Our culture is underpinned by a strong set of values and supporting policies and processes which enables the right attitudes and behaviors to permeate throughout the network, starting from the very top. We promote a culture in which consultation is encouraged and recognized as a strength.
It is essential that everyone involved in performing audits recognizes that audit quality is their responsibility. Leadership plays a critical role in setting the right tone and leading by example – demonstrating an unwavering commitment to the highest standards of professional excellence and championing and supporting major initiatives. Leadership teams at both global and member firm levels are committed to building a culture based on quality, integrity and ethics, demonstrated through their actions – written and video communications, presentations to teams and one-to-one discussions. A focused and consistent message across the global network is important to reinforce our commitment to audit quality.
A number of global steering groups support and drive the execution of strategy with a focus on audit quality – the Global Audit Steering Group (GASG), the Global Audit Quality Issues Council (GAQIC) and the Global Quality & Risk Management Steering Group (GQRMSG). Each of these global groups has their own specific areas of focus and they work closely with one another on quality matters, along with regional and member firm leadership, to:
In addition, the Global Head of Quality, Risk and Regulatory, Larry Leva, appoints Area Quality & Risk Management Leaders (ARL) whose role includes assessment of the effectiveness of a member firm’s quality and risk management efforts.
The overall governance structure of KPMG International and a more detailed description of the role and remit of the GASG, GAQIC, GQRMSG and the ARLs, is provided in the Supplementary Report.
Member firm leadership is responsible for quality and for the member firm’s system of quality control. Within each member firm there is a Head of Audit who has primary responsibility for audit quality and is assisted by the member firm Risk Management Partner in maintaining the member firm’s system of quality control. Part of the selection criteria for these individuals is that they have sufficient and appropriate experience and ability, and have the necessary authority to properly discharge their roles.
Member firm Heads of Audit
Member firm Heads of Audit are responsible for leading a sustainable high-quality Audit practice. This includes:
Member firm Risk Management Partners
Each member firm has a designated Risk Management Partner, who is an experienced partner with primary responsibility for the direction and execution of risk compliance and monitoring of quality control in the member firm, reports to member firm senior leadership and consults with their appointed ARL.
KPMG International’s audit strategy is discussed in the KPMG International Annual Review and includes a focus on quality and service delivery standards expected of our audit partners and staff, and a commitment to ethical principles. Our audit strategy supports our drive to reliably deliver independent assurance that provides confidence to stakeholders. The Global Head of Audit reinforces this in communications to all audit partners and staff during his periodic presentations.
To help ensure a common understanding of what drives audit quality within KPMG, we developed the Global Audit Quality Framework (see below). KPMG member firms use this framework to communicate and illustrate our approach to audits and to enhancing audit quality. For more detail on the framework refer to the Supplementary Report.
Our Values summarize what we believe in and form the foundation of our culture. We communicate our Values clearly to our people and embed them into our people processes – induction, performance development and reward – and give them specific consideration for senior promotions. They also form the foundation of our approach and shape how we work together to provide insights.
Building on our Values, is our Global Code of Conduct that all member firms and their personnel are required to comply with. The Global Code of Conduct defines who we are and how we act, and it:
Member firms either adopt the Global Code of Conduct or incorporate its principles into their own member firm code of conduct. All member firm personnel are required to confirm their understanding of, and compliance with, the applicable Code of Conduct upon joining their member firm, and annually thereafter.
We regularly monitor the extent to which our people feel we live our Values through the Global People Survey.
Integrity is a critical characteristic that our stakeholders expect and rely on. Therefore, above all we ‘act with integrity’ and are constantly striving to uphold the highest professional standards, provide sound advice and rigorously maintain our independence. The following are some examples of our integrity in action.
Accepting the right clients and engagements
Every prospective client is evaluated using a consistent methodology to assess aspects critical to KPMG’s association with them, including the integrity of management and those charged with governance and how the business operates. This also involves background checks on the prospective client, its key management and significant owners. A key focus is on the integrity of management at a prospective client – the factors to consider in the evaluation include breaches of laws and regulations, anti-bribery and corruption and human rights. The evaluation is always reviewed by a second partner.
Every prospective engagement is likewise evaluated to make sure that member firms can properly undertake the assignment. This includes addressing relevant independence and conflict of interest issues and allocating appropriately experienced and skilled personnel.
Audit clients and engagements are re-evaluated annually, and changes in the risk profile of a client or engagement also trigger re-evaluation. More details on the evaluation of clients and engagement is available in the Supplementary Report, section 5.
Keeping information confidential
KPMG International has information security policies and procedures governing the handling of client confidential information and of personal information. Our people must maintain confidentiality of all client and former client information, and our professionals must affirm their understanding of the rules governing confidential client information in writing once a year as part of the annual independence confirmations. We impose minimum technical requirements on member firm IT systems to enhance the protection of such information.
Zero-tolerance approach to bribery
KPMG International prohibits involvement in any type of bribery – even if such conduct is legal or permitted under applicable law or local practice. We also do not tolerate bribery by third parties, including by clients, suppliers or public officials. We require member firms to have appropriate internal controls in place to mitigate the risk of involvement in bribery by the member firm and its personnel. On joining and every two years, all our people are required to take training covering the Code of Conduct, compliance with laws and regulations and anti-bribery and corruption.
Independence of an auditor from its client is critical and is a cornerstone of international professional standards and regulatory requirements. Audit reform legislation in a number of jurisdictions means businesses and their auditors face a variety of differing and increasingly complex independence regulations.
To facilitate compliance, KPMG International has detailed independence policies and procedures that incorporate the requirements of the International Ethics Standards Board for Accountants (IESBA) Code of Ethics. These are set out in KPMG’s Global Q&RM Manual. Automated tools facilitate compliance with these requirements. These tools include KPMG’s web-based application Sentinel™ which must be used for every prospective engagement to identify potential independence (and conflict of interest) issues. Where there are additional applicable independence standards locally, member firms add specific procedures to network-wide processes.
E&I policies and procedures are instilled in our people through mandatory training. The training covers personal and firm independence and includes case studies and real-life examples. Member firms are required to provide all relevant personnel with independence training that is appropriate to their grade and function when they join KPMG and annually thereafter.
Upon acceptance of employment and annually thereafter, all personnel are required to sign a confirmation that they are in compliance with, and will abide by, applicable E&I rules and policies.
In addition to online tools and training, we provide leadership and guidance on independence issues to our people through access to experienced and knowledgeable professionals within each member firm (through its Ethics & Independence Partner) and through the Global Independence Group.
The operation of the independence policies and processes is monitored through annual independence confirmations and compliance audits, as well as through the network’s wider monitoring programs described in section 6.
KPMG International avoids conflicts of interest within the member firms by using Sentinel™ for each prospective engagement to identify and manage potential conflicts both within and across member firms. Risk management professionals are allocated to resolve potential conflict issues, and escalation procedures are followed when agreement on a way forward cannot be reached. Prospective engagements are declined if a potential conflict issue cannot be resolved.
Conflicts of interest can arise in situations where KPMG personnel have a personal connection with the client that may interfere, or be perceived to interfere, with their ability to remain objective, or where they are personally in
possession of confidential information relating to another party to a transaction. Consultation with the member firm’s Risk Management Partner or the Ethics and Independence Partner is required in these situations.
We require our people to report suspected and actual breaches of KPMG policy or of laws, regulations or professional standards through established channels. When issues are raised, we have procedures to enable them to be properly documented and addressed on a timely basis, and to be communicated to those charged with governance or to any other appropriate authority as required by professional standards or laws and regulations.
Each member firm has procedures and established channels of communication so that personnel can report ethical and quality issues without fear of retaliation. If someone does not feel comfortable using these mechanisms, KPMG International has an International Hotline that can be used by anyone inside or outside KPMG.
More detail on our independence policies and procedures is available in the Supplementary Report.
KPMG has a strong culture of consultation that supports our partners throughout their decision-making processes and is a fundamental contributor to audit quality. We promote a culture in which consultation is recognized as a strength, and that encourages personnel to consult on difficult or contentious matters.
To assist audit professionals in addressing difficult or contentious matters, we have established protocols for consultation and documentation of significant accounting and auditing matters, including procedures to facilitate resolution of differences of opinion on engagement issues.
Member firms provide consultation support to audit engagement professionals through professional practice resources (referred to as Department of Professional Practice (DPP)). The DPP role is formalized in policy as an integral part of the system of quality control. The policy sets out the base level practices which assist and guide DPP in fulfilling its role.
Technical accounting and auditing support is available to member firms through the Global Service Centre (GSC) and the International Standards Group (ISG) as well as the US Capital Markets Group for Securities and Exchange Commission (SEC) foreign registrants.
The GSC develops, maintains and deploys KPMG’s global audit methodology and technology-based tools used by audit professionals to facilitate effective and efficient audits, with emphasis on global quality and consistency.
The ISG works with panels on Global International Financial Reporting standards (IFRS) and International Standards on Auditing (ISA), along with topic teams with geographic representation from around the world, to promote consistency of interpretation of IFRS and auditing requirements between member firms, identify emerging issues and develop global guidance on a timely basis.
Our member firms have professional practice and risk management resources to assist engagement teams where there are differences of opinion either within teams or with the Engagement Quality Control (EQC) reviewer. Unresolved differences are escalated to senior partners for final resolution. The ISG is also available for consultation where required.
*Unless the context otherwise requires, throughout this document “KPMG” and “KPMG network” (“we”, “our”, and “us”) generally refers to the member firms of the KPMG network of independent firms affiliated with KPMG International, a Swiss entity that services as a coordinating entity for the KPMG network. KPMG International provides no client services.