Proposed International Standard on Auditing 550 (Revised) Related Parties
Comments from ACCA
April 2006
Executive Summary
ACCA welcomes the opportunity to comment on the proposed revised International Standard on Auditing 550 (Revised) Related Parties (proposed ISA 550), issued for comment by the International Auditing and Assurance Standards Board (IAASB) of the International Federation of Accountants (IFAC).
ACCA supports the updating of this ISA to a clearer, risk-based approach and its use of definitions from the applicable financial reporting framework.
We have concerns, however, that:
- More could be done to explain how proposed ISA 550 relates to ISAs dealing with fraud and with audit risk generally as, in our view, the number of requirements in proposed ISA 550 is disproportionately large.
- Small and medium-sized entities (SMEs) will bear the burden of compliance but there is little guidance on applying proposed ISA 550 in the audit of such entities.
- There is insufficient consideration of the specific circumstances encountered in the audit of public sector entities.
- Where management asserts that a transaction is at arm’s length, requirements could deter transparent financial reporting or add to auditor liability.
- Requirements relating to evaluating whether financial statements are misleading are unnecessary, as such matters are already addressed by professional ethics.
Comments on Significant Proposals
RISK-BASED APPROACH AND RELATIONSHIP WITH OTHER ISAs
The risk-based approach of proposed ISA 550 is a considerable improvement over that in extant ISA 550, which relies on mandating specific procedures. In achieving consistency between proposed ISA 550 and the ‘audit risk ISAs’ more could have been done, however, to explain the relationship with those ISAs and ISA 240 The Auditor’s Responsibility to Consider Fraud in an Audit of Financial Statements.
As we stated in our response in February 2006 to the document Improving the Clarity of IAASB Standards:
‘Proposed ISA 240 has a further paragraph explaining its relationship to ISAs 315 and 330 and a section dealing with fraud in the context of an audit of financial statements. While we find this material helpful, we suggest that there should be an overall plan for the Clarity project concerning the need for and purpose of introductory material in individual ISAs. This would promote consistency in drafting.’
The relationship between ISA 240 and proposed ISA 550 is particularly significant, as the Explanatory Memorandum issued with proposed ISA 550 states that the need to review ISA 550 was driven to a large extent by the need to respond to recent major corporate scandals. It is important for users to understand whether ISA 240 is relevant to all fraud or whether, for related parties, it needs to be used in conjunction with proposed ISA 550. If the latter is not the case, it calls into question the need for proposed ISA 550 in relation to fraud and, given that the ‘audit risk ISAs’ already cover the risks of material misstatement, the remaining need for proposed ISA 550 would have to be justified. It is unclear whether proposed ISA 550 seeks to increase the cost of an audit overall or to increase the emphasis on its subject matter without changing the overall cost.
RELATED PARTY DEFINITION
We agree with the use of definitions from the applicable financial reporting framework. We also agree with drawing on International Accounting Standard 24 Related Party Disclosures (IAS 24) in those circumstances where the applicable financial reporting framework does not address related parties.
The above is a pragmatic position because auditors would otherwise have to deal with differences between definitions for financial reporting and those for auditing that could lead to complications and misunderstandings. It seems to us that proposed ISA 550 has implicitly assumed that any definition (or implied definition) in a financial reporting framework would be broadly similar to that in ISA 24 and hence that the audit procedures would be substantially the same, irrespective of the framework. We recommend the inclusion of provisions to deal with circumstances where the financial reporting framework includes only minimal related party material (such as provisions for consolidation of owned entities) but otherwise does not extend to consideration of the relationships falling within the IAS 24 definitions.
MANDATORY RISK ASSESSMENT PROCEDURES
Overall issue
As set out earlier in our response, under the heading ‘Risk-based approach and relationship with other ISAs’, proposed ISA 550 is similar to ISA 240 in that, for an audit, it establishes an appropriate degree of emphasis on its subject matter.
It is appropriate, therefore, that in relation to proposed ISA 550 we advance by analogy the argument reproduced below from our response in February 2006 to the document Improving the Clarity of IAASB Standards:
‘. . . some ISAs deal with matters for which the general ISAs are not considered sufficient. For example, ISA 240 is concerned with the degree of emphasis placed on fraud by the auditor when carrying out an audit in compliance with the other ISAs, such as ISA 315 and ISA 330. ISA 240 mandates further procedures relating to fraud that, in the view of the IAASB, constitute an appropriate degree of emphasis on fraud in an audit. This is analogous to Standards for review engagements that mandate an appropriate level of evidence gathering to achieve the level of limited assurance necessary in the circumstances.
ISA 240 relies on its mandatory procedures to establish the degree of emphasis on fraud for virtually all engagements. Where engagements are not addressed by the requirements (in circumstances falling outside the ‘virtually all’ test) we believe that the need for further procedures has to be a matter of auditor judgement, as writing an objective in relation to fraud to establish the degree of emphasis on it is, we consider, a very difficult matter. This argues strongly to us that for certain limited circumstances, compliance with the requirements of an ISA should be sufficient to demonstrate that the objective of the ISA has been met (and that should be stated in the ISA) or the objective should be worded in a way that achieves the same end.’
Related party relationships and transactions not identified or disclosed by management
We agree that it is appropriate for the auditor to search for related party relationships and transactions not identified or disclosed by management.
We are concerned, however, that the requirements in paragraph 11 of proposed ISA 550 are unclear and that they could be very onerous, especially in the audit of SMEs. For example:
- Paragraph 11(a) requires inquiry of management and others within the entity. The requirement should not assume that there will always be appropriate ‘others within the entity’ as in some SMEs there will not.
- Paragraph 11(a) restricts inquiry to that in respect of transactions that are both significant and non-routine. In contrast, Paragraph 11(c) requires review of appropriate records or documents not only for significant and non-routine transactions but also for ‘other information’ that may indicate the existence of previously unidentified or undisclosed related party relationships or transactions. Such ‘other information’ could include virtually any matter, including transactions that are otherwise insignificant.
- Paragraph 11(c)(ii) refers to ‘other relevant statutory records’. This could be interpreted widely and might, for example, include the register of members (which for a major listed company could include many thousands of shareholders) or, where the keeping of accounting records is required by statute, include the basic books of account.
We believe that the above examples illustrate the difficulty in setting out as requirements matters that, under a risk-based approach, should be no more than explanatory Application Material. The ‘requirements’ include judgemental matters such as:
- what are the criteria under which transactions are significant?
- what are the criteria under which transactions are non-routine?
- which parties are ‘others within the entity’ (the Application Material defines them as those who are likely to have knowledge of the entity’s related party relationships and transactions – in other words, the definition is circular)?
- what criteria determine the ‘active exertion of dominant influence’?
- how can an auditor understand the nature of business relationships that only ‘may’ have been established?
It is routine for an auditor to examine transactions and form a view as to whether any are significant. During that process the auditor will constantly evaluate the evidence, perhaps identifying similar transactions when one such was initially thought to be isolated. It is much more difficult to make an inquiry of management and others because, unless the auditor can define ‘significant’ the other parties will apply their own judgement, not that of the auditor.
Without labouring the point by providing further examples, we believe that all requirements should be clear and unambiguous. Where, as seems often to be the case in proposed ISA 550, it is not possible to draft a clear requirement, this indicates that the matter should be dealt with in Application Material. Because the auditor is required to achieve the objective of the ISA, the standard is not weakened by this; instead, its greater clarity promotes a higher-quality audit.
ARM’S LENGTH ASSERTION
Paragraph 18 of proposed ISA 550 refers to circumstances where ‘the entity’s disclosures may assert that a related party transaction has been conducted at arm’s length.’ This may have been intended to refer only to explicit disclosure of a material transaction but that should be made more clear as it could, as drafted, refer to implicit disclosure of immaterial transactions (for example, through accounting for a purchase from a related party in the same way as from another supplier).
The latter part of paragraph 18 could be interpreted as requiring the auditor to assume that any related party transaction for which management finds it difficult to substantiate an arm’s length assertion is a significant risk. We are not comfortable with this as it will not always be the case. We believe that the auditor should make a risk assessment in the normal way, guided by Application Material that deals with such circumstances.
In circumstances where the applicable financial reporting framework allows management a choice of whether to assert that a transaction was at arm’s length or to make no assertion, there is a danger that proposed ISA 550 will influence that decision. Management could decide to omit an arm’s length assertion to avoid audit costs or to solve audit-related problems and so reduce the quality of financial reporting.
There is a further implication of requiring auditors to, in effect, give an opinion on an isolated assertion. Auditing whether a transaction is at arm’s length is subject to natural limitations; for example, with related parties it is not always possible to discover concealed terms or matching transactions. In the overall context of an audit designed to achieve reasonable but not absolute assurance this is understood. Taken in isolation, however, there may be an ‘expectation gap’ as users assume greater certainty and thus auditor liability could be increased. We suggest that this specific matter be addressed in the Introduction, where paragraph 4 deals with inherent limitations in identifying all related party relationships and transactions.
ASSESSING RELATED PARTY DISCLOSURES
We do not agree that there should be a requirement to assess the adequacy of related party disclosures irrespective of the financial reporting framework (paragraph 18(c)).
A requirement is inappropriate as it raises public policy and liability issues in relation to the auditor ‘second guessing’ an established legal or regulatory framework. In addition, as footnoted in the text of proposed ISA 550, the IFAC Code of Ethics for Professional Accountants already contains provisions that deal with association with misleading information.
Answers to Specific Questions
In this section we comment on those matters highlighted in the exposure draft as being of particular interest to the IAASB.
ASPECTS OF THE CLARITY PROJECT
Whether the objective for the ISA is appropriate, and whether the proposed requirements are appropriate responses to that objective?
Our overall comments on the nature of objectives are contained in our response to the Clarity project exposure draft. We would expect that, when finalised, there would be clear similarities between the objectives in ISA 240 and ISA 550 as both ISAs seek to establish an appropriate degree of emphasis on their subject matter in relation to the overall audit approach under the audit risk ISAs. In proposed ISA 550, the wording of paragraph 13 may need consideration as the discussion among members of the engagement team is required to ‘place particular emphasis on’ (related parties) which is exactly the same degree of emphasis as set out in paragraph 16 of proposed ISA 240 in relation to fraud.
In relation to the specific wording in proposed ISA 550, the objective refers to actions being ‘In the context of the applicable financial reporting framework’. This might be interpreted as excluding circumstances where the applicable financial reporting framework does not establish related party requirements. We suggest clarifying the wording to make it clear that the objective is ‘framework-neutral’.
WHERE A PARTY APPEARS TO ACTIVELY EXERT DOMINANT INFLUENCE
‘. . . where a party appears to actively exert dominant influence over the entity, the auditor shall perform procedures intended to identify the parties to which the dominant party is related, and understand the nature of the business relationships that these parties may have established with the entity. Do you agree with this proposed requirement?
We agree with this requirement as auditors must be seen to be proactive in relation to searching for related parties. We have concerns, however, that the circumstances of small entities and public sector entities have not been properly addressed and that the requirement could be overly burdensome. For example, small entities will almost always have a party that actively exerts dominant influence (the owner-manager).
The procedures are in addition to those required by paragraphs 9, 10 and (other subparagraphs of) 11. Those other procedures provide evidence that a party exists, or apparently exists, that actively exerts dominant influence over the entity. The requirement should be redrafted to make it clear whether it applies to the former case (for example, there is a holding company) or only to the latter case, where there is doubt. We recommend restricting this further requirement to the latter case, as that is both more focussed on the risk of non-disclosure and less burdensome in the majority of audits.
OTHER MATTERS
The explanatory memorandum called for comments on whether:
- considerations in the audit of small entities have been dealt with appropriately
- special considerations in the audit of public sector entities have been appropriately included
- there are any foreseeable difficulties in application in a developing nation environment, and
- there are any potential translation issues?
We have no comments in relation to the latter two bullet points.
Small entities
We are concerned that the Introduction and Application Material each made just one reference to conditions relevant to small entities. As set out earlier in this response, under the heading Related party relationships and transactions not identified or disclosed by management, certain requirements may be unduly burdensome in the circumstance of the audit of SMEs. Proposed ISA 550 concentrates on circumstances that are encountered in the audits of public interest entities and should do much more to address the less complex circumstances of small entities.
In this regard, we endorse the recommendations made in the response to this exposure draft from the European Federation of Accountants (FEE) . These are contained in section 1.3 Comments on Special Considerations in the Audit of Small Entities and Appendix I: Special Considerations in the Audit of Small Entities of the FEE letter of 26 April 2006.
Public sector entities
The Appendix to proposed ISA 550 sets out the related party definitions that apply when not using those in the applicable financial reporting framework. A footnote states that the definitions are based on those in IAS 24 and that, for the audit of a public sector entity, the relevant definitions are those set out in International Public Sector Accounting Standard 20 Related Party Disclosures (IPSAS 20). We accept that, because of the extensive nature of those definitions, it is not appropriate to reproduce the material in IPSAS 20. Our comments earlier in this response, in relation to financial reporting frameworks that include only minimal related party material, are equally applicable to the public sector in certain jurisdictions.
We are concerned that the Application Material does not provide any guidance on public sector issues or even include an example that is specific to the public sector. We suggest that differences in the following may be significant:
In much of the public sector, the arm’s length assertion is not implicit in financial transactions. Even where transaction values are not determined by law, regulation or control this may be the case; for example, the concept of ‘value for money’ depends to some extent on a public sector entity being able to use its position to extract better value from suppliers than might be achieved at arm’s length. This is relevant to the requirements proposed in paragraphs 18 to 20.
Many public sector entities will have a party that appears actively to exert dominant influence over them; for example the ministry of finance, or local government. The requirement proposed in paragraph 11(b), to perform procedures intended to identify the parties to which the dominant party is related and understand the nature of the business relationships that these parties may have established with the entity, could be both very onerous and produce evidence of little value in the circumstances.