CORPORATE GOVERNANCE ECOSYSTEM AND AUDIT QUALITY
Covid-19 has led to volatility in the financial markets. There are obvious concerns about whether corporations will be able to weather this storm. There are also reports of sharp increases in trading activities by retail investors. These investors typically look at profitability, size of reserves, and cash and gearing, among other metrics. Reliable financial information is essential in helping investors make informed decisions.
The fundamental value of an audit lies in the fact that it is probably the most cost-effective mechanism which provides credibility to general purpose financial statements. Audited numbers are crucial for confidence in the capital markets and to make investment decisions. Unaudited financial information from management would normally be viewed sceptically because management is not independent and has vested interest to paint a positive outlook. Hence, audit reports are an important component in the entire financial reporting ecosystem. Accordingly, it is critical for audits to be – and perceived to be – of high quality.
Notwithstanding the importance of high-quality audits, we need to understand that auditors are not the sole guardians of public interest. Multiple stakeholders have a shared responsibility in this regard. For a balanced perspective of things, it would be meaningful to look into the roles of various stakeholders in the corporate governance ecosystem and how the quality of audits in Singapore is maintained.
THE CORPORATE GOVERNANCE ECOSYSTEM
It should first be established that auditors are only one of the components in the corporate governance ecosystem.
The Board of Directors (Board), being responsible for true and fair financial statements and maintaining internal controls, discharges its duties with the assistance of the audit committee, management and internal auditors. In this respect, a competent finance and accounting team is crucial. A weak team results in overdependence on the auditors, causing an imbalance in the ecosystem.
Standard-setters, regulators and enforcement agencies uphold the structure of the ecosystem by implementing regulations and standards, monitoring compliance, and investigating and prosecuting governance failures while investor watchdog groups stand up for minority shareholders.
Education and training also play an integral role by laying the foundation of this ecosystem. This includes education for the investing community to keep up with the increasing complexity and sophistication of the financial markets.
What is the auditor’s role?
The auditor seeks to obtain reasonable, but not absolute, assurance to express an independent opinion on whether the financial statements as a whole are free from material misstatement, whether due to fraud or error.
The audit process involves understanding the business environment, risks and internal controls. It could be an interwoven complex process requiring the application of professional judgement and scepticism. A complex process is distilled into a few pages of the auditor’s report.
The auditor also evaluates the appropriateness of management’s assessment of going concern. If there are material uncertainties on the entity as a going concern or if the management’s use of the going concern assumption is inappropriate, the auditor highlights this in the auditor’s report. One needs to be mindful however, that businesses could fail due to a variety of reasons, from poor business decisions to changes in the business environment beyond anyone’s control.
In addition, due to the inherent limitations of an audit, there is an unavoidable risk that a properly planned, performed and fully compliant audit may still not detect material misstatements, particularly where there is management collusion.
It is also important to note that an unqualified (or clean) audit opinion is not meant to endorse the viability of a business or the effectiveness of its management.
HOW IS THE QUALITY OF AUDITS MAINTAINED?
In the face of increasing business complexity, the need for high-quality audits which can stand up to scrutiny is higher than ever.
The process in achieving audits of high quality begins even before an audit client is accepted, and extends to the time the audit report is signed. This process is highly iterative, and we will not elaborate further on this. However, there are some other not-widely-known factors which help drive the quality of audits in Singapore. These include:
The Singapore Standard on Quality Control (SSQC) 1 requires an audit firm to maintain a system of quality control to provide reasonable assurance that:
(a) The firm and its personnel comply with professional standards and applicable legal and regulatory requirements, and
(b) The reports issued by the firm or engagement partners are appropriate in the circumstances.
These include, among others:
- Evaluate client acceptance and continuance
One key consideration during client acceptance and continuance assessments is the integrity of the principal owners, key management and those charged with governance of the entity.
Another is to consider whether the engagement team has the competency and necessary capabilities to perform the engagement, including time and resources.
Where there is significant doubt over these, a firm’s risk assessment protocol would normally result in the engagement being rejected.
- Engagement quality control review
For audits of listed entities, an engagement quality control reviewer (EQCR) is required. The EQCR is typically another partner or person in the audit firm (or suitably qualified external person), separate from the main audit engagement team, with sufficient and appropriate experience and authority to perform the EQCR’s role.
The EQCR’s role, among others, is to perform an objective evaluation of the significant judgements made by the audit engagement team, the conclusions reached in formulating the auditor’s report and consider if the proposed auditor’s report is appropriate.
This review process has to be completed before the auditor’s report is issued.
- Monitoring quality control
A firm’s monitoring process is required to include, on a cyclical basis, inspection of at least one completed engagement for each audit engagement partner. Such inspection cannot be carried out by those who are involved in performing the engagement or the EQCR.
Some firms go beyond this mandatory requirement by implementing an additional “hot review” process, where engagement files are reviewed by another person in the audit firm with sufficient and appropriate experience before the auditor’s report is issued.
Practice Monitoring Programme
The Accounting and Corporate Regulatory Authority (ACRA) conducts independent audit inspections under the Practice Monitoring Programme to ascertain if public accountants have complied with the prescribed auditing standards. The Programme is administered under the oversight of the Public Accountants Oversight Committee (PAOC), which is a Board committee under ACRA.
The PAOC appoints the Practice Monitoring Sub-committee, which comprises experienced public accountants and qualified professionals, to review the inspection findings and propose the recommended actions. The PAOC then decides on the review outcome and the appropriate consequential action to be taken in cases of fail outcome, which may include ordering the public accountants to undertake remedial actions, or it may impose sanctions, depending on the severity of the non-compliances.
Even after multiple reforms and a long history of evolution which have led to today’s comprehensive structure of audit standard-setting, quality control and regulatory oversight, the auditing profession remains persistent in its pursuit of quality. Improving the quality of audit is always high on the agenda of standard-setters and regulators the world over.
With risk being a constant presence in any form of business or investment, stakeholders’ education, transparency and the availability of timely and fairly presented information are crucial in instilling trust in the capital markets. This, however, will require concerted efforts from all stakeholders in the corporate governance ecosystem.
Lim Ju May is Deputy Director, and Terence Lam is Senior Manager, Technical, ISCA. A translated version of this article was first published in Lianhe Zaobao on 11 July 2020.