulator.

9.4.5 At the same time, the government recognises that it is essential to preserve the principle that lawyers and their clients should be able to communicate freely and without fear of those communications being disclosed to the client’s prejudice. The government recognises that the principle of LPP is a fundamental right and a cornerstone of the rule of law; the government is concerned to ensure that any solution does not have a chilling effect on the willingness of audited entities to seek legal advice, or undermine the relationship between companies and their auditors.

9.4.6 The government is clear that any measures to address the problem would need to be targeted only at documents belonging to the audited entity that had already been shared with the auditor. In addition, if the regulator were able to see privileged information, it would need to be strictly limited in circulation and purpose, with appropriate safeguards.

Question 73. Do you agree that it is problematic if documents that the auditor reviewed as part of the audit are unavailable to the regulator because of the audited entity’s legal professional privilege? If so, what could be done to solve or mitigate this issue while respecting the overall principle of legal professional privilege?

Question 13

10 A  strengthened regulator

Accepted Answer

The FRC Review concluded that the FRC should be replaced with a new statutory regulator with clear statutory powers and objectives. The government proposes to establish the new regulator the Audit, Reporting and Governance Authority (ARGA) by bringing forward the necessary legislation when Parliamentary time allows and welcomes the work that has already been taken forward under new leadership at FRC where legislation is not required.

ARGA will have clearly defined roles and powers and will be empowered to exercise its expert judgement to further its objectives. This Chapter sets out the proposed objectives and governance arrangements for ARGA, as well proposals to fund the regulator through a statutory levy.

10.1 Establishing the regulator

The government intends to introduce legislation to create the stronger regulator recommended by the FRC Review as soon as Parliamentary time allows. This new regulator will be named the Audit, Reporting and Governance Authority (ARGA).

ARGA will be:

established as a company limited by guarantee;
given clear statutory objectives and functions;
governed by a new, smaller board to improve effectiveness and responsiveness;
given strategic direction by government and accountable to Parliament; and
funded by a statutory levy.

10.1.1 The FRC Review recommended that the FRC should be replaced by a new independent regulator with clear statutory powers and objectives^{[footnote 289]}, and that it should be named the Audit, Reporting and Governance Authority.^{[footnote 290]}

10.1.2 As set out in its initial consultation^{[footnote 291]}, the government intends to establish a new regulator. The proposed name has already gained currency in audit and reporting. A few consultees suggested minor changes^{[footnote 292]}, but the government believes that any minor benefits which might result from those are outweighed by the recognition gained by the name already proposed.

10.1.3 ARGA, like the FRC, will be legally and operationally independent of government. However, a close relationship between the regulator and government will be needed to ensure that the government has the information it needs to shape the regulatory framework according to ARGA’s experience on the ground and that ARGA has clarity on the government’s strategic priorities.

General objective

10.1.4 The FRC Review recommended that ARGA should have the following overarching objective:

To protect the interests of users of financial information and the wider public interest by setting high standards of statutory audit, corporate reporting and corporate governance, and by holding to account the companies and professional advisers responsible for meeting those standards.

^{[footnote 293]}

10.1.5 Most consultation responses about this recommendation were positive. Some suggested the proposed objective was too narrow (e.g. exclusive of non-financial reporting) or insufficiently precise (e.g. as to who ‘users of financial information’ were). Other suggested changes included:

replacing ‘wider public interest’ with ‘protecting public confidence’;
holding ‘directors’ to account, not ‘companies’; and
adding stewardship to the scope, to reflect the regulator’s planned remit.

10.1.6 The government believes that ARGA’s general objective should not only be to further the interests of investors and other users of company accounts and reports. It should also be required to consider the wider public interest given the broader benefits to society which flow from its regulatory activities. For example, the provision of trustworthy information for investors and other users of corporate reporting supports the promotion of economic prosperity through well-functioning markets.

10.1.7 To achieve this aim, the government considers that this general objective should be more broadly framed than that proposed by the FRC Review to ensure that it remains relevant whenever ARGA is carrying out its wider policy-making functions (for example, setting standards and issuing guidance)^{[footnote 294]} . The regulator will, for example, also have functions relating to accountants and actuaries. The government therefore intends to legislate to give the regulator an overarching general objective which applies to all its policy-making functions. This would not preclude the regulator from setting out its own strategic priorities or goals to the extent that this is felt relevant to help meet its general objective.

10.1.8 The government intends to legislate to give ARGA the following general objective which will apply when it is carrying out its policy-making functions:

to protect and promote the interests of investors, other users of corporate reporting and the wider public interest.

Question 74. Do you agree with the proposed general objective for ARGA?

Operational objectives and regulatory principles

10.1.9 The FRC Review also recommended that ARGA should have a set of more specific duties to guide it when exercising its policy-making functions.^{[footnote 295]}

The FRC Review’s recommended duties for ARGA

Duties for ARGA to act in a way which:

Is forward-looking, seeking to anticipate and where possible act on emerging corporate governance, reporting or audit risks, both in the short and the longer term.
Promotes competition in the market for statutory audit services.
Advances innovation and quality improvements.
Promotes brevity, comprehensibility and usefulness in corporate reporting.
Is proportionate, having regard to the size and resources of those being regulated and balancing the costs and benefits of regulatory action.
Is collaborative, working closely with other regulators both in the UK and internationally.
Prioritises regulatory activity on the basis of risk, having regard to the Regulators’ Code.

10.1.10 Respondents to the initial consultation were broadly supportive of the duties that were recommended in the FRC Review. A minority of respondents raised concerns on one or more of the Review’s proposed ‘duties’. Issues attracting comment included:

Concerns about undue emphasis on ‘collaboration’ and relationship-building harming the independence and focus of ARGA;
The importance of ARGA being forward-looking and proactive; and
Whether the proposed competition objective is appropriate given the remit of other regulators

10.1.11 Several respondents suggested there needed to be greater clarity as to the relationship between ARGA’s objectives, its duties, and its functions.

10.1.12 In considering these responses and considering the importance and relevance of these duties to the future of the regulator, the government proposes to give ARGA 2 operational objectives: a quality objective and a competition objective. These will be supplemented by a number of regulatory principles, based on the Review’s recommended duties, to which the regulator will be expected to have regard. These are set out in further detail below. Figure 2 shows ARGA’s proposed general objective, operational objectives and regulatory principles.

Overview of ARGA’s statutory objectives and regulatory principles

General objective

To protect and promote the interests of investors, other users of corporate reporting and the wider public interest.

Quality objective

To promote high quality audit, corporate reporting, corporate governance, accounting and actuarial work.

Competition objective

To promote effective competition in the market for statutory audit work.

Regulatory principles (for ARGA to ‘have regard’ to).

Promoting innovation in statutory audit work, corporate reporting and corporate governance.

Promoting brevity, clarity and usefulness in corporate reporting. Working closely with other regulators from the UK and internationally.

Anticipating emerging corporate governance, reporting or audit risks by being forward-looking and acting proactively where possible.

10.1.13 The regulator will be required to advance either or both of its quality objective and competition objective when it is carrying out its policy-making functions. It will be for ARGA to exercise its judgement as to whether it wishes to advance its quality objective or competition objective (or both) in each case. It will only be required to advance those objectives insofar as it is reasonably possible to do so.

Quality objective

10.1.14 The FRC Review recommended that the overarching objective of the regulator should be “setting high standards of statutory audit, corporate reporting and corporate governance”. It is recognised that standard setting is highly relevant to the work of the regulator and is integral to driving up quality in those areas. Quality is also critical in driving forward and improving other areas that ARGA will regulate e.g. accountants and actuaries. The government therefore proposes that quality should be 1 of the 2 operational objectives which ARGA will need to advance whenever it is carrying out its policy-making functions insofar as it is reasonably possible. Given the breadth of the regulator, the quality objective should be extended to promote high quality audit, corporate reporting, corporate governance, accounting and actuarial work.

Competition objective

10.1.15 As set out above, the government has concluded that ARGA should have a competition objective: to promote effective competition in the market for statutory audit work. ARGA will be able to choose whether to advance this or its quality objective (or both) when carrying out its policy-making functions.

10.1.16 The FRC Review recommended that ARGA should in addition be given a ‘competition duty’^{[footnote 296]}, and the necessary powers to support that duty^{[footnote 297]}. The proposed competition duty would require ARGA to “so far as is compatible with advancing its other objectives, discharge its general functions in a way which promotes effective competition in the market for statutory audit services”. This would in effect require ARGA to prioritise its competition objective wherever possible. This broadly follows the Financial Conduct Authority’s competition duty^{[footnote 298]}. The Review was clear that strong action needed to be taken in this area given the statutory audit market is highly concentrated^{[footnote 299]}.

10.1.17 All those who responded specifically to the Review’s recommendation of a competition duty were supportive, but a couple of respondents suggested the need to wait for the publication of the CMA market study before taking a final position. The CMA study was focused on improving competition in the market to ensure better audit quality and as such was strongly supportive of the need for ARGA to have a competition duty^{[footnote 300]}. One respondent raised a concern that any competition duty could create regulatory overlap with the CMA. A further 2 respondents identified a potential tension between competition and audit quality, with one suggesting that any competition objective should be secondary to the objective of quality.

10.1.18 The government acknowledges these responses and the importance of competition to the regulator’s role. However, the government does not consider it appropriate for the regulator to have a competition duty which would have the effect of prioritising effective competition over its quality objective. Driving up audit quality should be a key priority for the regulator and it should be given as much prominence as its competition objective. There could in the future be situations where the importance of promoting quality outweighs the need to promote effective competition. Similarly, the regulator may also need to promote effective competition where the importance of doing so may outweigh the need to promote quality.

10.1.19 The government therefore proposes that the regulator should have a competition objective. It would have a duty to advance either or both its competition objective and quality objective when carrying out its policy-making functions. The approach aims to adhere to the rationale and approach recommended by the Review whilst recognising the need to give equal priority to both ARGA’s quality and competition objectives.

10.1.20 The government is confident that this objective, considered alongside the competition enforcement powers that ARGA will exercise concurrently with the CMA as set out in 8.3.13, plus the sector-specific powers that are proposed in response to the recommendations of the CMA Review^{[footnote 301]}, will ensure ARGA places sufficient focus on promoting effective competition in the statutory audit market. The proposed competition enforcement and sector-specific powers will be exercised separately to ARGA’s objectives which will apply only to its policy-making functions.

Regulatory Principles

10.1.21 The government considers that a number of the ‘duties’ which were suggested by the FRC Review (see Table 1) can be addressed by requiring that ARGA have regard to certain regulatory principles when carrying out its policy-making functions. Based on those proposed by the FRC Review, these should at a minimum include:

promoting innovation in statutory audit work, corporate reporting and corporate governance;
promoting brevity, clarity and usefulness in corporate reporting;
working closely with other regulators from the UK and internationally; and
anticipating emerging corporate governance, reporting or audit risks by being forward- looking and acting proactively where possible.

Question 75. Do you agree that ARGA should have regard to these regulatory principles when carrying out its policy-making functions? Are there any other regulatory principles which should be included?

10.1.22 The government further considers that some of the other ‘duties’ which were suggested by the FRC Review can instead be addressed by ensuring that ARGA must have regard to the Regulators’ Code when carrying out its functions^{[footnote 302]}.

10.1.23 It is thought the following duties which were proposed by the FRC can be addressed in this way:

the proposed requirement that ARGA should act in a proportionate manner, having regard to the size and resources of those being regulated and balancing the costs and benefits of regulatory action^{[footnote 303]};
the proposed requirement that ARGA prioritises regulatory activity on the basis of risk, having regard to the Regulators’ Code^{[footnote 304]}.

10.1.24 The Legislative and Regulatory Reform Act 2006 requires specified regulators to have regard to various general regulatory principles, and to the Regulators’ Code, when exercising regulatory functions. The government proposes to legislate to ensure ARGA must have regard to the general regulatory principles and Regulators’ Code.

ARGA’s functions

10.1.25 A body’s functions consist of its various powers and duties. The FRC’s functions derive from a mixture of legislation and voluntary arrangements. The FRC Review recommended that the new regulator should be given clear statutory functions in place of the current ad hoc arrangements.^{[footnote 305]} In addition, the FRC Review recommended a number of specific functions be given to ARGA in addition to its ‘core functions’.^{[footnote 306]} These may include, but are not limited to the ‘policy-making’ functions that are relevant to ARGA’s statutory objectives as outlined above.

10.1.26 ARGA’s functions will consist of existing functions which are performed by the FRC and which the Review envisaged should be taken over by ARGA, or new functions which are addressed in more detail elsewhere in the Review. The table below summarises how it is proposed that each of the FRC Review’s recommended functions should be addressed.

Table 4: The FRC Review’s recommended functions for ARGA

Functions in addition to core functions on audit and corporate reporting

	Kingman’s proposed functions for ARGA in addition to core functions on audit and corporate reporting	Existing or proposed
1.	To set and apply high corporate governance, reporting and audit standards.	The FRC already sets the corporate governance code, stewardship code and auditing standards. ARGA will continue to perform those functions. ARGA will also continue to set UK accounting standards and periodically review compliance with corporate reporting requirements.
2.	To regulate and be responsible for the registration of a new audit profession.	The government proposes that the regulator should reclaim responsibility for determining whether individuals or firms are eligible to be appointed as auditors of public interest entities.
3.	To maintain and promote the UK Corporate Governance Code and the UK Stewardship Code, reporting annually on compliance with the Codes.	The FRC already maintains and promote these Codes, and these functions will transfer to ARGA.
4.	To maintain wide and deep relationships with investors and other users of financial information.	Further to the FRC Review’s recommendations, the FRC has created and staffed a new Stakeholder Engagement and Corporate Affairs function to help facilitate wider dialogue with investors. It will be important that ARGA continues the progress which has already been made in this area.
5.	To monitor and report on developments in the audit market, including trends in audit pricing, the extent of any cross-subsidy from non-audit work and the implications for the quality of audit.	The FRC has a duty to monitor developments in the market for audits of public interest entities which will transfer to ARGA. The government has made proposals to broaden and strengthen that duty further to the recommendations of the FRC Review.
6.	To appoint inspectors to investigate a company’s affairs where there are public interest concerns about any matter that falls within the Authority’s statutory competence.	Chapter 11 sets out proposals to give ARGA the power to appoint inspectors to investigate concerns within the areas it will enforce.

^{[footnote 307]} ^{[footnote 308]} ^{[footnote 309]} ^{[footnote 310]} ^{[footnote 311]}

10.1.27 Generally, consultation respondents felt that the proposed functions were appropriate. However, some consultation respondents highlighted one or more of the Review’s proposed functions, or suggested additions. Issues attracting comment included:

Support for ARGA having stewardship functions;
Reference to how the regulator would work with relevant professional bodies^{[footnote 312]} to carry out its audit functions;
Emphasis on the importance of maintaining relationships in particular with other users of financial information;
A wish for clearer reference to the UK’s Company Law framework; and
A perceived risk of regulatory overlap with the Financial Conduct Authority and the Prudential Regulation Authority.

10.1.28 It is intended that ARGA should perform the functions which are currently performed by the FRC, subject to the changes proposed elsewhere in this document. The government agrees with the FRC Review that ARGA’s functions ought to be set out in legislation where appropriate^{[footnote 313]} rather than addressed through an ad-hoc mixture of legislation and voluntary arrangements.

10.1.29 As set out above, the government’s intention is that ARGA should have an overarching general objective together with operational objectives and regulatory principles. It is intended that those objectives should apply to ARGA when it is carrying out its policy-making functions. However, ARGA will also have a range of broader functions to which its objectives will not necessarily apply for example, when exercising its enforcement functions including in relation to competition.

Legal structure

10.1.30 ARGA will be established as a company limited by guarantee by adopting the existing legal corporate entity used by the FRC. The government considers that this approach enables ARGA to be established while minimising the transitional costs which would be involved in setting up a new statutory corporation. The government intends to bring forward legislation to rename the existing corporate entity, impose requirements as to its governance, and make provision as to the regulator’s powers and duties.

10.2 Governance

As the body responsible for setting and applying high standards of corporate governance, there is particular importance in ensuring that ARGA exemplifies and applies those standards in its own governance arrangements (and the requirements and principles that relate to its status as a statutory regulator, where relevant).

Remit letter

10.2.1 The Review recommended that the government should at least once during the lifetime of each Parliament write to the regulator setting out those matters which the regulator should consider when exercising its policy-making functions, and that the regulator should be required to respond publicly to that letter.^{[footnote 314]} The government agrees. In March 2019, the government sent to the FRC a letter setting out matters which it is expected the FRC should consider when carrying out its functions, to which the FRC has responded.^{[footnote 315]}

10.2.2 As set out in its initial consultation, the government also intends to put this process on a statutory footing and will therefore legislate to require the regulator to consider such matters as are communicated to it in a letter sent by the Secretary of State to the regulator. That letter will be published and laid before Parliament. The government will be required to send a remit letter at least once during the lifetime of each Parliament though it would be possible to do so more frequently. The regulator will in turn have a duty to respond to the government’s remit letter, explaining what they propose to do in consequence of it.

10.2.3 This is consistent with other regulators who are similarly required to consider the government’s strategic priorities or certain aspects of the government policies when exercising their functions.^{[footnote 316]} The remit letter will complement the regulator’s statutory objectives and seek to ensure that the regulator has regard to the government’s overarching policy aims when carrying out its policy-making functions without compromising its operational and regulatory independence.

Annual report

10.2.4 The FRC is required to report annually to the Secretary of State on its activities relating to the oversight of statutory auditors, and that report must in turn be laid before Parliament.^{[footnote 317]} The FRC Review recommended that parliamentary scrutiny of the regulator’s activities needed to be enhanced and that it should be required to submit an annual report to Parliament on its broader regulatory activities.^{[footnote 318]}

10.2.5 The government’s initial consultation welcomed this recommendation and indicated that legislation for such a requirement would be introduced as soon as Parliamentary time allowed. The responses to the initial consultation highlighted that there was broad support for the regulator to be held accountable, including a response that also specifically indicated support for an annual report being laid in Parliament.

10.2.6 The government intends to legislate to require ARGA to produce an annual report that is submitted to the Secretary of State and laid before Parliament. The annual report will include reporting on the regulator’s broader regulatory activities, including performance of the regulator’s enforcement function, to enable greater parliamentary scrutiny of the regulator’s work and performance.

Other relevant requirements

10.2.7 The FRC Review recommended that the regulator ought to be required to be subject to various controls to ensure appropriate scrutiny and accountability. In particular it was recommended that the regulator should be required to comply with:

the Freedom of Information Act^{[footnote 319]}; and
the provisions of Managing Public Money, the Regulators’ Code and the Public Contracts Regulations regarding procurement^{[footnote 320]}

The FRC Review also recommended that the regulator should actively promote diversity, especially in its work on corporate governance.^{[footnote 321]}

10.2.8 Respondents to the initial consultation were supportive of measures recommended to deliver greater accountability and transparency of the regulator.

10.2.9 The government welcomed the recommendations in its initial consultations. The regulator has worked to respond to those recommendations that did not require legislation. The FRC apply and are compliant with the provisions of Managing Public Money. The regulator has also implemented a procurement policy that adheres to the approach set out in the Public Contracts Regulations.^{[footnote 322]}

10.2.10 For the remaining recommended controls which require legislation, the government intends to take forward secondary legislation in 2021 to ensure that the FRC complies with the Regulators’ Code (as set out above), the Freedom of Information Act and the Public Sector Equality Duty.^{[footnote 323]} The Public Sector Equality Duty will require the regulator to have due regard for the equalities impacts of the work it undertakes, including on corporate governance.

Leadership and Board: role and membership

10.2.11 The FRC Review made a number of recommendations relating to role and membership of the board of the new regulator. In particular, it recommended that:

the board’s membership should be refreshed with members equipped with the necessary leadership skills to deliver the regulator’s expanded remit;^{[footnote 324]}
the board should be smaller in size;^{[footnote 325]}
board members should have diverse skills, experience, and knowledge so as to provide appropriate scrutiny and challenge to the executive team;^{[footnote 326]}
appointments should be approved by the Secretary of State, subject to an open and fair recruitment process, and the chair and CEO should be subject to confirmation hearings from the BEIS Select Committee, if the Committee wishes.^{[footnote 327]}

10.2.12 In the initial consultation the government conveyed that fully establishing the new regulator’s board would require primary legislation. The government also expressed that in the meantime it would not wait to put in place what will become the board of the new regulator, and accordingly that it would make changes to the present FRC Board in line with the Review’s recommendations.

10.2.13 The government welcomes the changes that have already been made to the FRC’s leadership and board. The FRC has amended its Articles of Association to ensure all non-executive appointments to the board including the Chair will be public appointments and new Ieadership has also been appointed.

10.2.14 The government proposes to bring forward legislation which will make provision as to the governance of the new regulator. The government intends that the Secretary of State will be responsible for the appointment of non-executive members including the Chair. Chairs of sub-committees will then be appointed by the board from its non-executive members.

10.2.15 In relation to the recommendation that the Chair and CEO should be subject to confirmation hearings^{[footnote 328]} the government will seek agreement from the Chair of the BEIS Commons Select Committee for the appointment of the Chair of ARGA to be subject to a pre- appointment scrutiny hearing. The government has already placed the FRC on the Public Appointments Order in Council, making it subject to regulation by the Commissioner for Public Appointments, and will seek to do the same for ARGA. The government does not intend to make the Chief Executive subject to a pre-appointment hearing, as the expectation is that they would be accountable to the board rather than to Parliament in their capacity as Chief Executive.

Committees

10.2.16 The FRC Review recommended that the government, working with the chair of the new board, should review the existing FRC committee and panel structure with a view to it being simplified.^{[footnote 329]} In the initial consultation, the government said that it would review the current board structure with the FRC and consider ways of simplifying it and bring it in line with best practice, taking forward legislation as necessary.

10.2.17 Since this initial consultation, the FRC Board has approved a new governance structure^{[footnote 330]} to take effect on 1 January 2021. The new structure gives effect to the Review’s recommendations and will be subject to periodic review.

Enforcement

10.2.18 The FRC Review recommended that the ARGA’s board exercise stronger ownership of its investigation and enforcement functions.^{[footnote 331]} In particular, it recommended that the regulator’s internal procedures should enable the board to take decisions itself on whether to launch audit investigations in exceptional cases. The Review also recommended that the regulator report on the performance of its enforcement functions in its annual report, be held accountable to Parliament through appearances before the BEIS Select Committee, and provide more information as to the outcome of concluded cases.^{[footnote 332]}

10.2.19 In the initial consultation, the government welcomed proposals for the regulator’s board to take a more significant role in overseeing and launching audit investigations.^{[footnote 333]} There was broad support for greater oversight of the regulator’s enforcement activities by the board, although there were several concerns raised over the need for the board to initiate investigations. An accountancy body was concerned that this might hinder the fairness and impartiality of enforcement activity and a Big Four audit firm questioned why it would be appropriate for the board to initiate investigatory action when the criteria for launching an investigation had not been met. It also questioned why this would be limited to audit-related enforcement matters and not enforcement matters more widely. It also suggested that such involvement by the board could also introduce a risk of pre-disposition for the enforcement team to ‘find issue’ with the subject matter and pursue an enforcement action beyond where it would otherwise have done.

10.2.20 The government agrees it is important that the board has strong oversight over the regulator’s enforcement activities. Past decisions not to investigate however have also been a result of the limited powers available to the regulator at the time. In recent years, the regulator’s enforcement powers have been significantly strengthened in relation to audits and auditors. Its powers will be further enhanced through the proposed introduction of statutory enforcement regimes for accountants and company directors. The government believes as part of its oversight role the board should be able to examine potential enforcement cases and the FRC is taking forward appropriate provisions in its procedures accordingly. The envisaged arrangements shall be appropriately constituted such that investigations continue to be undertaken in an independent and fair manner.

10.2.21 Several consultation responses also commented that the FRC’s enforcement process seemed slow. The government agrees that the new regulator should be held accountable for its enforcement performance, including by requiring it to report on the time taken to conclude investigations in its annual report and through appearances before the BEIS Select Committee where appropriate. The increased transparency shown by the regulator in relation to its enforcement activity through the introduction of an annual published review is welcomed by the government.

10.3 Funding: a statutory levy

The government agrees with the FRC Review’s recommendation that the new regulator should be funded by a statutory levy. It will give the regulator the power to levy market participants to meet the costs of its regulatory activities.

10.3.1 The FRC’s costs of carrying out its activities are currently met by market participants: those it regulates and those who otherwise benefit or are affected by its activities. They are currently met through a mixture of statutory provisions, voluntary contributions and contractual arrangements. While there are statutory powers which enable the government to raise a levy to meet the costs of carrying out a regulator’s activities, those powers can only be used in respect of grant-funded bodies. It is not intended that ARGA will be grant-funded, although this flexibility will be preserved.

10.3.2 At the moment, the costs incurred by the FRC in carrying out its regulatory activities relating to audit, corporate reporting and corporate governance are mainly met by the professional bodies and preparers of accounts.^{[footnote 334]} Around half of these costs are met by the audit and accountancy professional bodies who either have a statutory obligation to meet them^{[footnote 335]}, or do so under contractual arrangements. The remaining half is voluntarily met by ‘preparers of accounts’: these include companies listed on the London Stock Exchange, large private companies, and public sector organisations.

10.3.3 The FRC Review recommended that the regulator be funded by a statutory levy^{[footnote 336]}, on the basis that it was “inappropriate” for a regulator to have the uncertainty of reliance on voluntary contributions. The government accepted this recommendation on the grounds that it was “appropriate that the regulator should be funded by market participants”.^{[footnote 337]}

10.3.4 The FRC Review highlights, that the non-statutory elements of the FRC’s funding are very unusual for a body with statutory functions. Accordingly, the government will take forward legislation to enable the regulator to raise a levy so that it has a sustainable and independent basis to carry out its regulatory activities.^{[footnote 338]} More than three-quarters (76%) of 25 consultation^{[footnote 339]} respondents that addressed this question supported this.

Future funding arrangements

10.3.5 The funding model proposed for ARGA will need to provide a sustainable basis to enable it to carry out its regulatory functions effectively. Reflecting the views put forward in the consultation, the government proposes that the funding model should be:

Fair, funded by market participants, that is persons or bodies for which ARGA’s activities directly relate or which otherwise benefit from those activities;
Transparent, with information made publicly available on the costs and activities being funded by levy payers, and the basis for the apportionment model; and
Proportionate, to avoid any significant adverse impact on growth and competition, the levy contributions should consider factors such as the size and type of body being levied.

Process for setting the levy

10.3.6 The Review recommended that the regulator’s budget should be set by the government each year, and that government should also set the proportion of the levy payable by market participants after consulting each year.^{[footnote 340]}

10.3.7 The government intends that the regulator will be given the power to make rules requiring that market participants pay a levy to meet the regulator’s costs of carrying out its regulatory functions. Those rules would specify the market participants who will be required to pay the levy, and the amounts payable by them. ARGA will consult publicly on those rules before they are made. The government considers that in order for ARGA to maintain appropriate independence from government it is important that it should have the power to determine its own budget and levy arrangements. The regulator’s budget and proposed levy rates would be publicly consulted on by ARGA and agreed with BEIS each year in advance of the annual budget and levy rates being set, ensuring that they are appropriate.

Levy structure

10.3.8 The government and FRC consider it important that the levy is transparent, predictable and sustainable. The levy will be cost reflective and will comply with the requirements of Managing Public Money. The government’s initial view is that this might be achieved by the regulator grouping its activities into ‘activity blocks’ based on a similar approach taken by the Financial Conduct Authority and Prudential Regulation Authority. ARGA would estimate the costs of carrying out the activities which fall within each block, identify the persons or bodies who would need to meet the costs of those activities, and apportion those costs between the relevant persons or bodies within that block. In apportioning the costs between the different persons or bodies within a block, the regulator would take into account factors such as the size or nature of the market participant. The total income from the levy in a financial year will not exceed the best estimate of the costs that ARGA will incur in its role as a regulator.

10.3.9 In respect of regulatory activities relating to auditors and audits, the government and FRC envisage that firms responsible for PIE audits will contribute to ARGA’s funding on the basis that those firms will be directly regulated by ARGA. It is envisaged that recognised supervisory bodies, in performing their delegated responsibilities, will contribute on the basis that those bodies will continue to be supervised by ARGA. It is likely that regulatory activities in relation to corporate reporting and governance will primarily be funded by Public Interest Entities. Other funding groups included in the arrangements should follow from the scope of ARGA’s activities and will not be limited to, or automatically include, those groups currently contributing to FRC funding.

10.3.10 The regulator’s funding arrangements, including the power to raise a levy, will need to be flexible enough to allow it to cope with a significant increase in its expenditure due to unforeseen circumstances. ARGA would retain the right to amend the levy upward in year but this would require approval from the Secretary of State and would receive the same level of scrutiny as for changes to the annual levy. This might for example occur if ARGA needs to take forward a greater number of investigations and enforcement cases than anticipated. The government therefore intends to ensure that ARGA’s levy-raising power is flexible enough to allow it to cope with unforeseen circumstances while ensuring that there are appropriate safeguards in place to address the need for transparency and forward planning.

10.3.11 The FRC will consult in due course on the design and methodology of the levy.

Question 14

11.  Additional changes in the regulator’s responsibilities

Accepted Answer

This chapter sets out other responsibilities and powers that will complement ARGA’s role, provide clarity to those it guides and oversees and increase its effectiveness in fulfilling some aspects of the FRC’s current remit. These range from ARGA’s oversight of professional bodies to its role in assessing and promoting compliance with the Stewardship Code.

Acknowledging that some serious issues at major companies, including firm failures, could have been foreseen, the government agrees with the FRC Review that ARGA should have powers to act on serious concerns relating to corporate reporting and audit. These include proposed powers to require rapid explanation from companies about reasonable concerns identified by the regulator and to require an expert review where the regulator identifies concerns relating to a Public Interest Entity’s audit or corporate reporting.

11.1 Supervision: Accountants and their professional bodies

The FRC Review recommended that the new regulator continue to have oversight over the professional accountancy bodies but identified that the current voluntary arrangements needed to be strengthened. The FRC Review also recommended that the existing voluntary disciplinary scheme under which the regulator can take enforcement action against individual accountants be replaced by a statutory regime.

Background

11.1.1 Accountants play a fundamental role in the quality and accuracy of a company’s financial reports. Their behaviour can enhance or damage public trust in corporate Britain. They prepare reports, make key accounting judgements and their expertise and professional conduct is relied on by company directors. Whilst the largest companies in the UK are required to have their main financial statements audited, the users of other companies’ financial statements are solely reliant on the work of those companies’ accountants.

11.1.2 Anyone can call themselves an accountant and many of those who do so have no particular qualifications. There are no regulatory requirements which attach to the title of an ‘accountant’. This differs from other professions, for example with doctors and solicitors, where persons wishing to use those titles must meet regulatory requirements.

11.1.3 However, the title of ‘Chartered Accountant’ is protected by the Royal Charters of the relevant professional accountancy bodies, who can take action against individuals who are not entitled to use that title, requiring them to desist^{[footnote 341]}. In addition, there are various regulated activities which are provided by accountants where legislation requires persons performing those activities to be members of an approved professional body. Those regulated activities include carrying out statutory audit work, acting as an insolvency practitioner and providing services as an investment business.

11.1.4 The accounting profession in the UK therefore largely operates on a self-regulatory basis. Some accountants become members of professional bodies because they wish to hold themselves out as chartered accountants, others become members of those bodies because they wish to perform a regulated activity where membership is a legal requirement.

11.1.5 The professional bodies require their members to undertake training and pass examinations, commit to continuing professional development, and comply with ethical standards and disciplinary procedures. Accountants who are not members of the professional bodies are unregulated insofar as they are not performing regulated activities.

11.1.6 The FRC has legislative powers in relation to the regulation of statutory auditors and the oversight of their supervisory bodies, but otherwise has no statutory powers in relation to accountants or their professional bodies.

11.1.7 There is some evidence to suggest the existing self-regulatory regime does not operate completely satisfactorily, for example the current system has been assessed as accommodating significant risks around money laundering^{[footnote 342]} as well as issues of tax avoidance^{[footnote 343]} and poor practices in the tax advice market^{[footnote 344]}. The government is already taking action to address these specific issues as part of the Economic Crime Plan^{[footnote 345]}, HMRC’s work to improve standards among tax agents^{[footnote 346]} and ongoing efforts to tackle tax avoidance^{[footnote 347]}. The government’s strategic priority for this work is focused on improving the corporate reporting undertaken by companies that are of public interest. Achieving this will require establishing the necessary legal frameworks that apply to the accountants that produce those reports, and giving the regulator the powers it needs to monitor and enforce arrangements effectively.

Oversight of professional accountancy bodies

11.1.8 The FRC has entered into arrangements with 6 of the professional accountancy bodies^{[footnote 348]} as provided for in an exchange of letters^{[footnote 349]} with the Consultative Committee of Accountancy Bodies (‘CCAB’)^{[footnote 350]}. Under these arrangements, the professional bodies have agreed to consider any recommendations in relation to non-audit accountancy matters made by the FRC, and implement them within a reasonable period or give reasons in writing for not doing so. The FRC has no powers to require the bodies to implement its recommendations and the professional bodies could withdraw from these arrangements at any time should they choose to do so.

11.1.9 The FRC Review found no evidence of substantial failure such as to merit a significant shift away from the existing self-regulatory model where the regulator’s oversight of the professional bodies is dependent on the bodies’ voluntary agreement. It therefore recommended that those arrangements should broadly continue, albeit that they should be based on formal memoranda of understanding rather than the existing exchange of letters^{[footnote 351]}.

11.1.10 The FRC Review did however recommend that the regulator ensure that its oversight of the professional accountancy bodies is sufficiently ‘wide and expert’ to identify emerging public interest concerns^{[footnote 352]}. It also identified that there was a risk that the current voluntary approach might prevent the regulator from taking action to address those concerns. It therefore recommended that the government put in place a ‘statutory backstop power’ to enable the regulator to require the professional bodies to take action where it is in the public interest^{[footnote 353]}.

11.1.11 In the initial consultation, the government welcomed the FRC Review’s recommendations aimed at enhancing the regulator’s oversight of the accountancy profession before asking consultees for their views.

Issues arising from consultation

11.1.12 There were 9 responses to the FRC Review’s proposals on the oversight of accountants: 5 from accountancy bodies or committees, 3 from accountancy firms, one representing 2 investor associations and one individual in their role as a solicitor. Four of the responses expressed general support for the proposals without further detail. Of the 5 remaining responses, one was broadly positive, while the others expressed various degrees of reservation about the proposals. Three of the professional accountancy bodies commented that there was a lack of evidence of poor-quality accountancy work to justify the proposals, whilst one respondent suggested the proposals did not go far enough.

11.1.13 Five respondents, including 4 professional accountancy bodies, were concerned about the coverage of the new oversight powers. It was pointed out that members of professional accountancy bodies who did not participate in arrangements would be out of scope, as would accountants who are not members of a professional body. Several suggested that the government should consider reserving the use of the title ‘accountant’ to members of the professional accountancy bodies which are overseen by the regulator. Another respondent suggested the current system was unsatisfactory and that a root and branch overhaul of the governance and regulation of all accountants is necessary.

11.1.14 One professional accountancy body stated that the professional bodies were best placed to regulate their members and expressed doubts that ARGA would have the expertise required to exercise statutory oversight given its historical focus on audit. This and another professional accountancy body commented that the government would need to take into account other overlapping regulatory frameworks. An accountancy firm suggested that the proposed backstop power should only be invoked if the professional accountancy body concerned is first able to make representations.

Government proposals

11.1.15 As demonstrated by major corporate accounting scandals in the US such as Enron and WorldCom, there is a heightened risk that self-regulation often fails to provide a disincentive - through a lack of power to tackle serious issues - to the unscrupulous few whose actions have the potential to both damage the economy and threaten the integrity of the accounting profession. This justifies a degree of external oversight. Having oversight arrangements which depend on the voluntary cooperation of the professional bodies may mean the regulator is prevented from ensuring that action is taken by those bodies, to address any serious issues it identifies. The government therefore accepts in principle the FRC Review’s recommendation that a stronger framework should be put in place.

Which professional bodies should be within scope of oversight by ARGA?

11.1.16 As set out above, the FRC’s current voluntary oversight arrangements are limited to the professional accountancy bodies which are established by Royal Charter and whose members are entitled to hold themselves out as ‘Chartered Accountants’ (‘the chartered bodies’). These bodies cover the vast majority of accountants with professional level qualifications in the UK, aside from the Association of International Accountants with approx.1,500 UK members and specialist bodies for tax advisors.

11.1.17 There are several other professional bodies of which accountants are members. They offer lower level qualifications, and their members are more likely to be in junior finance roles or undertake general bookkeeping. This includes the Association of Accounting Technicians with approx. 50,000 members and the International Association of Bookkeepers. The government believes that extending oversight to those other bodies isn’t a good strategic fit with the future role of the new regulator, and that oversight of bodies whose members are primarily in junior positions would be disproportionate at this stage.

11.1.18 There is also a case for focusing the scope of the regulator’s oversight on the chartered bodies, where those using the services of its members expect the highest standards and where failures are likely to have the biggest economic impact. Extending oversight arrangements to smaller bodies would also have a significant impact on their more limited resources. The government is therefore minded to limit the oversight arrangements to the chartered bodies, with the flexibility to extend the arrangements to other professional accountancy bodies if appropriate in the future.

11.1.19 Some consultees questioned whether it was appropriate for the regulator’s oversight arrangements to be strengthened in relation to the chartered bodies in circumstances where not all accountants undertaking the same work are required to be members of those bodies. As set out above, accountants are only required to be members of the chartered bodies where they intend to hold themselves out as ‘chartered accountants’ or wish to carry out certain regulated activities such as statutory audit work.

11.1.20 It was suggested that it might be appropriate to require a wider range of accountants to be members of the chartered bodies as a consequence of these stronger oversight arrangements, so that all those undertaking the same work are subject to the same regulatory regime. This might, for example, be achieved by requiring those using the title ‘accountant’ be a member of those bodies, or by requiring those providing certain accountancy services to be members of those bodies.

11.1.21 The government does not consider that giving the regulator stronger powers to oversee the professional accountancy bodies itself justifies requiring that eligibility to carry out all ‘accountancy’ activities be dependent on membership of those bodies. Within the context of financial reporting the FRC Review found no evidence of substantial failure that would merit a significant shift in the regulatory model for the accountancy profession generally. The government has however considered below whether the regulator’s enforcement powers in respect of individual accountants and firms should apply equally to accountants who are not members of the relevant bodies.

11.1.22 As set out above, at the moment participation in the regulator’s oversight arrangements by the chartered professional accountancy bodies is voluntary. The regulator’s proposed new power in respect of participating professional bodies will be significantly undermined if bodies are free to opt out of them. The government instead proposes to legislate to require the chartered bodies to comply with oversight arrangements set by the regulator.

11.1.23 The FRC Review recommended that the regulator’s oversight arrangements should be replaced with memoranda of understanding between the regulator and professional accountancy bodies (‘MoU’). The government agrees that this would improve the transparency of the current arrangements and should be adopted by the FRC and the professional accountancy bodies in the short term. As set out above, the MoU will in due course be replaced by formal arrangements set by the regulator under legislation which will be published to ensure appropriate transparency.

Question 76. Should the scope of the regulator’s oversight arrangements be initially confined to the chartered bodies and should they be required to comply with the arrangements?

What should oversight entail?

11.1.24 There are separate arrangements for the oversight of regulated services within the professional accountancy bodies, including statutory audit services and those directly supervised by other regulators such as insolvency services, anti-money laundering supervision and legal services. These functions are not included within the proposed oversight arrangements. The government would expect ARGA to work with other authorities overseeing the bodies’ activities in relation to issues which raise concerns in overlapping areas of responsibility. The government expects that the regulator will establish memoranda of understanding (or review existing arrangements) with those other bodies to ensure that they collaborate effectively.

11.1.25 The government agrees with the FRC Review’s recommendation that the regulator’s oversight arrangements ought to be sufficiently wide ranging and expert to enable it to identify significant issues raising public interest concerns. The regulator should be required to ensure that the arrangements extend to all aspects of the chartered bodies’ regulatory functions, including training and qualifications, licensing, practice assurance, complaint handling, disciplinary procedures, and governance arrangements.

11.1.26 This would include establishing how and to what extent the chartered bodies have effective arrangements to review the quality of the work of its members in this regard.

11.1.27 To identify emerging issues and risks, the government also expects the regulator to continue to carry out a risk-based and proportionate monitoring programme of past and current activities undertaken by the chartered bodies. It might include thematic reviews of emerging issues as well an assessment of whether each chartered body has adequate core functions. The arrangements should enable the regulator to obtain appropriate information from those bodies so as that it is able to carry out this monitoring effectively.

11.1.28 The regulator will be required to report annually on its monitoring activities including information about any issues it has identified and action is has taken to resolve those issues with the professional bodies.

Power to direct the professional accountancy bodies to take action

11.1.29 The government accepts the FRC Review’s recommendation that the regulator should be given a power to direct the relevant accountancy bodies to take action in relation to the areas within scope of its oversight activities and intends to legislate to that effect. The Review recommended that the power should be used where there was a need in the public interest. The government believes that all aspects of the chartered bodies’ activities in scope of the oversight arrangements are of public interest, and therefore applying an additional public-interest threshold is unnecessary. However, the expectation is that the power would be used rarely and only where a professional body had failed to take action to address the regulator’s concerns within a reasonable period set by the regulator. It will also help meet the desired objective of ARGA being a strong and independent regulator.

Question 77. What safeguards, if any, might be needed to ensure the power to compel compliance is used appropriately by the regulator?

Enforcement powers in relation to accountants

11.1.30 The FRC has also entered into voluntary arrangements with the chartered bodies – the Accountancy Scheme – under which, in public interest cases, if members of those bodies (both individuals and firms) fall significantly short of the standards reasonably expected, they are liable to investigation and possible sanction by the FRC, rather than by their membership body. The rules of the chartered bodies require members to comply with these disciplinary arrangements.

11.1.31 Under the Accountancy Scheme, the test applied as to whether disciplinary action should be taken is where there has been misconduct. The meaning of misconduct within the Scheme is broad and covers any act or omission by a member in the course of their professional activities which either falls significantly short of the standards reasonably to be expected of them, or which has brought, or is likely to be bring, discredit to that member or the accountancy profession in general^{[footnote 354]}. This differs from the regulator’s enforcement powers in relation to statutory auditors, which are exercisable in relation to breaches of specific requirements provided for in legislation or standards determined by the regulator^{[footnote 355]}.

11.1.32 The FRC has no powers to take action against accountants who are not members of the chartered bodies.

11.1.33 The FRC Review recommended that the Accountancy Scheme be replaced with a new statutory regime under which the regulator could take action against accountants for breaches of certain requirements that apply to them without having to demonstrate that there had been misconduct^{[footnote 356]}.

Issues arising from consultation

11.1.34 There was broad support for the proposal for a new statutory enforcement regime for accountants but with concerns raised about the scope of the regime. Four consultees raised concerns, highlighting the current risk of accountants evading disciplinary action under the current arrangements by being out of scope of the disciplinary arrangements. One accountancy body highlighted the importance of addressing the risk that accountants who are not members of professional accountancy bodies avoid the rigours of the regime. It was suggested that there should be a single enforcement regime, covering directors and those working as accountants in business, “applying to all decision makers involved in the governance of the financial reporting process… to hold the appropriate decision makers accountable.”

11.1.35 Notably, one of the largest professional accountancy bodies favoured a statutory regime despite having misgivings over the erosion of its rights to regulate its own members. It noted that the regulator would have stronger powers to obtain information from the subject’s employers – the professional bodies do not currently possess such powers. It also highlighted efficiency gains for the regulator to investigate the actions of an accountant in business and the actions of the auditor, and the interactions between the two. Another consultee questioned how the statutory scheme would interact with the disciplinary regimes of the professional bodies.

Government response and consultation questions

11.1.36 The government agrees with the FRC Review’s finding that the regulator’s enforcement powers under the current voluntary arrangements lack effectiveness relative to its powers in relation to statutory auditors which are underpinned by legislation and exercisable wherever there has been a breach of a requirement in legislation or standards. It is important that the regulator has effective enforcement powers in relation to those involved with producing a company’s financial statements as well as those who are responsible for the auditing that information.

11.1.37 The government also recognises that the effectiveness of the current regime is severely limited by the lack of a power to compel third parties to provide relevant information required for an investigation. The government is also encouraged by the general support for the recommendations particularly from those professional accountancy bodies who responded to the consultation and in one case despite misgivings about it not being able to fully regulate its own members.

11.1.38 The government therefore intends to introduce legislation giving the regulator powers to take enforcement action in relation to accountants. As recommended by the Review, the government envisages that those powers will be similar to the investigatory and sanctioning powers which are exercisable by the regulator in relation to statutory auditors. This will include the powers for the regulator to obtain information from the accountant, their employer and (where applicable) their client. A number of questions in relation to the operation of the regulator’s new enforcement powers, including the accountants to whom the new powers would apply, are addressed below.

Which accountants should be covered by the regulator’s enforcement powers?

11.1.39 As set out above, the current voluntary arrangements apply only to members of those professional accountancy bodies which have agreed to participate in the Scheme. Various consultees argued that the proposed new enforcement powers should be exercisable against any person providing accountancy services irrespective of whether they are a member of a professional accountancy body.

11.1.40 The government recognises that limiting the regulator’s powers to accountants which are members of a professional accountancy body may result in gap in the coverage of those powers. An accountant who is not a member of a professional accountancy body might otherwise provide the same financial reporting work to a company and in doing so engage in same wrongdoing but fall outside of the scope of the regulator’s enforcement powers purely as a consequence of not being a member of those bodies.^{[footnote 357]}

11.1.41 However, the government’s view is that giving the regulator enforcement powers in relation to all persons providing accountancy services regardless of whether they are members of a professional accountancy body would be disproportionate at this stage, particularly in light of the regulator’s proposed new enforcement powers against company directors. The government does not consider that there is sufficient evidence of non-member accountants engaging in financial reporting activities whose conduct gives rise to issues affecting the public interest to justify extending regulation to such persons.

11.1.42 There remain significant incentives for accountants to become members of the professional accountancy bodies, in particular so that they are able to provide various regulated activities and so that they can hold themselves out as a chartered accountant. Those relying on services provided by chartered accountants – whether directly or indirectly – are entitled to expect higher standards from those persons which are backed up by an effective enforcement regime. The government’s intention is therefore initially to restrict the regulator’s new enforcement powers to accountants and accountancy firms who are members of one of the chartered professional accountancy bodies.

11.1.43 However, the government intends to keep the scope of the new enforcement powers under review to ensure that no significant enforcement gap develops in the future. The government therefore proposes to ensure that the legislation taking forward the new enforcement powers allows flexibility for the scope of the regulator’s new enforcement powers to be appropriately extended in the future. This will ensure that the regulator’s enforcement powers remain effective and resilient to changes in the market for the provision of accountancy services, for example a decline in the membership of the professional accountancy bodies.

11.1.44 This flexibility might be achieved by either giving the Secretary of State a power to compel persons providing accountancy services to public interest entities to be a member of a professional accountancy body or by extending the regulator’s powers to those providing certain accountancy services to public interest entities.

Question 78. Should the regulator’s enforcement powers initially be restricted to members of the professional accountancy bodies? Should the government have the flexibility to extend the scope of these powers to other accountants, if evidence of an enforcement gap emerges in the future? What are your views on the suggested mechanisms for extending the scope of the enforcement powers to other accountants (if it is appropriate at a later stage?

When should the regulator take enforcement action using the new powers?

11.1.45 As set out above, under the current voluntary arrangements the FRC may open a disciplinary investigation in relation to accountants where:

the matter raises or appears to raise important issues affecting the public interest in the United Kingdom (“the public interest threshold”); and
there are reasonable grounds to suspect there has been misconduct: an act or omission in the course of a member’s professional activities which falls significantly short of the standards reasonably expected of them, or which is likely to be bring discredit to that member or the accountancy profession as a whole (“the misconduct test”).

11.1.46 The FRC Review recommended that the regulator should instead be able to take enforcement action in relation to accountants of public interest entities whenever they have breached existing requirements including ‘legislative requirements, financial reporting standards and professional ethical standards’^{[footnote 358]}.

11.1.47 The government agrees that the misconduct test should be replaced, and that the regulator should instead take enforcement action in respect of breaches of specific requirements which apply to accountants.

11.1.48 Chartered accountants are required to adhere to the ethical standards set by the professional accountancy body to which they belong. Each are based on the same set of fundamental principles (Integrity, Objectivity, Professional Competence and Due Care, Confidentiality and Professional behaviour) set out in the International Code of Ethics for Professional Accountants.

11.1.49 The government proposes to give the regulator the power to establish a standardised code of ethics with which members of the chartered bodies (either individuals or firms) would be required to comply and which would be enforceable by the regulator using its new powers. This would exclude parts of the code specifically applicable for other regulated services not included within the proposed oversight arrangements. Chartered bodies would be able to add additional ethical requirements specific to their membership which would be enforceable by them.

11.1.50 These are existing standards of behaviour with which chartered accountants as members of a professional accountancy body are required to comply. The new code of ethics would merely aim to standardise the variations between the core elements of each ethical standard, based on the International Code of Ethics for Professional Accountants, so that consistent standards apply across the profession.

11.1.51 While the FRC Review recommended that the new enforcement powers be restricted to accountants providing services to public interest entities, the government considers that it would be undesirable to restrict the scope of the regulator’s powers in that way. It would mean either retaining the current voluntary arrangements for enforcement against accountants who are not providing services to PIEs or leaving the regulation of those accountants entirely to the professional bodies. This could mean that the regulator would be left without effective enforcement powers in relation to wrongdoing by those accountants even where it gave rise to public interest concerns.

11.1.52 The government therefore proposes that the regulator’s powers should apply to breaches of the code of ethics in public interest cases regardless of whether the individual or firm is engaged by a public interest entity. It is less likely in practice that this public interest threshold would be met in the case of wrongdoing by an individual or firm which is not engaged by a public interest entity. Other types of wrongdoing will fall to be addressed by the professional accountancy bodies under the rules and disciplinary arrangements of those bodies.

What enforcement powers should the regulator have?

11.1.53 The government proposes to give the regulator powers to gather information and carry out investigations to establish whether an individual or firm has breached the required standards, and to impose sanctions in cases where a breach is found to have occurred.

11.1.54 The regime would provide a graduated range of civil sanctions that could be applied by the regulator where a breach is proven. The government would expect the regulator to apply sanctions in a proportionate manner according to the seriousness of the breach and risk posed by the conduct in question. The government considers that the sanctions available to the regulator under the existing voluntary arrangements are broadly appropriate, noting the findings of the 2017 Independent review of the FRC’s Sanctions^{[footnote 359]} that those arrangements provided for a “fair and effective range of sanctions”. The government’s envisages that the sanctions available to the regulator might include reprimands, fines, requiring the waiver or repayment of client fees, the imposing of certain conditions, exclusion from being a member of the chartered bodies, and exclusion from acting as an accountant within a public interest entity.

Question 79. Should the regulator be able to set and enforce a code of ethics which will apply to members of the chartered bodies in the course of professional activities? Should the regulator only be able to take action where a breach gives rise to issues affecting the public interest? What sanctions do you think should be available to the regulator?

11.2 Oversight and regulation of the actuarial profession

Context

11.2.1 In 2005, the Morris Review of the Actuarial Profession^{[footnote 360]} recommended that the professional body for actuaries should be subject to independent oversight by the FRC. A Memorandum of Understanding (MoU) was subsequently put in place between the FRC and the Institute and Faculty of Actuaries (IFoA) – the UK professional body for actuaries – under which it was agreed that the FRC would carry out a standard-setting and oversight role in relation to the actuarial profession^{[footnote 361]}. The FRC has separate arrangements with the IFoA (‘the Actuarial Scheme’) under which, in public interest cases, the FRC can take enforcement action against members of the IFoA in cases in which they engage in misconduct^{[footnote 362]}.

11.2.2 The FRC Review found that the current regime ‘is not, in practice, proving an altogether effective arrangement’, noting that the regulator’s oversight of the IFoA is based on voluntary arrangements and that there are limitations in its powers to take action against individual actuaries and entities that undertake actuarial work. The Review recommended that the government should review which powers are required to oversee regulation of the actuarial profession^{[footnote 363]} and that the Prudential Regulatory Authority (PRA) would be best placed to take on all the actuarial responsibilities currently vested in the FRC^{[footnote 364]}.

11.2.3 In the initial consultation, the government said that it would reflect on these recommendations and asked respondents whether there were any considerations which ought to be borne in mind in taking them forward, or other ideas which ought to be considered. In addition to considering those responses, the government has met with a range of key stakeholders to help inform the proposals set out below.

Consultation responses

11.2.4 In response to the government’s initial consultation on the FRC Review, several respondents explicitly supported the current oversight model for the actuarial profession, and none strongly opposed it, although 2 questioned the need for separate oversight given the PRA’s supervision of the insurance sector. One respondent noted the wide-ranging functions of the professional body may increase supervision challenges for the regulator. No respondents advocated a major overhaul of the regime.

11.2.5 Responses were mixed in relation to the question of which body should be responsible for overseeing the regulation of the actuarial profession. One respondent raised concerns in relation to the PRA taking responsibility for this role, noting possible conflicts of interest, whilst another suggested that the PRA might take the lead responsibility but with support from The Pensions Regulator (TPR). One respondent noted the synergy between the regulation of concerns that a regulator might outsource reviews of commercially sensitive work to other actuaries in commercial practice, making it difficult to preserve the commercial confidentiality of that work.

Identity of the regulator

11.2.10 All stakeholders acknowledged that the broad nature of actuarial work meant that the preferred regulator to oversee regulation of the actuarial profession was not obvious. Few stakeholders advocated strongly for the role to be undertaken by a sector-specific regulator, although some had strong views on regulators that would not be suitable.

11.2.11 The FRC Review recommended that the PRA is best placed to be the oversight body. In support of the recommendation, stakeholders recognised that the PRA is both a respected prudential regulator of the insurance sector and, as such, already has substantial in-house actuarial expertise. Some stakeholders supported dual oversight by the PRA (for insurance) and TPR (for pensions). However, the vast majority of stakeholders did not agree with the recommendation that the PRA should become responsible for oversight of the actuarial profession and for regulating actuaries. These stakeholders argued that:

actuaries working in the insurance sector associated with PRA-regulated insurance firms may produce work which is overly influenced by the need to meet the PRA’s requirements in its role as the prudential regulator of the insurance sector;
it may be unreasonable to expect the PRA to appropriately balance its competing remits of prudential supervision and oversight of the actuarial profession, for example, in relation to: the appointment of independent experts, the enforcement of sanctions against actuaries that had provided material to the PRA as part of its supervision of the insurance sector, and the assessment of actuarial work as part of supervision; and
actuaries’ work extends well beyond the insurance sector, and the PRA currently lacked actuarial expertise outside this sector.

11.2.12 Multiple stakeholders thought that it would be most efficient for the same regulator to review work undertaken by actuaries contained within audit reports and to oversee the broader actuarial profession. Many stakeholders said explicitly, and several others implied, that ARGA would be their preferred regulatory body.

Government proposals

The identity of the regulator

11.2.13 While the government sees merit in the PRA taking on the role of the FRC, it acknowledges the concerns raised by stakeholders. The government therefore thinks that responsibility for the oversight and regulation of the actuarial profession sits more appropriately with ARGA than the PRA and proposes that ARGA should be responsible for the oversight and regulation of the actuarial profession.

Question 80. Is ARGA the most appropriate body to undertake oversight and regulation of the actuarial profession?

A statutory basis for regulating the actuarial profession

11.2.14 The government agrees with the responses that drew attention to the lack of clearly defined roles and powers under the current voluntary model for the regulation of the actuarial profession which, in turn, reduced its effectiveness. The government agrees that granting an independent regulator statutory powers to oversee regulation of the actuarial profession is likely to enhance its credibility, influence and effectiveness. The government therefore proposes to introduce a strengthened, statutory basis for the regulation of the actuarial profession with clear and defined roles and responsibilities.

Question 81. Should the regime for overseeing and regulating the actuarial profession be placed on a strengthened and statutory basis?

Principles for a statutory oversight and regulatory regime

11.2.15 The government has identified 5 principles to underpin an effective risk- and cost-based regime for overseeing and regulating the actuarial profession:

proportionality of resource relative to risk;
cost effectiveness, to ensure resource is used efficiently and the cost of regulation is not overly burdensome;
confidentiality, to ensure that the commercial sensitivity of actuarial activity is respected;
avoidance of duplication or ‘gold plating’ to ensure that regulation does not replicate other activities; and
oversight and regulation in the public interest, to ensure appropriate focus.

11.2.16 The introduction of a statutory regime underpinned by these principles should ensure that the regulation of the actuarial profession commands a high level of public confidence.

Question 82. Do respondents support the proposed principles for the regulation of the actuarial profession? Respondents are invited to suggest additional principles.

Roles and responsibilities of the regulator: the components of a statutory regime

11.2.17 At present, the FRC is responsible for:

setting technical actuarial standards^{[footnote 365]};
independent oversight of the IFoA in relation to its regulation of its members; and
providing an independent investigation and discipline regime for matters relating to members of the actuarial profession which raise, or appear to raise, important issues affecting the public interest.

11.2.18 The IFoA sets and maintains ethical standards for its members through the Actuaries’ Code and the relevant Actuarial Profession Standards (APSs)^{[footnote 366]}. The IFoA also monitors members’ actuarial work through its Actuarial Monitoring Scheme^{[footnote 367]}.

11.2.19 The government thinks that there should be clear delineation of the roles and responsibilities of the regulator and those of the IFoA. The government thinks that the regulator should be responsible for:

Regulatory responsibilities
- setting legally binding technical standards;
- monitoring compliance with technical standards;
- taking appropriate action if actuarial work does not meet technical standards;
Oversight responsibilities
- independent oversight of the IFoA in relation to its regulation of its members; and
Enforcement, public interest disciplinary cases
- providing an independent investigation and discipline regime for matters relating to members of the actuarial profession which raise, or appear to raise, important issues affecting the public interest.

Question 83. Are the proposed statutory roles and responsibilities for the regulator appropriate? Are any additional roles or responsibilities appropriate for the regulator?

Setting legally binding technical standards

11.2.20 The government proposes that the regulator should continue to set, review, and amend technical standards in the form of rules and guidance, but that these standards should be legally binding. The technical standards should continue to be developed with input from the IFoA, the PRA and TPR, as well as the wider forums of the Regulatory Standards Committee, supported by expert senior advisors and Joint Forum on Actuarial Regulation^{[footnote 368]}. Where appropriate the regulator should also be able to set non-binding technical standards, i.e. those where actuaries must comply or explain why they do not comply, and non-binding guidance.

11.2.21 The government thinks that the regulator should not be responsible for setting other types of standards. Responsibility for setting ethical (i.e. non-technical) standards (including those contained in the Actuaries’ Code) should remain with the IFoA. The regulator should continue to exercise its current oversight role of the actuarial profession in relation to ethical standards (see paragraph 11.2.23) and, in doing so, can properly take account of the need for interaction between the different types of standards and take appropriate action.

Question 84. Should the regulator continue to be responsible for setting technical standards? Should these standards be legally binding? Should the regulator be responsible for setting technical standards only?

Monitoring compliance with technical standards

11.2.22 The government wants to ensure that an effective monitoring regime is established and delivered by the regulator. The purpose of the monitoring regime is to ensure that technical standards are properly applied. If necessary, to ensure the effectiveness of its monitoring activity, the regulator should also consider compliance with ethical standards where relevant and appropriate. This monitoring regime would be placed on a statutory basis. The government proposes that, as part of the monitoring regime, the regulator should have the power to request work from an individual for assessment and that the individual should be expected to respond to such a request. The government is also considering whether the regulator should have the power to compel an individual to provide this work in response to a formal request. The regulator would then assess whether that work is compliant with the technical standards. This monitoring regime could be informed by the Audit Quality Review regime.

Question 85. Should the regulator be responsible for monitoring compliance with technical standards? Should it also consider compliance with ethical standards if necessary?

Question 86. Should the regulator have the power to request that individuals provide their work in response to a formal request - and to compel them to do so if necessary?

Taking appropriate action if work does not meet technical standards

11.2.23 The government is considering the appropriate statutory actions and remedies available to the regulator should it assess, following its monitoring activity, that actuarial work falls below the requirements of the technical standards. Specific actions or remedies available to the regulator could include: ordering a correction of work that has been assessed as inadequate, requiring publication of correction to that work if it has adversely affected the quality of information in the public domain, informing the IFoA of the relevant details of the case, publication of the details of the relevant cases, and the imposition of disciplinary sanctions including fines.

Question 87. Should the regulator have the power to take appropriate action if work falls below the requirements of the technical standards? What powers should be available to the regulator in these instances?

Independent oversight of the IFoA in relation to its regulation of its members

11.2.24 The current arrangements for the independent oversight of the IFoA’s activities by the FRC are set out in an MoU. It states that the FRC will oversee the ‘regulatory activities’ of the IFoA but does not define regulatory activities. For this purpose, the government proposes that regulatory activities should include: the Actuarial Monitoring Scheme, the Quality Assurance Scheme, the competency framework, education and qualifications, complaints made about actuaries, disciplinary processes, the IFoA’s development of standards, and potential future features of the IFoA’s framework for its regulation of its members. The government proposes that these arrangements should be placed on a statutory basis.

11.2.25 The FRC also has an oversight role in relation to complaints about the professional body. Under current arrangements, if a complaint about the IFoA is made to the FRC, it will investigate whether the IFoA has appropriately followed its own processes. If the FRC considers that the IFoA has not followed its processes, or that these processes are inadequate, the FRC would make a recommendation to the IFoA. The government proposes that these arrangements should be placed on a statutory basis.

11.2.26 The government is considering the merits of placing a statutory requirement on the IFoA to comply with a recommendation that has been issued by the regulator in its oversight role. Alternatively, a new statutory duty could require the IFoA to comply with a recommendation that has been issued by the new regulator or explain publicly the reasons for not doing so (that is, the duty would be on a ‘comply or explain’ basis).

Question 88. Do respondents agree with the proposed scope for independent oversight of the IFoA? In which ways, if any, should the scope be amended?

Question 89. Should the regulator’s oversight of the IFoA be placed on a statutory basis? What, if any, powers does the regulator require to effectively fulfil this role?

Providing an independent investigation and discipline regime for public interest issues

11.2.27 An important part of the regulator’s role is to provide an effective investigation and discipline regime relating to members of the actuarial profession which raise important issues affecting the public interest. Currently, the IFoA is responsible for its own disciplinary procedures to ensure public confidence in the actuarial profession, whilst the FRC operates as an independent disciplinary body for the IFoA’s members under voluntary arrangements with the IFoA (namely, the Actuarial Scheme). Complaints about individual actuaries may lead to disciplinary action by the IFoA or if the matter is of public interest, by the FRC. The government thinks that this independent investigation and discipline regime should continue but be placed on a statutory basis.

Question 90. Does the current investigation and discipline regime remain appropriate? Should it be placed on a statutory basis? What, if any, additional powers does the regulator require to fulfil this role?

Regulation of actuarial work undertaken by entities

11.2.28 The government sees merit in the case for regulating actuarial work undertaken by entities in addition to the regulation of individual professionals that undertake actuarial work. The government proposes that this regulation should be placed on the same statutory basis as for individual professionals. Such regulation may be appropriate, for example, if a number of individuals are responsible for undertaking actuarial work for an entity and it is difficult to identify the contribution of an individual. Such work would be expected to meet the binding technical standards set by the regulator and be subject to the monitoring regime for individuals as set out above. In addition, the regulator would be able to take appropriate action, including enforcement action, if actuarial work does not meet the technical standards.

11.2.29 The government is also considering whether the regulator’s independent investigation and discipline regime for matters which affect the public interest should also apply to entities that undertake actuarial work. The government is considering whether the regulator should have the power to bring disciplinary proceedings, in the public interest, against entities that undertake actuarial work, as is the case for the audit and accountancy professions. The regime could, therefore, be informed by the regime for audit and accountancy. The government is also considering whether the arrangements should be different for entities that are Public Interest Entities (PIEs).

Question 91. Do respondents think that the regulator’s remit should be extended to actuarial work undertaken by entities? What would be the appropriate features of such a regime, including the appropriate enforcement powers for the regulator?

Question 92. Should the regulator’s independent investigation and discipline regime for matters that affect the public interest also apply to entities that undertake actuarial work? Should the features of the regime differ for Public Interest Entities?

Question 93. Does the regulator require any further powers in relation to its regulation and oversight of the actuarial profession?

11.3 Investor stewardship and relations

The FRC Review recommended that a fundamental shift in approach was required to ensure that the Stewardship Code differentiated ‘excellence in stewardship’ and that signatories were transparent about the activities and outcomes of their stewardship, rather than solely on their stated approach or policies. It also suggested that the government should consider whether any further powers are needed to assess and promote compliance with the Code. Effective stewardship involves the responsible allocation, management and oversight of capital to create long-term value for their clients and beneficiaries leading to sustainable benefits for the economy, the environment and society. ARGA’s work to ensure balanced, high quality and meaningful reporting needs to be complemented by informed and engaged and effective stewardship by these investors.

11.3.1 The government supports the revised Stewardship Code^{[footnote 369]}. It represents a significant shift that sets higher standards for stewardship by moving away from policy statements to focus on the reporting of activities undertaken by signatories, and their outcomes. This addresses the Review’s recommendation^{[footnote 370]} and provides a starting point for a framework capable of differentiating approaches to stewardship and identifying effectiveness and commitment.

11.3.2 Achieving this goal, however, will require the regulator to develop and apply a robust process for assessing the quality of signatories’ reporting against the Code. Given the voluntary nature of the Code, achieving the necessary rigour in reporting may present challenges. The government expects the FRC and FCA, working with the Department of Work and Pensions (DWP) and The Pensions Regulator (TPR) to launch a review of the regulatory framework for effective stewardship including the operation of the Code in 2023, to establish if it is delivering expected outcomes. The government will work with these bodies to determine the criteria by which the success of the Code will be measured.

11.3.3 The second part of the recommendation asked whether further powers are needed to assess and promote compliance with the Code. The CMA in its Market Study also asked the regulator to take steps to promote investor engagement in the audit process, including through making certain Provisions of the Code mandatory^{[footnote 371]}. Whilst it is not a requirement to report specifically against the Code, implementation of relevant parts of the EU Shareholder Rights Directive II (SRD II) has strengthened the reporting and disclosure framework and should encourage effective stewardship. The revised Code in particular asks signatories to consider audit quality when applying its Principles.

Table 5: New requirements on regulators and government

Regulator / Government department	New requirements
FCA	Rules for asset owners, fund and investment managers relating to the disclosure of their long-term investment strategies, their arrangements with each other and engagement with the companies in which they invest. Rules for Independent Governance Committees (who act on behalf of consumers) to oversee the stewardship policies and practices of the firms they oversee.
DWP	Legislation requiring trustees of Occupational Pension Schemes to disclose their policies on voting and engagement with investment managers, how these policies were implemented and their investment strategy and arrangements with asset managers.
HM Treasury	Stronger transparency requirements for proxy advisers.

11.3.4 These changes introduce baseline regulatory standards for stewardship and reporting which are subject to FCA, TPR and DWP oversight. In addition, the stewardship and stakeholder working groups of the Asset Management Taskforce (AMT)^{[footnote 372]} have recently published further proposals for strengthening stewardship and responsible investment in the UK. The government, FRC, FCA and TPR agree that firms should be allowed to adapt to these changes before considering further powers to assess and promote compliance with the Code. The FCA, in its supervisory role, can already consider evidence from a firms’ disclosures under its rules on shareholder engagement, and where applicable, reporting against the Stewardship Code. Where the FCA identifies concerns, including rule breaches, it can take action in line with its standard approach to supervision. TPR can also take action where trustees of occupational pension schemes fail to disclose their voting or engagement policies, of if reports on the implementation of those policies are inadequate.

11.3.5 The government will consider whether further powers are needed to assess and promote compliance with the Code following the outcomes of the review commenced in 2023. This could also include considering the case to amend DWP legislation or FCA and Local Government Association rules to introduce stronger requirements for reporting on the Code or to alter the balance between a rules and voluntary Code-based approach if the desired outcomes have not been achieved.

11.4 Powers of the regulator in cases of serious concern

The FRC Review suggested that the new regulator should be more proactive in identifying and taking action where there are matters of serious concern in public interest entities. By prompting those responsible to act on serious problems at an earlier stage, it could limit the consequences as far as possible. In most cases, this will need new or strengthened powers for the regulator.

Background

11.4.1 The UK has witnessed several major corporate collapses in recent years. When the consequences of collapses are significant and far-reaching, it is understandable that concerns are raised over whether more could have been done by public authorities to prevent their collapse.

11.4.2 The FRC already plays an important role in helping to avoid unnecessary and avoidable causes of major corporate failure by providing confidence that investors, creditors and other users of a company’s accounts and reports have reliable information on which to base their decisions. It does this by setting accounting and auditing standards, and by supervising corporate reporting, auditors and audits. It also seeks to promote high standards of corporate governance through the setting of the UK Corporate Governance Code. The FRC is not however responsible for supervising companies more broadly: for example, to ensure that they are being well-run and that any significant risks which may cause the company to fail are being appropriately managed. The FRC Review considered this and did “not believe it would be practical or desirable to task a regulator with a general responsibility to ensure that even major companies are well-run and that failure could not occur”.

11.4.3 The proposals set out elsewhere in this document will deliver more effective governance, reporting and audit of the UK’s largest businesses, further increasing the reliability of the information on which investors base their decisions. This includes proposals to:

hold directors to account where they have failed to meet their responsibilities for corporate reporting and audit,
strengthen the UK’s internal control framework; and
require companies to set out their approach to maintaining or strengthening a company’s resilience over the short, medium and long term in their annual strategic report.

11.4.4 The FRC Review made several further recommendations on how the regulator could be more effective at identifying issues in future and play a more forward-looking role in acting on its intelligence and concerns identified. It suggested that this could be achieved by giving the regulator a power to gather information at speed, combined with a power to investigate in greater depth where serious concerns remain. Furthermore, the Review recommended that the regulator have the ability to publish a report of those findings and to take action, where necessary.

Building on the regulator’s use of market intelligence

11.4.5 The Review commented that the FRC’s role tends to be backward looking – it reviews accounts and reports which have already been produced, and statutory audits which have already been undertaken.^{[footnote 373]} The Review recommended that the regulator take a more pro-active approach by developing its use of market intelligence.^{[footnote 374]} The Review pointed out that this would enable the regulator to identify those companies and sectors which might warrant earlier intervention and help the regulator to focus its monitoring and enforcement activity more effectively.^{[footnote 375]}

11.4.6 In response to the government’s initial consultation, there was broad support for the recommendation that the regulator develop its use of market intelligence. Consultees felt that this would make the regulator’s work more proportionate and focused on current and emerging risks. One consultee suggested that the use of market intelligence should be included in the regulator’s defined duties. The Competition and Markets Authority thought this was a “fundamental function for a high-performing regulator” and was also necessary to protect against the possible failure of a Big Four audit firm. Some consultees were supportive in principle but pointed to the risk of unrealistic expectations and the need to draw from a wide range of sources, including more extensive use of technology.

11.4.7 The FRC already uses market intelligence to inform how it prioritises its supervision of audit firms and in its corporate reporting and audit reviews. It is also working with the Financial Conduct Authority (FCA) to explore how it might make better use of data analytics to inform its approach to regulation. The FRC also plans to develop stronger links with investors as recommended by the Review, and their input will provide additional insight for its market intelligence function (see section 7.3). The government welcomes ongoing action by the FRC to develop and strengthen its use of market intelligence, to give it a more holistic view of emerging risks so that it is able to take a more proactive approach to ensuring compliance and target its enforcement activities more effectively.

Disclosures by auditors to the regulator

11.4.8 The Review recommended that the government introduce a duty of alert: a duty for auditors of Public Interest Entities (PIE) to report viability or other concerns to the regulator.^{[footnote 376]} Similarly, the Brydon Review recommended that auditors be required to report any concerns about the resilience of the company to its directors, and if those anxieties are not properly addressed, to ARGA and any other relevant regulator^{[footnote 377]}.

11.4.9 In response to the government’s initial consultation eighteen consultees commented on this recommendation, who were overall supportive. Several respondents highlighted the need for new requirements to be considered alongside existing duties; but agreed that the range of reportable matters could be extended. Two consultees highlighted that comparable statutory duties existed in other sectors for example in audits of charities and pension schemes. One of the Big Four accounting firms suggested new reportable matters should include situations where the auditor identifies poor governance or concerns around viability. It also highlighted that in the financial services sector, the regulator has a duty to disclose concerns to the auditor, in order that the auditor can consider the implications of those concerns, and if necessary change their planned approach to respond to those concerns and the regulator can consider the consequences of that for its supervisory strategy for the firm in question. One of the accountancy bodies believed that it should also be possible for auditors voluntarily to report less serious concerns. Another Big Four accounting firm suggested considering to whom such matters should be reported, proposing that auditors could report all relevant matters to ARGA, which would then liaise with other regulators, if appropriate. They also emphasised the need to consider and clarify the timing of when such matters should be reported, which concurred with the view of one of the accountancy bodies. There was some concern raised about any alert being published, believing this could lead to unintended consequences, such as disclosure of confidential information, or even the collapse of the company. Various representatives of FTSE 100 companies commented that the new regime should ensure that auditors are not inclined merely to defer matters to the regulator, rather than using existing mechanisms of escalation.

11.4.10 The government agrees with the Review that it is important that auditors are required to report to the regulator when they have viability or other serious concerns about a PIE during the course of an audit. PIE auditors already have such a duty: they must report any information of which they become aware of during a PIE audit that may bring about the following:

a material breach of provisions governing the activities of the PIE;
a material threat or doubt about the continuous functioning of the PIE; or
a refusal by the auditor to issue an audit opinion, or the issuing of an adverse or qualified opinion.^{[footnote 378]}

Question 94. Are there others matters which PIE auditors should have to report to the regulator? Could this duty otherwise be improved to ensure that viability and other serious concerns are disclosed to the regulator in a timely way?

11.4.11 The government notes that auditors of Financial Conduct Authority (FCA) or Prudential Regulation Authority (PRA) authorised firms benefit from statutory protection when making certain disclosures to a regulator.^{[footnote 379]} In particular, an auditor is not in breach of any duty owed to their client merely because they communicate information on a matter of which they have become aware in their capacity as an auditor. They must however have acted in good faith and reasonably believe that the information or opinion is relevant to the regulator’s activities. This statutory protection applies whether or not the auditor is responding to a request from a regulator.

11.4.12 There is no equivalent statutory protection in place for auditors of public interest entities which are not FCA or PRA authorised firms. Putting in place equivalent statutory protection for all auditors of public interest entities might enable or encourage them to disclose viability and other serious concerns to the regulator in circumstances where they might otherwise be concerned about being subject to a breach of contract or breach of confidence action.

Question 95. Should auditors receive statutory protection from breach of duty claims in relation to relevant disclosures to the regulator? Would this encourage auditors to report viability and other concerns to the regulator?

Powers to address serious concerns about PIEs

11.4.13 The FRC Review recommended that the regulator be given various powers to investigate and take action when it has serious concerns about a PIE. It recommended that the regulator be given powers to require rapid explanations from the company about concerns, to commission an expert review (at the company’s expense) akin to the ‘skilled person reviews’ commissioned by the FCA and PRA, and to take further action including publishing the expert review or requiring the company to take certain steps to address any serious issues identified. For the most extreme cases, the Review recommended that the regulator should be able to issue a report to the company’s shareholders.

11.4.14 In response to the initial consultation, there were several general comments about these proposals. One body representing the views of the major listed companies questioned whether it was either practical or appropriate for the regulator to assume such a forward-looking role. Specific concerns were raised as to whether the regulator could act quickly enough to be effective, or have even an equal level of knowledge about an individual company to that of its shareholders; and that some of the proposed powers eroded shareholders’ rights. An audit firm also highlighted that care should be taken to ensure new powers did not interfere with corporate insolvency procedures.

11.4.15 The government acknowledges the general concerns raised: in particular, that the regulator might not always be in the best position to identify and act on warning signs.

11.4.16 The vision set out by the Review suggested that the regulator should be able to act where there are reasonable concerns about a wide range of matters including issues with reporting, governance, audit and viability. It also recommended that the powers should be available where ‘there are significant investor concerns’.

11.4.17 Applying the powers so widely would be a radical shift away from the UK’s approach to corporate governance, in which best practice is encouraged through a principles-based approach and through disclosures to shareholders, rather than through regulation. This system is highly regarded around the world. Giving new powers to the regulator to intervene in governance matters could undermine the principle that it is for shareholders to ensure that appropriate governance arrangements are in place. It could also lead to investors becoming less engaged in their oversight of governance arrangements or even becoming over-confident in a company’s governance arrangements, based purely on the fact that no action had been taken by the regulator.

11.4.18 The government therefore believes that new powers to address serious concerns in PIEs should be limited to the areas where the regulator has existing enforcement powers – that is corporate reporting and audit. This will include those areas where new obligations are being imposed or proposed for companies, including the proposed reporting requirements relating to companies’ internal controls, dividends (chapter 2) and resilience (section 3.1). These new powers are intended to strengthen the regulator’s toolkit in these areas, whilst avoiding interventions into the affairs of public interest entities that the regulator would not be best placed to pursue. A regulator with strengthened powers to identify and address serious concerns about a company’s corporate reporting or audits in a timely and proportionate manner should strengthen investor confidence in the UK.

Power to require rapid explanations

11.4.19 The Review recommended that the regulator be given powers to require “rapid explanations” from companies about “reasonable concerns” identified by the regulator^{[footnote 380]}.

11.4.20 There were few comments directly relating to this recommendation in response to the government’s initial consultation. An accountancy body commented that careful consideration should be made as to the criteria for using such powers, the timeframe in which responses would apply such that they are both rapid and reasonable, and which company officers would be in scope. It also commented that consideration of similar powers held by other regulators should be made. A further comment queried whether such a process would give the company an obligation to make a public announcement about the process.

11.4.21 The government agrees with this recommendation and proposes to ensure that the regulator has the power to require rapid explanations from PIEs where it has concerns relating to a PIE’s compliance with its corporate reporting or audit obligations. The government will consider how this power will fit with the regulator’s existing information gathering powers in relation to corporate reporting and audits by PIEs.

Question 96. How much time should be given to respond to a request for a rapid explanation?

Power to require an expert review

11.4.22 The Review also recommended that the regulator be given a power to require an expert review in a broad range of circumstances^{[footnote 381]}. The Review referred to various circumstances which might give rise to an expert review including where the regulator had serious concerns about the accounting treatment of key areas of audit judgment, its corporate governance, its financial viability, or where there are significant investor concerns. This recommendation attracted significant comment with some concerns raised by consultees.

11.4.23 Among the 20 consultees who expressed a view, 14 were broadly in favour, 1 was neutral and 5 were to varying extents against the Review’s proposals. Those in favour, including a body representing investors, felt that the prospect and potential remedies of a skilled person review would deter boards from poor reporting and governance. However, most consultees also expressed some reservations. The most common themes arising were:

the need for a clear process for commissioning and undertaking reviews, including clear criteria for when a review was appropriate;
the need for its proportionate use given potential cost and resource burdens on the company;
the risk of companies being subject to simultaneous reviews from different regulators, for example the FCA, and potential confusion between regulatory regimes; and
the risk that an uncertain scope and extensive powers would damage the UK’s attractiveness as a business destination for mobile international investment.

11.4.24 The government broadly agrees with the FRC Review’s recommendation that the regulator should be given a power to require a skilled person review. However, the government considers that this new regulatory tool should be focused on enabling the regulator to identify and address concerns relating to the corporate reporting and audits of public interest entities. Such a power would allow the regulator to review significant volumes of evidence in detail and independently challenge evidence provided by a company, particularly on a matter of deep technical knowledge or industry expertise.

11.4.25 The government therefore proposes to give the regulator a power to require an expert review where it has identified concerns as to whether a public interest entity’s corporate reporting and audits comply with any requirements which are enforced by the regulator.

11.4.26 The range of issues that could lead to concerns being raised about a company’s compliance with its corporate reporting or audit requirements are wide and varied. Therefore, the government believes that the regulator should be given significant discretion as to when it would be appropriate to commission an expert review.

11.4.27 The government recognises that similar powers are available to the FCA and PRA in the financial services sector. Those regulators are able to require that inspected firms bear the expense of the skilled person review. The government’s view is that the regulator’s costs of commissioning an expert review should likewise fall to the inspected company rather than being met by other firms via the statutory levy. The government recognises that the cost of such reviews could be significant and so expects that the regulator will set out its approach to the proportionate use of these powers, in a similar manner to that taken by the FCA or PRA.

11.4.28 The use of external expertise in a review would give the regulator access to specialist skills that it might be impractical for the regulator to retain in-house. However, it would be important for the regulator to retain sufficient capacity in-house to identify risks and prepare an appropriate specification for the review. The FCA’s experience is that scoping the review correctly is crucial to securing a timely, useful report that meets expectations.

11.4.29 Whilst an expert review would place additional burden on the company being investigated, the government’s view is that identifying and addressing serious concerns relating to PIEs’ compliance with the corporate reporting and audit framework is of long-term benefit to the company and its shareholders. A regulator with strengthened powers to identify and address serious concerns in those areas should also strengthen investor confidence more generally.

Power to publish the expert review

11.4.30 The Review recommended that the regulator should have the power to publish the report of the expert review where it is deemed to be in the public interest.

11.4.31 There were some concerns in response to the government’s initial consultation about the possibility of publishing the report of the expert review. This included the likelihood of the report containing information that is commercially sensitive or confidential and that publication might inhibit full and frank reports being issued. It was noted that the FCA and PRA did not publish their reports. It was also suggested that the power should be used only in exceptional cases, with clear guidance on its appropriate use.

11.4.32 The government expects that in most cases issues arising from the expert review would be resolved through informal proceedings. As with similar reviews commissioned by the FCA and PRA, the external expert would be able to make appropriate recommendations in their report to correct any underlying issues. The regulator could discuss these recommendations with the company and agree an appropriate implementation plan which might involve further external assessments. This would be the government’s preferred approach.

11.4.33 However, the government considers that the regulator should also feel empowered to act where a company is not being responsible, has refused to accept reasonable recommendations, and is putting creditors or market participants at further risk. In practice, giving the regulator the power to publish a report is likely to provide an appropriate incentive for the company to provide disclosure of its own, meaning publication would rarely need to be taken.

11.4.34 The government intends to legislate to include a power to publish a summary of the report from the expert review where it is considered by the regulator to be in the public interest. It expects this power to be used only exceptionally. The government believes that this strikes the right balance between giving shareholders and other stakeholders appropriate information about the findings of the review, while making it easier to ensure that publication does not result in the disclosure of commercially sensitive information.

Question 97. Should the regulator be able to publish a summary of the expert reviewer’s report where it considers it to be in the public interest?

11.4.35 The Review recommended the regulator be given a power to require companies to take various types of follow-up action to address concerns identified during an expert review which had not been adequately addressed^{[footnote 382]} and in the most serious cases issue a report to shareholders^{[footnote 383]}. 11.4.36 Where breaches have been identified during the expert review, the government notes that the regulator will already have a range of tools to address these using its existing powers or the powers which the government is proposing to give the regulator as part of the wider proposals. This might include:

ordering that a company make changes to its accounts and report under the new power of direction proposed in section 4.2; and
taking enforcement action against directors using the civil enforcement powers outlined in Chapter 5.

11.4.37 The government believes that the potential follow-up actions suggested by the Review are matters that the regulator with strengthened powers will have the ability to address or are principally matters and decisions that should be left to the company’s boards and shareholders. The government agrees that it is important that shareholders are made aware of serious issues identified as part of an expert review such as systemic issues within a company’s corporate reporting, in order that they can make informed decisions. The government believes that this can be achieved through publication of a summary of the expert review without the need for a separate report to be issued to shareholders.

Question 98. Are there any additional powers that you think the regulator should have available where an expert review identifies significant non-compliance by a company in relation to its corporate reporting and audits?

11.5 Local audit

The government has responded to the recommendations of Sir Tony Redmond’s independent review of local authority financial reporting and external audit in England. The government will explore the full range of options to deliver system leadership for local audit, and will consider whether and how a new corporate auditing profession could continue to generate auditors with skills that are transferable to public sector audit.

Background

11.5.1 The FRC Review recommended that the arrangements for local authority audit need to be fundamentally rethought^{[footnote 384]} to ensure they:

deliver robust assessment and scrutiny of the quality of local audit work, with individual reports shared with audit committees and published;
establish a more appropriate threshold for enforcement action; and
bring together in one place all the relevant responsibilities, so a single regulatory body can take an overview

11.5.2 The Review also recommended^{[footnote 385]} that while ARGA could act as that single regulatory body, the role would be better undertaken by a separate body with deeper expertise in local audit and that body might then also have responsibility for the local audit ‘Code of Audit Practice’^{[footnote 386]}.

11.5.3 Those responding on this topic to the government’s initial consultation in 2019 on the FRC Review expressed a range of views. Some believed that regulation of local audit should fall within the remit of ARGA, concerned that a separate body might involve duplication. Others agreed with the idea of regulation by a separate body, commenting on the complexity and fragmentation of the local audit framework and on the ways in which public audit differs from company audit, and the depth of expertise that an effective regulator would need.

Sir Tony Redmond’s review

11.5.4 Partly in response to the recommendation in the FRC Review, in 2019 the government commissioned Sir Tony Redmond to examine the effectiveness of local authority financial reporting and external audit in England. The report of his review^{[footnote 387]} was published on 8 September 2020.

11.5.5 Among other recommendations, this review recommended that a new regulatory body be established, the Office of Local Audit and Regulation: responsible for procurement, contract management, regulation, and oversight of local audit. Sir Tony’s review envisaged that the new body would be a small, focused organisation. It proposed that the FRC’s work in regulating local authority audit work and the National Audit Office’s role in setting the Code of Audit Practice should both be transferred to the new regulatory body, together with other functions. The new body would liaise with FRC – or, in future, ARGA – with regard to setting auditing standards.

11.5.6 The government’s response^{[footnote 388]} to the recommendations of Sir Tony Redmond’s independent review was published on 17 December 2020. It highlighted 5 themes:

action to support immediate market stability for local audit;
consideration of system leadership options;
enhancing the functioning of local audit, and the governance for responding to its findings;
improving transparency of local authorities’ accounts to the public; and
action to further consider the functioning of local audit for smaller bodies.

11.5.7 As the response document sets out, the government will explore the full range of options to deliver system leadership for local audit, including whether existing bodies could take on this function and how far similar approaches might be applied in the NHS and in other local public bodies. Those options will be aligned with the proposals set out in this document. The Ministry for Housing, Communities and Local Government plans to engage widely in order to make a full response on system leadership options for local audit by spring 2021.

11.5.8 In respect of the future shape of the audit profession, the response paper said:

Since local auditors come from the general pool of audit-trained professionals, changes to the wider audit profession have the potential to impact significantly on the long-term sustainability of the local (and wider public sector) audit market. This is both a risk and an opportunity for local audit. The government will therefore consider whether and how a new corporate auditing profession could continue to generate auditors with skills that are transferable to public sector audit. The department will work with BEIS on the development of an appropriate framework for this new profession and ensure that local audit practitioners have a voice in its development.

11.6 Independent supervision of the Auditors General

The government proposes to transfer responsibility for appointment of the Independent Supervisor of the Auditors General from the Secretary of State to Parliament.

11.6.1 The Auditors General, including the Comptroller and Auditor General (C&AG), are eligible for appointment as statutory auditors^{[footnote 389]}. The Companies Act 2006 requires the C&AG’s statutory audit work^{[footnote 390]} to be overseen by an “Independent Supervisor” who is appointed by the Secretary of State^{[footnote 391]}. The Independent Supervisor is currently the FRC.

11.6.2 The FRC Review recommended that the oversight of the Independent Supervisor should fall to Parliament rather than the Secretary of State. Currently, only the C&AG undertakes statutory audit work and is subject to scrutiny by the Independent Supervisor. The C&AG is an officer of the House of Commons appointed by The Queen. The work of the C&AG is carried out by the National Audit Office (NAO).

11.6.3 The government agrees and considers it is not appropriate for the C&AG to continue to be supervised by a body appointed by the Secretary of State. This arrangement has the potential to undermine the independence of that body and, in turn, the C&AG.

11.6.4 Subject to the views of Parliament, the government therefore proposes changing legislation so that responsibility for appointing the Independent Supervisor moves from the Secretary of State to Parliament. This responsibility might sit best with the Public Accounts Commission on behalf of Parliament, given its existing role^{[footnote 392]} in relation to the National Audit Office. This change would mean that the Independent Supervisor would be appointed by a body which is independent of government.

11.6.5 Parliament, or the Public Accounts Commission on its behalf, would then be the appropriate body to make decisions on the FRC Review’s recommendation on the appointment of an Independent Supervisor.

11.6.6 The government will work with the Public Accounts Commission in developing legislative proposals, in particular on the issues that the FRC Review raised: whether the Commission’s oversight of the NAO should extend to all financial audits it undertakes (i.e. not just statutory audits under the Companies Act)^{[footnote 393]}, and whether the Independent Supervisor’s reviews should be shared and published^{[footnote 394]}.

11.7 Whistleblowing

11.7.1 The Brydon Review recommended that workers should have legal protection for whistleblowing disclosures made to audit firms and audit partners, as well as directly to the regulator^{[footnote 395]}. It also recommended that Statutory Auditors for PIEs be added to the list of prescribed persons to whom workers can make a protected disclosure^{[footnote 396]}.

11.7.2 The government welcomes the intent of this recommendation but is not convinced that it would be appropriate to follow it. In almost all cases, whistleblowing disclosures are currently made to the relevant regulator or enforcement body, where there is one. In addition to the risks identified by Brydon about abuse of process^{[footnote 397]}, there are also risks around disclosure of commercially confidential information to the audit firm. The government is also concerned that rather than emphasising the societal importance of audit in the way envisaged by the Brydon Review^{[footnote 398]}, whistleblowing direct to auditors would instead be used as a vehicle for raising issues that were not within the scope of audit, putting an unnecessary burden on auditors.

11.7.3 It remains important that auditors are made aware of issues within their client. The FRC will consider options for consultation on changes to auditing standards, if it considers that any clarifications can be made to the existing requirements for PIE auditors to communicate with those charged with the company’s governance on matters which the auditor should factor into their risk assessment and subsequent audit work.

11.7.4 The Brydon Review further recommended that whistleblowing protections should be extended from employees to anyone with a direct economic relationship to the audited entity. This could include shareholders, suppliers, customers, and other creditors. The government wishes to support genuine whistleblowing. Such an expanded scope would have broad implications and would require substantial changes to the existing whistleblowing framework, which focuses on protected disclosures by workers. The government acknowledges wider interest in making reforms to the whistleblowing framework and has committed to conducting a review in due course.

FRC – Developments in Audit 2020 – p.7 ↩
The Investment Association’s 2018 Stewardship Survey found that ‘audit and reporting’ ranked 9th out of the 12 issues that asset managers and asset owners judge to be most important and on which they engage with companies most frequently ↩
Independent review of the Financial Reporting Council ↩
Statutory audit services market study ↩
Independent review into the quality and effectiveness of audit ↩
Independent review of the Financial Reporting Council: initial consultation on recommendations ↩
Statutory audit services market study: initial consultation on recommendations by the Competition and Markets Authority ↩
The Future of Audit, Business, Energy and Industrial Strategy Committee ↩
Statutory audit services market study, paragraph 4.10 ↩
Independent review into the quality and effectiveness of audit, paragraph 3.20 ↩
Independent review into the quality and effectiveness of audit, paragraph 2.0.3 and 2.0.4. ↩
Independent review into the quality and effectiveness of audit, paragraph 28.2.3, “there are many other large enterprises which have importance to the UK’s economy, and which could reasonably be included in the first tier of applicability. ↩
Independent review of the Financial Reporting Council, paragraph 2.41 and page 3, recommendation 27. This recommendation is examined in more detail later in this document. ↩
Directive 2006/43/EC of the European Parliament and of the Council of 17 May 2006 on statutory audits of annual accounts and consolidated accounts, Article 2(13). ↩
As defined in Article 4(1) of Directive 2004/39/EC of the European Parliament and of the Council of 21 April 2004 on markets in financial instruments. The regulated markets list is held by the European Securities and Markets Authority. ↩
As defined in Article 3(1) of Directive 2013/36/EU of the European Parliament and of the Council of 26 June 2013 on access to the activity of credit institutions and the prudential supervision of credit institutions and investment firms, but not including those referred to in Article 2 of that Directive. ↩
As defined in Article 2(1) of Council Directive 91/674/EEC of 19 December 1991 on the annual accounts and consolidated accounts of insurance undertakings. ↩
Based on data provided to BEIS by the FRC, there were 1945 UK PIEs as of February 2020. ↩
Regulation (EU) No 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements regarding statutory audit of public-interest entities (‘EU Audit Regulation’), Article 16; Companies Act 2006, sections 485A and 485B (private companies); sections 489A and 489B (public companies). ↩
EU Audit Regulation, Article 17 and 41,; Companies Act 2006, section 489C and 494ZA. ↩
EU Audit Regulation, Article 10. ↩
EU Audit Regulation, Article 11. ↩
EU Audit Regulation, Article 26 and 27; Statutory Auditors and Third Country Auditors Regulations 2016 (SI 2016/649) (‘SATCAR 2016’). ↩
Companies Act 2006, section 414CA. ↩
AIM listed companies other than small and medium-sized enterprises as defined in Article 4(13) of Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC. ↩
Independent review of the Financial Reporting Council,, paragraph 2.9. ↩
Independent review of the Financial Reporting Council, page 31, recommendation 18. ↩
Respondents referenced building societies, insurers and local authorities as examples. ↩
Except where there is good reason to take a different approach. For example, in relation to the proposal at 4.3.5 that “the new regulator should focus most of its pro-active corporate reporting review (CRR) work on companies that are PIEs but should retain powers to investigate reporting by other companies, in line with its current legal scope”. ↩
Large and Medium-sized Companies and Groups (Accounts and Reports) Regulations 2008 (SI 2008/410), Schedule 7, paragraphs 21 to 30. ↩
Companies Act 2006, section 414CA to 414CB. The companies to which those provisions apply are required to disclose, to the extent necessary for an understanding of the company’s development, performance, position and impact of its activity, information relating to environmental, employee, social, respect for human rights, anti-corruption and anti-bribery matters. ↩
Based on data from Fame, a database of company records and filings developed using Companies House data, which allows us to identify companies and key company metrics using bespoke criteria-based queries. ↩
This excludes ‘small and medium sized enterprises’ within Article 4(13) of Directive 2014/65/EU of the European Parliament and of the Council of 15 May 2014 on markets in financial instruments and amending Directive 2002/92/EC. Small and medium-sized enterprise are defined as meaning companies that had an average market capitalisation of less than €200m on the basis of end-year quotes for the previous 3 calendar years. ↩
The Insurance Accounts Directive (Lloyd’s Syndicates and Aggregate Accounts) Regulations 2008 (SI 2008/1950). ↩
For example, charities are regulated by the Charity Commission in England and Wales. ↩
This proposal would apply to registered charities in England and Wales. Charity law is devolved in Scotland and Northern Ireland. ↩
As an example, 0.03% of all charities had income exceeding £100m in 2017/18 ↩
Charities with incoming resources exceeding £100 million were removed from the regulator’s AQR scrutiny in 2016 as a deregulatory measure. ↩
Independent review of the Financial Reporting Council, paragraph 2.9, figure 5. ↩
Based on 2016 outcomes when the current PIE regime was introduced, one might expect to see a number of firms choosing to exit the market. ↩
Emerging growth companies are not required to obtain an auditor attestation for 5 years after an IPO provided that annual gross revenue remains below $1.07bn. ↩
Independent review into the quality and effectiveness of audit, paragraphs 13.1.8, 13.1.11 and 13.1.12 ↩
See in particular pages 40 to 48 of the Impact Assessment. ↩
UK Corporate Governance Code 2018, Provision 29 ↩
A model encompassing a role for both the CEO and CFO and the board collectively could be designed under which the board could be required to consider and sign off an attestation by the CEO and CFO about the effectiveness of the internal control system. ↩
https://www.coso.org/Documents/990025P-Executive-Summary-final-may20.pdf ↩
https://accif.co.uk/useful_links.html ↩
International Standard on Auditing (UK) 260: Communication with those charged with governance. ↩
Disclosure and Transparency Rule 7.2.5R and Companies Act 2006, section 497A. ↩
Companies Act 2006, s418(2). This requires every director to declare that there is no relevant audit information of which the auditor is unaware. This is weaker than the equivalent provision in SOX s302 where officers have to declare that they have disclosed to the auditors and the audit committee “all significant deficiencies in the design or operation of internal controls which could adversely affect the issuer’s ability to record, process, summarize, and report financial data and have identified for the issuer’s auditors any material weaknesses in internal controls”. ↩
Companies Act 2006, section 498(1). ↩
Independent review into the quality and effectiveness of audit, paragraphs 12.4 and 12.8. ↩
Listing Rule 8.4.2R(4). ↩
There are proposals set out in chapters 4 and 11 to give ARGA relevant new powers including: stronger powers to order amendments to the report and accounts; powers to require rapid explanations on reporting matters; powers to require an expert review; and powers to publish the outcomes of such reviews. ↩
For listed companies, this would need to take account of Listing Principle 1 which states that a company must “take reasonable steps to establish and maintain adequate procedures, systems and controls to enable it to comply with its obligations”. ↩
Companies Act 2006, section 831. ↩
Companies Act 2006, section 172(1). ↩
Companies Act 2006, section 174. ↩
TECH 02/17BL, Guidance on Realised and Distributable Profits under the Companies Act 2006. ↩
This point has been contested by some investors who assert that accounts cannot give a true and fair view unless these figures are disclosed. ↩
An approach based solely on a forward-looking insolvency statement would differ from EU law which provides for a capital maintenance system based on the availability of distributable reserves - Directive (EU) 2017/1132 of the European Parliament and of the Council of 14 June 2017 relating to certain aspects of company law, Article 56. ↩
Companies Act 2006, section 172(1)(a). ↩
See in particular the Financial Reporting Lab project report: Disclosure of dividends – policy and practice - November 2015 ↩
https://www.theia.org/sites/default/files/press-releases/document/Long%2520Term%2520Reporting%2520Guidance%2520%2528v1%2529.pdf ↩
Companies Act 2006, section 414CZA. ↩
International Financial Reporting Standards (IFRS) in the case of UK listed and AIM companies, and either IFRS or UK Generally Accepted Accounting Principles (UK GAAP) for other companies. ↩
Companies Act 2006, section 414C. ↩
Listing Rule 9.8.6, and UK Corporate Governance Code 2018, Provisions 28 to 31. The going concern statement must also be published with the company’s half yearly accounts. Both the going concern statement and viability statement must be prepared in accordance with FRC guidance. ↩
Independent review into the quality and effectiveness of audit, paragraph 18.1.2 ↩
FRC’s Financial Reporting Lab report – Covid19: Going concern, risk and viability (2020) ↩
For example, the institutional investor Schroders’ wrote an open letter to FTSE100 companies in December 2016 calling for longer-term disclosures in the viability statement (a copy is reproduced in annex A of the FRC Reporting Lab’s 2017 Report on Risk and Viability Reporting). ↩
Independent review into the quality and effectiveness of audit, paragraph 18.1.3.1 ↩
As a result, the government expects that the viability statement requirements in the UK Corporate Governance Code would be removed. ↩
Independent review into the quality and effectiveness of audit, paragraph 18.1.3.2 ↩
Government’s cyber resilience policy for businesses and organisations. The National Cyber Security Centre has designed resources to facilitate cyber security discussions between directors and their technical experts, including around governance https://www.ncsc.gov.uk/collection/board-toolkit. ↩
Nearer term implementation of the TCFD recommendations may be achieved within existing reporting frameworks, subject to consultation and in line with the government’s roadmap ↩
https://www.fsb-tcfd.org/ ↩
https://www.fca.org.uk/publications/consultation-papers/cp20-3-proposals-enhance-climate-related-disclosures-listed-issuers-and-clarification-existing ↩
See next section of this chapter. 80 Companies Act 2006, Part 15. ↩
Companies Act 2006, Part 15. ↩
Companies Act 2006, section 496 (auditor’s report on strategic report and director’s report), s 497 (auditor’s report on auditable part of director’s remuneration report), and section 497A (auditor’s report on separate corporate governance statement). ↩
See the FRC’s Glossary of Terms used in Ethics & Auditing and International Standard on Assurance Engagements (ISAE) 3000 ↩
To the extent permitted by the requirement that ‘non-audit services’ provided by an auditor of a public interest entity must generate fees of no more than 70% of the average audit fees paid to the auditor for the audit of the company over the previous 3 years. ↩
This is an example of a limited assurance engagement undertaken on behalf of First Group in respect of the company’s carbon emission disclosures ↩
See section 6.8 of consultation document. ↩
Independent review into the quality and effectiveness of audit, Chapter 10 ↩
That is, whether and if so how the company plans to seek assurance on resilience and risk reporting beyond the compliance and consistency check already carried out on such reporting in the front end of the report. ↩
Subject to the outcome of the consultation within this document on the option of auditors being required to assure the proposed new internal controls statement in whole or part. ↩
While the vote would be advisory, a premium listed company which received 20% or more votes against its resolution to approve the Audit and Assurance Policy would be subject to provision 4 of the UK Corporate Governance Code, requiring it to explain the action it will take to understand shareholder views and the impact this consultation may then have on subsequent decision-making. ↩
https://www.gov.uk/government/publications/business-payment-practices-and-performance-reporting-requirements ↩
Companies Act 2006, section 414CZA. ↩
https://www.frc.org.uk/document-library/audit-and-assurance/2019/summary-of-key-developments-for-2019-20-annual-rep ↩
The Code, now administered by the Small Business Commissioner on behalf of BEIS, was established in 2008 and sets standards for payment practices between organisations of any size and their suppliers ↩
The content of the strategic report is prescribed in the Companies Act 2006, section 414C to 414CB. ↩
Companies Act 2006, section 414CA. ↩
https://www.frc.org.uk/news/october-2020/frc-publishes-future-of-corporate-reporting-discus ↩
Companies Act 2006, section 172. ↩
Companies Act 2006, section 414CA and section 414CB. ↩
Large and Medium-sized Companies and Groups (Accounts and Reports) Regulations 2008, Schedule 7, Part 7 and Part 7A. ↩
Equality Act 2010 (Gender Pay Gap) Regulations 2017. ↩
Companies Act 2006, s 414CZA. ↩
The FRC’s powers in relation to company reports and accounts have been delegated by the Secretary of State to the FRC’s Conduct Committee: Supervision of Accounts and Reports (Prescribed Body) and Companies (Defective Accounts and Directors Reports) (Authorised Person) Order 2012 (SI 2012/1439). ↩
Companies Act 2006, section 456. ↩
Companies (Audit, Investigations and Community Enterprise) Act 2004, section 14. ↩
Independent review of the Financial Reporting Council, page 37, recommendation 29 ↩
Independent review of the Financial Reporting Council, page 36, recommendation 28 8 ↩
Companies (Audit, Investigations and Community Enterprise) Act 2004, section 18A. ↩
The FRC Conduct Committee’s delegated powers under section 456 of the Companies Act 2006 extend to all companies that prepare reports under the Act. ↩
https://www.frc.org.uk/document-library/frc/2014/principles-for-the-developments-of-codes-2014 ↩
Companies Act 2006, Part 15 (Accounts and Reports) and Part 16 (Audit). ↩
See chapter 10.1 which deals with the regulation of accountants and their professional bodies. ↩
Where appropriate other law enforcement agencies can also investigate and prosecute such offences e.g. Companies House, Serious Fraud Office, National Crime Agency and the police. ↩
Including listed companies, and those with securities admitted to non-listed markets such as AIM and Aquis. ↩
Independent review of the Financial Reporting Council, page 43,recommendation 36. ↩
Independent review of the Financial Reporting Council, page 43,recommendation 37. ↩
Independent review of the Financial Reporting Council, page 44, recommendation 38. ↩
Independent review of the Financial Reporting Council, page 44, recommendation 38. ↩
These duties are contained in the Companies Act 2006, Parts 15 and 16. ↩
Companies Act 2006, section 386. ↩
Companies Act 2006, section 393. ↩
Companies Act 2006, section 414. ↩
Companies Act 2006, section 419. ↩
Companies Act 2006, sections 418 and 499. ↩
Independent review into the quality and effectiveness of audit, paragraph 12.4. ↩
Companies Act 2006, section 173 to 175. ↩
As, for example, already exist in relation to statutory auditors where the FRC can take enforcement action in relation to breaches of requirements relating to professional ethics, independence, objectivity, confidentiality. See Statutory Auditor and Third Country Auditor Regulations 2016, regulation 5 and Schedule 1. ↩
Deloitte 2018 guide to directors’ remuneration in FTSE100 companies ↩
BEIS Committee 2019 Report into the Collapse of Thomas Cook ↩
Independent review into the quality and effectiveness of audit, paragraph 1.5. ↩
Independent review into the quality and effectiveness of audit, paragraphs 5.1.3-5.1.4. ↩
Independent review into the quality and effectiveness of audit, paragraph 5.2.6. ↩
Independent review into the quality and effectiveness of audit, paragraph. 5.2.7. ↩
Independent review of the Financial Reporting Council, page 20, recommendation 4. ↩
Prof. Chris Humphrey, Alliance Manchester Business School, quoted in Brydon Review report, para 5.1.1. ↩
Independent review into the quality and effectiveness of audit, paragraph 5.4.12. ↩
Available at iaasb.org ↩
Including equity capital and insurance/reinsurance markets, for example. ↩
Independent review into the quality and effectiveness of audit, paragraph 6.3.4. ↩
Independent review into the quality and effectiveness of audit, paragraph 6.4.5. ↩
Independent review into the quality and effectiveness of audit, paragraph 6.3.5. ↩
Companies Act 2006, section 393(1). Companies must also keep adequate accounting records and directors commit an offence if a company fails to comply with that duty: Companies Act 2006, sections 386 and 387. ↩
Enforcing directors’ duties in relation to corporate reporting and audit is discussed in Chapter 5. ↩
Independent review into the quality and effectiveness of audit, paragraph 14.2.2. ↩
Chapter 2 discusses whether directors should be required to attest to the effectiveness of internal controls. ↩
Regulation (EU) No 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements regarding the statutory audit of public interest entities, Article 7. ↩
Independent review into the quality and effectiveness of audit, paragraph 14.0.5. ↩
Independent review into the quality and effectiveness of audit, paragraph14.1.5. ↩
International Standard on Auditing (UK) 240: The auditor’s responsibilities relating to fraud in an audit of financial statements. ↩
https://www.frc.org.uk/news/october-2020/consultation-on-revised-auditing-standard-for-the ↩
Independent review into the quality and effectiveness of audit, paragraph 14.3.5. ↩
Chapter 2 covers whether auditors should be required to report on any internal controls attestation by directors. ↩
Independent review into the quality and effectiveness of audit, paragraph 14.3.5. ↩
Independent review into the quality and effectiveness of audit, paragraphs 14.3.2 and 14.3.3. ↩
Audit Quality Thematic Review – Fraud Risks and Laws and Regulations, FRC, January 2014 ↩
Independent review into the quality and effectiveness of audit, paragraph 14.4.3. ↩
Independent review into the quality and effectiveness of audit, paragraphs 14.5.1 and 14.5.4. ↩
The Statutory Auditors and Third Country Auditors Regulations 2016 (SI 2016/649), regulation 5(10). The Audit Enforcement Procedure was introduced in 2016; no Tribunal proceedings have been concluded under it to date. ↩
The Companies Act 2006, section 414CZA requires ‘large’ companies to include a ‘section 172 statement’ in their strategic report describing how the directors have had regard to specified matters, including the interests of wider stakeholders, in carrying out their duty to promote the success of the company. ↩
The Independent review of the Financial Reporting Council refers to graduated findings as “judgmental views… for example describing an estimate as being cautious, balanced or optimistic” (paragraph 3.25). The Independent review into the quality and effectiveness of audit states that graduated findings “indicate whether individual management estimates are considered to be conservative, balanced or aggressive” (paragraph 17.5.1). ↩
Independent review of the Financial Reporting Council, paragraphs 3.24-3.29 and page 52, recommendation 53. ↩
Independent review into the quality and effectiveness of audit, paragraph 17.5.9. ↩
Independent review into the quality and effectiveness of audit, paragraph 17.5.7 and 17.5.8. ↩
Independent review into the quality and effectiveness of audit, paragraphs 5.3.1 to 5.3.10. ↩
Independent review into the quality and effectiveness of audit, paragraphs 6.4.1 and 6.4.2. ↩
For a definition of issuer in this context, please see www.handbook.fca.org.uk/handbook/glossary/G627.html ↩
Independent review into the quality and effectiveness of audit, footnote 53, linked to paragraph 5.3.12. ↩
International Standard on Auditing (UK) 701: Communicating Key Audit Matters in the Independent Auditor’s Report, paragraphs A35 and A36. ↩
Independent review into the quality and effectiveness of audit, paragraphs 5.3.4 and 5.3.5. ↩
Independent review into the quality and effectiveness of audit, paragraph 5.3.15. ↩
Independent review into the quality and effectiveness of audit, paragraph 5.3.9. ↩
Companies Act 2006, section 393(1) ↩
Companies Act 2006, section 495(3) ↩
True and Fair, FRC, 2014 ↩
International Accounting Standard 1: Presentation of Financial Statements, paragraph 15. ↩
International Standard on Auditing (UK) 700: Forming an Opinion and Reporting on Financial Statements, paragraph A24. ↩
Independent review into the quality and effectiveness of audit, paragraph 11.9. ↩
Independent review into the quality and effectiveness of audit, paragraph 11.3. ↩
Independent review into the quality and effectiveness of audit, paragraphs 4.7 and 4.8. ↩
Independent review into the quality and effectiveness of audit, paragraphs 11.14 and 11.15. ↩
Any APMs which the auditor judges to be an integral part of the financial statements, due to their nature or presentation, fall within the scope of their audit opinion under International Standard on Auditing (UK) 700: Forming an Opinion and Reporting on Financial Statements, paragraph 53. ↩
Independent review into the quality and effectiveness of audit, paragraph 20.3.2. ↩
IASB Exposure Draft: General Presentation and Disclosures (December 2019); consultation closed 30/9/20. ↩
Response to the IASB’s General Presentation and Disclosures Exposure Draft, FRC, 1 October 2020. ↩
Independent review into the quality and effectiveness of audit, paragraph 5.3.12. ↩
Companies Act 2006, section 537. ↩
Independent review into the quality and effectiveness of audit, paragraph 25.0.2. Directors must act in a way which they consider, in good faith, would be most likely to promote the success of the company for the benefit of its members: Companies Act 2006, section 172. ↩
Independent review into the quality and effectiveness of audit, paragraph 25.0.4. ↩
Independent review into the quality and effectiveness of audit, paragraph 25.1.1. ↩
Independent review into the quality and effectiveness of audit, paragraph 25.1.2. ↩
Independent review into the quality and effectiveness of audit, paragraph 9.6.3 (discussed in Chapter 7, paras 7.3.23 and 7.3.24). ↩
Companies Act 2006, section 532(1). ↩
Independent review into the quality and effectiveness of audit, paragraph 5.1.7. ↩
Independent review into the quality and effectiveness of audit, paragraph 6.0.11. ↩
The 3 Institutes of Chartered Accountants (ICAEW, ICAS and CAI), the Association of Chartered Certified Accountants (ACCA) and the Association of International Accountants (AIA). ↩
The AIA is an RQB but not an RSB. ↩
Independent review into the quality and effectiveness of audit, paragraph 6.6.2. ↩
Independent review into the quality and effectiveness of audit, paragraph 6.6.14. ↩
Independent review into the quality and effectiveness of audit, paragraph 6.1.2. ↩
For example, the ICAEW has various Faculties for particular specialisms, including Audit and Assurance. ↩
Independent review into the quality and effectiveness of audit, chapter 6. ↩
Independent review into the quality and effectiveness of audit, paragraph 6.0.8. ↩
See the FCA’s Disclosure and Transparency Rules (DTRs) 7.1 (which apply to issuers whose transferable securities admitted to trading on regulated markets) and equivalent PRA rules for banks, building societies and insurers. The UK Governance Code 2018 – which premium listed companies adhere to on a ‘comply or explain’ basis – largely mirrors these requirements. Changes to FCA rules can only be made by the FCA, after full consultation. ↩
DTRs 7.1.1A. PRA rules make equivalent provision for banks, building societies and insurers. ↩
Regulation (EU) No 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements regarding statutory audit of public-interest entities, Article 16.2; Companies Act 2006, section 485A, 485B, 489A and 489B. Audit committees of FTSE 350 companies are also subject to the mandatory competitive audit tender requirements under the Statutory Audit Services for Large Companies Market Investigation (Mandatory Use of Competitive Tender Processes and Audit Committee Responsibilities) Order 2014. ↩
DTRs 7.1.3. PRA rules make equivalent provision for banks, building societies and insurers. The 2014 Order also requires that FTSE 350 companies ensure that their audit committee carries out certain overlapping functions. ↩
https://www.frc.org.uk/document-library/corporate-governance/2016/guidance-on-audit-committees-april-2016 ↩
Statutory audit services market study, page 132. ↩
Independent review into the quality and effectiveness of audit ↩
Department for Business, Energy and Industrial Strategy, Statutory audit services: initial consultation on the Competition and Markets Authority recommendations, page 9. ↩
The FRC has already produced best practice aids for Audit Committees, for example one on audit quality from Dec 2019 ↩
Supervision Manual 3.3 and 3.4 of the FCA Handbook sets minimum standards for auditor appointments for financial services firms. The new requirements set by ARGA would be intended to sit alongside these but aim to achieve different objectives to the FCA rules. ↩
At present, the Secretary of State has the power to require a company to appoint an auditor only when a company has failed to appoint an auditor or has appointed an auditor in a manner that fails to comply with the relevant legislative requirements. See Companies Act 2006, sections 486 and 486A (private companies) and sections 490 and 490A (public companies). ↩
https://assets.publishing.service.gov.uk/government/uploads/system/uploads/attachment_data/file/765547/auditor-appointment-letter-to-greg-clark-december-2018.pdf ↩
Statutory audit services market study, page 133-4. ↩
215 Companies Act 2006, section 511A. ↩
The CMA proposed measures to improve information for shareholders and increase transparency of audit committees, especially during tendering. This included disclosing audit staff hours and fee breakdowns and a requirement to provide a public database of audit partners and firms. See Statutory audit services market study, Final Summary Report, page 18-9. ↩
International Standard on Auditing (UK and Ireland) 300: planning an audit of financial statements. ↩
Including issues within the market sector it operates in. ↩
This could be as a result of failure of internal controls or complex and judgmental accounting issues. ↩
Large and medium sized companies are required to include description of the principal risks and uncertainties facing the company in their annual strategic report: Companies Act 2006, 414C(2)(c). DTR 4.2.7 also requires all listed companies to disclose their principal risks and uncertainties in the interim management report. ↩
A company audit refers to what an audit should entail under Part 16 of the Companies Act. ↩
For example, the audit committee chair’s annual report could provide a link to a company’s website enabling shareholders to feed in comments relating to the latest audit plan. ↩
Independent review into the quality and effectiveness of audit, page 48, recommendation 9.1.11 ↩
If reported within the company auditor’s report, then the auditor’s findings could be reported under a separate heading within the report. Consideration should also be given to the form and whether it should be in another report. ↩
Companies Act 2006, section 502. ↩
Companies Act 2006, section 527 ↩
Independent review into the quality and effectiveness of audit, page 52, recommendation 9.5.6 ↩
Independent review into the quality and effectiveness of audit, paragraph 9.5.4 ↩
https://www.frc.org.uk/directors/corporate-governance-and-stewardship/uk-corporate-governance-code/frc- guidance-for-boards-and-board-committees ↩
And statutory auditors of other companies in certain circumstances as specified in Companies Act 2006, section 519. ↩
Companies Act 2006, section 519. ↩
Save where the company chooses to apply to the court to prevent circulation of the statement on the grounds that it believes the statement to be defamatory. ↩
Independent review into the quality and effectiveness of audit, Chapter 23. ↩
Independent review into the quality and effectiveness of audit, Recommendation 23.0.12. ↩
Independent review into the quality and effectiveness of audit, recommendation 23.1.2. ↩
Independent review into the quality and effectiveness of audit, paragraph 9.4.5 ↩
Independent review into the quality and effectiveness of audit, paragraph 9.6.3 ↩
Investment Association Written Evidence - BEIS Select Committee ‘Delivering Audit Reform’ ↩
The CMA’s recommendations regarding market resilience are addressed in section 8.3, below. ↩
See Chapter 9 on supervision of audit quality. ↩
See also section 5.1 on enforcement against Directors who are not accountants ↩
Statutory audit services market study, pages 187-293 ↩
Statutory audit services market study, page 192 ↩
Statutory audit services market study, page 187 ↩
Statutory audit services market study, page 188 ↩
Independent review into the quality and effectiveness of audit, paragraph 25.2.3 ↩
Independent review into the quality and effectiveness of audit, paragraph 9.4.14 ↩
See page 25, above. ↩
See page 25, above. ↩
Independent review of the Financial Reporting Council, recommendation 19 ↩
Independent review of the Financial Reporting Council, recommendation 71 ↩
Independent review of the Financial Reporting Council, recommendations 72 and 73 ↩
Independent review of the Financial Reporting Council, recommendation 72 ↩
Independent review of the Financial Reporting Council, recommendation 73 ↩
Competition Act 1998, Part 1, Chapter 1. ↩
Competition Act 1998, Part 1, Chapter 2. ↩
Independent review of the Financial Reporting Council, recommendation 19 ↩
Market Opening Measures, Chapter 8.1, sets out that the government agrees with the CMA’s conclusion that the market will benefit from increased choice from the participation of a wider range of firms. ↩
Those audit firms will be subject to the statutory replacement for the current voluntary arrangements with FRC ↩
Statutory audit services market study Final Summary Report 2019, paragraph 49 ↩
These measures are listed in Statutory audit services market study Final Summary Report 2019, p.18. Please note that the summary of the CMA’s proposals listed in paragraphs 8.4.1 to 8.4.6 does not include the suggested measures to improve information for shareholders, which are addressed in Section 7.3 of this document. ↩
Statutory audit services market study, page 94 ↩
Statutory audit services market study, page 175 ↩
The Statutory Auditors and Third Country Auditors Regulations 2016 introduced a requirement for all Public Interest Entities to conduct a tender at least every 10 years and rotate auditors after at least 20 years. ↩
BEIS Select Committee, Future of Audit, page 51 ↩
https://www.gov.uk/government/consultations/measures-to-reform-post-termination-non-compete-clauses-in- contracts-of-employment; if you are unable to respond to this consultation by 26 February please contact Frederick.Everitt@beis.gov.uk ↩
The FRC has been authorised to carry out this function on behalf of the Secretary of State. Companies Act 2006, section 1252, and the Statutory Auditors (Amendment of the Companies Act 2006 and Delegation of Functions etc) Order 2012 (SI 2012/1741). ↩
Statutory Auditors and Third Country Auditors Regulations 2016 (SI 2016/649), regulation 3(12). View the direction. ↩
Independent review of the Financial Reporting Council, page 29, recommendation 16. ↩
Independent review of the Financial Reporting Council, page 29, recommendation 16 ↩
The Statutory Auditors and Third Country Auditors Regulations 2016, regulation 5. The FRC may not delegate the imposition of sanctions related to the quality assurance reviews or investigation of statutory audits of public interest entities (see regulation 3(5)). ↩
The government notes that paragraph 5A of Schedule 10 of the Companies Act 2006 allows the FRC to apply and vary the rules of the RSBs where and to the extent that a task is reclaimed by the competent authority. ↩
Regulation (EU) No 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements regarding statutory audit of public-interest entities, Article 26. ↩
See FRC website. These inspections must be carried out in accordance with SATCAR 2016, regulation 9. ↩
Regulation (EU) No 537/2014, Article 26(6); Statutory Auditors and Third Country Auditors Regulations 2016, regulation 9(7). ↩
Regulation (EU) No 537/2014, Article 28. ↩
Regulation (EU) No 537/2014, Article 26(8)(c). ↩
Independent review of the Financial Reporting Council, page32, recommendation 20. ↩
Independent review into the quality and effectiveness of audit, paragraph 26.3.2 ↩
ARGA’s new general objective is set out in more detail at paragraph 10.1.8 ↩
‘Component’ is defined in auditing standards as “An entity or business activity for which group or component management prepares financial information that should be included in the group financial statements.”, International Standard on Auditing (UK) 600, para 9(a) ↩
Independent review of the Financial Reporting Council, paragraph 2.22. ↩
‘Component auditor’ is defined in auditing standards as “An auditor who, at the request of the group engagement team, performs work on financial information related to a component for the group audit. A component auditor may also be a Key Audit Partner.”, International Standard on Auditing (UK) 600, para 9(b) ↩
Also referred to in auditing standards as ‘audit documentation’, which is “the record of audit procedures performed, relevant audit evidence obtained, and conclusions the auditor reached”, International Standards on Auditing (UK) 230, para 6(a) ↩
See, for example, the ICAEW’s Audit Regulations and Guidance, rule 3.13. ↩
Independent Review of the Financial Reporting Council, page 42, recommendation 34. ↩
The auditor has no right to obtain information subject to LPP unless the audited entity consents. See Companies Act 2006, section 499(4). ↩
Sports Direct International plc v The Financial Reporting Council [2020] EWCA Civ 177. ↩
Independent review of the Financial Reporting Council, page 19, recommendation 1. ↩
Independent review of the Financial Reporting Council, page 20, recommendation 3. ↩
Independent review of the Financial Reporting Council: initial consultation on recommendations, page13 ↩
E.g. reordering the elements of ARGA to match in the order in which they are done, to get Governance, Reporting and Audit Authority. ↩
Independent review of the Financial Reporting Council, page 20, recommendation 4. ↩
ARGA’s statutory objectives would not be engaged when it is carrying out other functions (e.g. deciding whether to take enforcement action in individual cases). That is consistent with other regulators such as the FCA, PRA and PSR whose statutory objectives are engaged only when they are carrying out their ‘general functions’ (e.g. making rules, setting guidance etc.). ↩
Independent review of the Financial Reporting Council, page20, recommendation 5. ↩
Independent review of the Financial Reporting Council, page 65, recommendation 71. ↩
Independent review of the Financial Reporting Council, page 66, recommendation 73. ↩
Financial Services and Markets Act 2000, section 1B(4). ↩
97% of audits of FTSE 350 firms are undertaken by the Big Four auditors. Independent Review of the Financial Reporting Council, p.63. ↩
Statutory audit services market study, paragraph 1.1.17c. ↩
See chapter 8. ↩
Legislative and Regulatory Reform Act 2006, section 21 and 22. Read the Regulators’ Code. ↩
This is addressed by the first provision of the Regulators’ Code. ↩
This is addressed by the third provision of the Regulators’ Code. ↩
Independent review of the Financial Reporting Council, page19, recommendation 1. ↩
Independent review of the Financial Reporting Council, page 21, recommendation 6. ↩
The UK Corporate Governance Code applies on a ‘comply or explain basis’: the FCA listing rules require that premium listed companies must report on whether they have applied the code. Chapter 2.1 sets out proposals for stronger internal company controls which ARGA might have a role in applying. Chapter 9.1 also sets out proposals to revoke the government direction which currently requires the FRC to delegate the task of applying the auditing standards it determines (including by making provision to secure compliance with those standards). If that direction is revoked, the FRC (and in due course ARGA) will be free to reclaim this function. ↩
Chapter 4 sets out proposals to strengthen the regulator’s powers in this area. ↩
See chapter 9.1. ↩
Independent review of the Financial Reporting Council, page 46, recommendation 73. ↩
See chapter 8.3. ↩
This refers to Recognised Supervisory Bodies: self-regulated UK bodies that supervise and maintain the conduct and technical standards of auditors performing statutory audits. ↩
For example, some functions undertaken in a private capacity e.g. audit monitoring and supervision with crown dependencies. ↩
Independent review of the Financial Reporting Council, page19, recommendation 2. ↩
Read the government’s letter and the FRC’s response ↩
For example, the FCA has a duty to have regard to recommendations made by the Treasury to the FCA about aspects of the government’s economic policy (Financial Services and Markets Act 2000, section 1JA), and Ofcom has a duty to have regard to the government’s statement of strategic priorities (Communications Act 2003, section 2A to 2C). ↩
Companies Act 2006, Schedule 13, paragraph 10. ↩
Independent review of the Financial Reporting Council, page 53, recommendation 54. ↩
Independent review of the Financial Reporting Council, page57, recommendation 62. ↩
Independent review of the Financial Reporting Council, page 53, recommendation 55. ↩
Independent review of the Financial Reporting Council, page 53, recommendation 56. ↩
Independent review of the Financial Reporting Council, page 55, recommendation 58. View the FRC Procurement Policy ↩
The Legislative and Regulatory Reform (Regulatory Functions) Order 2007 identifies the persons with regulatory functions to which sections 21 and 22 of the Legislative and Regulatory Reform Act 2006 apply. ↩
Independent review of the Financial Reporting Council, page 21, recommendation 7. ↩
Independent review of the Financial Reporting Council, page 23, recommendation 8. ↩
Independent review of the Financial Reporting Council, page 23, recommendation 9. ↩
Independent review of the Financial Reporting Council, page 24, recommendations 10 to 12. ↩
Independent review of the Financial Reporting Council, page 24, recommendation 12. ↩
Independent review of the Financial Reporting Council, page 26, recommendation 13. ↩
https://www.frc.org.uk/about-the-frc/procedures-and-policies/governance-and-constitution ↩
Independent review of the Financial Reporting Council, page 27, recommendation 14. ↩
Independent review of the Financial Reporting Council, page 39, recommendation 32. ↩
Independent review of the Financial Reporting Council: initial consultation on recommendations ↩
https://www.frc.org.uk/about-the-frc/funding ↩
Companies Act 2006, Schedule 10, paragraph 20ZA. ↩
Independent review of the Financial Reporting Council, page 60, recommendation 64. ↩
Independent review of the Financial Reporting Council: initial consultation on recommendations ↩
Independent review of the Financial Reporting Council, page 60, recommendation 64. ↩
Independent review of the Financial Reporting Council: initial consultation on recommendations. ↩
Independent review of the Financial Reporting Council, page 60, recommendation 65 and 66. ↩
The chartered professional accountancy bodies are the Institute of Chartered Accountants in England and Wales (ICAEW), the Institute of Chartered Accountants of Scotland (ICAS), Chartered Accountants Ireland (CAI), the Association of Chartered Certified Accountants (ACCA), the Chartered Institute of Management Accountants (CIMA) and the Chartered Institute of Public Finance and Accountancy (CIPFA). ↩
National risk assessment of money laundering and terrorist financing 2020 ↩
HMRC Tackling Promoters of Tax Avoidance Consultation, July 2020 ↩
HMRC Raising Standards in the tax advice market: call for evidence, para 48 ↩
Actions 35 and 36 of the Economic Crime Plan 2019-2022 ↩
HMRC Raising standards in the tax advice market – summary of responses and next steps ↩
Tackling tax avoidance, evasion and other forms of non-compliance ↩
ICAEW, ICAS, CAI, ACCA, CIPFA and CIMA. ↩
https://www.frc.org.uk/document-library/professional-oversight/2003/frc-ccab-exchange-of-letters ↩
Although CIMA is no longer a member of the CCAB, the FRC continues its oversight role in much the same way as it does with the CCAB members. ↩
Independent review of the Financial Reporting Council, page 45, recommendation 41. ↩
Independent review of the Financial Reporting Council, page 44, recommendation 39. ↩
Independent review of the Financial Reporting Council, page 45, recommendation 40. ↩
https://www.frc.org.uk/document-library/professional-discipline/2014/the-accountancy-scheme-(effective-8-december-2014). See clause 2(1), definition of ‘misconduct’. ↩
Statutory Auditors and Third Country Auditors Regulations 2016, regulation 5. The ‘Audit Enforcement Procedure’ sets out the FRC’s policy for exercising those powers. ↩
Independent review of the Financial Reporting Council, page 41, recommendation 35. ↩
Though enforcement powers might be available to the regulator or another body if the unaffiliated accountant was carrying out a regulated activity (e.g. statutory audit work) or if the unaffiliated accountant was a director and the conduct triggered the regulator’s proposed new enforcement powers against company directors (see chapter 5). ↩
Independent review of the Financial Reporting Council, paragraph 2.65 and page 41, recommendation 35. ↩
Independent review of the Financial Reporting Council’s Enforcement Procedures Sanctions, October 2017 ↩
https://webarchive.nationalarchives.gov.uk/20120704150545/http://www.hm-treasury.gov.uk/d/morris_final.pdf ↩
https://www.frc.org.uk/document-library/actuarial-policy/2014/memorandum-of-understanding ↩
https://www.frc.org.uk/auditors/enforcement-division/actuarial-scheme ↩
Independent review of the Financial Reporting Council, page 67,recommendation 74. ↩
Independent review of the Financial Reporting Council, page 68, recommendation 75. ↩
For actuarial work which is within the UK, IFoA members must apply the relevant technical actuarial standards (TASs). For work which is outside the UK, relevant local standards may apply. ↩
More information is available here: https://www.actuaries.org.uk/upholding-standards/standards-and-guidance ↩
More information is available here: https://www.actuaries.org.uk/upholding-standards/actuarial-monitoring-scheme ↩
https://www.frc.org.uk/jfar ↩
The revised Code was published in October 2019. The regulator is responsible for maintaining and monitoring compliance with the Code. ↩
Independent review of the Financial Reporting Council, page 46, recommendation 42: “The Review recommends that a fundamental shift in approach is needed to ensure that the revised Stewardship Code more clearly differentiates excellence in stewardship. It should focus on outcomes and effectiveness, not on policy statements. The government should also consider whether any further powers are needed to assess and promote compliance with the Code. If the Code remains simply a driver of boilerplate reporting, serious consideration should be given to its abolition.” ↩
Statutory audit services market study, page page 143. ↩
The AMT was established in 2017 to encourage greater dialogue between the government, industry and the FCA in order to identify opportunities to enhance the UK’s competitiveness as a global centre for asset management and to oversee the delivery of HMT’s Investment Management Strategy. ↩
Independent review of the Financial Reporting Council, paragraph3.6. ↩
Independent review of the Financial Reporting Council, page 48, recommendation 45. ↩
Independent review of the Financial Reporting Council, paragraph3.11. ↩
Independent review of the Financial Reporting Council, page 48, recommendation 45. ↩
Independent review into the quality and effectiveness of audit, paragraph 18.1.5. ↩
Regulation (EU) No 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements regarding statutory audit of public-interest entities, Article 12(1). See also International Standard on Auditing (UK) 250: Section B: The auditor’s statutory right and duty to report to regulators of public interest entities and regulators of other entities in the financial sector, paragraph 13R. ↩
Financial Services and Markets Act 2000, sections 342 and 343. ↩
Independent review of the Financial Reporting Council, page 48, recommendation 46. ↩
Independent review of the Financial Reporting Council, page 49, recommendation 47. ↩
Independent review of the Financial Reporting Council, page 50, recommendation 49. ↩
Independent review of the Financial Reporting Council, page 50, recommendation 50. ↩
Independent review of the Financial Reporting Council, page 70, recommendation 76. ↩
Independent review of the Financial Reporting Council, page 71, recommendation 77. ↩
Independent review of the Financial Reporting Council, page 73, recommendation 82. ↩
www.gov.uk/government/publications/local-authority-financial-reporting-and-external-audit-independent-review ↩
https://www.gov.uk/government/publications/local-authority-financial-reporting-and-external-audit-government-response-to-the-redmond-review ↩
Other Auditors General are the Auditor General for Scotland, the Auditor General for Wales and the Comptroller and Auditor General for Northern Ireland. ↩
Statutory audit work is defined in section 1210 of the Companies Act 2006. ↩
Companies Act 2006, Part 42, Chapter 3. ↩
The Commission has a duty to examine the National Audit Office Estimate and lay it before the House, to consider reports from the appointed auditor of the National Audit Office (NAO), to appoint non-executive members of the NAO Board, and to report from time to time. ↩
FRC Review recommendation 80 ↩
FRC Review recommendation 79 ↩
Brydon Review, para 22.9 ↩
See Employment Rights Act 1996, Part 4A. ↩
Independent review into the quality and effectiveness of audit, paragraph 22.10. ↩
Independent review into the quality and effectiveness of audit, paragraph 22.11. ↩

Cookies on GOV.UK

Foreword

General information

Why we are consulting

Consultation details

Audiences:

Territorial extent:

How to respond

Confidentiality and data protection

Quality assurance

Executive summary

The need for reform

Summary of proposals

Directors

Audit, auditors and audit firms

Shareholders

The audit regulator

Chapter summaries

Chapter 1 – The government’s approach to reform

Chapter 2 – Directors’ accountability for internal controls, dividends and capital maintenance

Chapter 3 – New corporate reporting on resilience, assurance and payment practices

Chapter 4 – Strengthening the supervision of corporate reporting

Chapter 5 – Company directors

Chapter 6 – Audit purpose and scope

Chapter 7 – Audit committee oversight and engagement with shareholders

Chapter 8 – Competition, choice and resilience in the audit market

Chapter 9 – The supervision of audit quality

Chapter 10 – A strengthened regulator

Chapter 11 – Additional changes to the regulator’s responsibilities

Supporting documents

Government’s wider work to improve corporate frameworks

1. The government’s approach to reform

1.1 The government’s approach

1.2 The timetable for change

Next steps

When will new measures take effect?

Assessing the progress of reform

1.3 Resetting the scope of regulation

Public Interest Entities

Issues arising from consultation

Government proposals

Large companies

AIM companies

Private companies listing on a regulated market

Qualifying and ceasing to qualify as a PIE

Other Considerations

Lloyd’s Syndicates

Third sector entities

Other entities

Impact on the statutory audit market

Timeframe

2 Directors’ accountability for internal controls, dividends and capital maintenance

2.1 Stronger internal company controls

UK and US internal control frameworks

Views of respondents to the initial consultation

Report of the Independent Review into the Quality and Effectiveness of Audit

Reform options

Basis for the directors’ internal control statement

Areas for external auditor attestation

Frequency of external attestation

Government’s initial preferred option

Directors’ responsibility statement

Annual review of internal control effectiveness and new disclosures

Principles and guidance

External audit and assurance

Enforcement

Scope

Consultation questions

2.2 Dividends and capital maintenance

The current legal framework

Issues arising from current framework

Government approach to reform

Government proposals

Assign responsibility for defining realised profits and losses to ARGA and enhancing the legal status and enforceability of the definition

New requirements to disclose distributable reserves

(i) Disclosure of the distributable reserves in the financial statements

(ii) Disclosure of estimates of a group’s dividend-paying capacity

New directors’ statement about the legality of proposed dividends and the effects on the future solvency of the company

Improved information for investors about company distribution policies

3. New corporate reporting