This article discusses how expanded audit reporting is evolving and how it will be applied in Canada.
That there will be changing requirements for expanded audit reporting is a virtual certainty. What form they will take, how regulators in various jurisdictions will frame them and how the new requirements will be applied in Canada remain far less certain questions.
In the UK, the Financial Reporting Council (FRC) has taken the lead, formulating and implementing their own rules, which are receiving general approval from stakeholders. On the global front, the International Auditing and Assurance Standards Board (IAASB) is developing its own audit reporting requirements, as is the Public Company Accounting Oversight Board (PCAOB) in the US. The IAASB has just approved their standard, which will have a significant impact on the direction of the audit reporting model for Canadian companies.
The essence of all the new proposals is the premise that the reporting requirements should go beyond the traditional pass/fail model to provide more useful information in the auditor’s report and make the audit and auditor’s report more relevant, while leveraging the masses of data they collect and analyze to provide further comment and insight.
While the FRC principles listed here are requirements, auditors are being encouraged to take the process further to provide more detailed findings. This was evidenced in KPMG’s Rolls-Royce audit, where the company and the auditor agreed to include significant auditor findings in the audit report and which is being touted by some as a best practice example of the new audit model.
There is currently no final standard in place in Canada for expanded auditor reporting. It is likely that the Auditing and Assurance Standards Board (AASB) in Canada will adopt requirements similar to those of the IAASB. We understand that the AASB is monitoring developments in all other jurisdictions and, no doubt, our regulators are looking at both the IAASB and PCAOB proposals as potential models. As such, there is considerable debate concerning the best way to proceed, specifically around the question: why shouldn’t shareholders and the public benefit from any added value the external auditor is capable of delivering? Alternatively, those not fully behind expanded reporting might ask: but shouldn’t the dissemination of information of this nature be the responsibility of management and the audit committee (AC)? And how far do we go into “auditor insight” before audit risk and auditor liability become issues?
With Canada still monitoring developments around the world, this back and forth is likely to continue for some time. As such, ACs, and indeed all audit stakeholders, should bear the above and a few other questions in mind:
Early indications from the UK suggest that the new audit reports are being widely read and that their audience is generally finding them both interesting and valuable. Even so, some tensions will likely surface in all countries that adopt a new reporting model—between the shareholders who want more and deeper information, ACs and management who feel they should control it, regulators developing the mechanisms and frameworks to report it, and the auditors tasked with unearthing and commenting on it. How this complex dynamic will resolve itself in Canada remains to be seen, but the options are taking shape and all audit stakeholders should be poised to provide input and adapt as necessary.