In the last issue, Andy Holton looked at how much work the group auditor needs to do when a significant component of a group is audited by another firm. This month Richard Gillin unpicks some more frequently-asked questions around ISA 600.
Q. Can I accept an appointment as a group auditor when my company does not audit many (or any) of the group components?
A. Yes you can, providing you are comfortable with the work of the component auditors. This is a question for all auditors – ISA 600 The Audit of Group Financial Statements does not distinguish between network and non-network firms. The key is the understanding of the component auditors required by paragraph 19, which covers:
Q. Is there any difference between using a network firm and an unrelated firm as a component auditor?
A. The only difference is that for a network firm the group auditor may already have a partial understanding of the other company (such as common training courses for competence or independence policies). The ISA still requires the group auditor to document their understanding, and the component auditor to acknowledge their compliance with the group auditor’s requests.
Q. What happens when component auditors’ documentation is not published in English?
A. The group auditor has to obtain sufficient appropriate audit evidence to issue an opinion on the group accounts. That does not necessarily mean that the group auditor has to be able to read every single document. If they can read the language well enough to demonstrate that they have reviewed relevant communications from the component auditor – and any documentation they need to review – that should do the job.
If not, it may be possible for the key documents to be produced in English. So consider whether any staff members have language skills and can help prepare an English summary for the group engagement partner, so they can ascertain whether the key documents are supported by the audit file.
Q. Do I need to review the component auditors’ files?
A. Paragraph 44 of ISA 600 states, “The group engagement team shall evaluate whether sufficient appropriate audit evidence has been obtained from the audit procedures performed on the consolidation process and the work performed by the group engagement team and the component auditors on the financial information of the components, on which to base the group audit opinion.”
This might mean obtaining copies of papers from component auditors, summary memoranda of work done, discussions or questionnaires. Paragraph 42 of ISA 600 makes clear that the group auditor evaluates communications from a component auditor (for example, a summary memo or clearance opinion), discusses significant matters as appropriate, and then considers whether it is necessary to review other parts of the component auditor’s documentation. This will, of course, be influenced by the group auditor’s assessment of risk, which may in turn depend on the significance of the component.
Q. I want to review the component auditors’ files. Can I insist they give me access?
A. The Companies Act 2006 requires auditors of UK subsidiaries to provide such information and explanations as the group auditor thinks necessary for the performance of their duties as group auditor (s499). Notable are the following points:
It does not apply to overseas subsidiaries. Section 500 of the Act requires a parent company, if requested by the group auditor, to obtain information from the auditor of a subsidiary. But as they are outside of the UK, the Act cannot force them to do anything.
Neither s499 nor s500 apply to components other than subsidiaries (for example, joint ventures and associates).
“Information and explanations” does not necessarily include a copy audit file. The law goes on to acknowledge that it may not always be legally possible to obtain copies of papers.
In situations where a component auditor is not obliged to co-operate, it may be possible to enter into a hold harmless agreement with them. The group auditor can still rely on the component auditors’ work – just at their own risk. Note that ISA 600 requires that the group auditor take sole responsibility for the group audit opinion anyway. Q. What about risk assessments?A. Paragraph 30 of ISA 600 requires that the group auditor participates in the risk assessment carried out by:
That might be a memorandum that reflects the component auditor’s conclusion with regard to the identified significant risks.
This can be done by:
Doing this at the planning stage will avoid late surprises for the group auditor and group management. It may be appropriate to combine the call with a discussion of the auditor’s communication as to what they want the component auditor to do – and combining the return of a copy of the component auditors’ plan with their acknowledgement of cooperation (required by paragraph 40 of ISA 600).
Richard Gillin is director, national accounting and audit, at Deloitte
There is a new video on group audits as part of the professional scepticism series
The faculty plans to issue further group audits guidance this year. Please let us know if you have any specific group audit issues, either as group or component auditor, by contacting Chris Cantwell.
This article first appeared in Audit & Beyond, magazine of the ICAEW Audit and Assurance Faculty, in March 2012.