Corporate failures are a reflection of a robust corporate governance system in the UK, according to auditors at a recent ICAEW conference on the subject.

Indeed, instead of elevating corporate collapses such as Carillion and Patisserie Valerie as proof the system doesn’t work, Andy Kemp, Chair of the Audit Committee Chairs’ Independent Forum (ACCIF), said: “There’s always a danger that the failures are held up as the norm whereas, in fact, the failures are very much the extremes of what happens.”

Panellists acknowledged that corporate governance had been regularly reformed over the decades and would continue to evolve. “We should also be ready and willing to accept change. I think there is a need for change,” Kemp said.

As an audit committee chair of many decades, Kemp said that as a result of the corporate collapses of 2018 the governance changes have created a “very different relationship between auditors and the relationship with the audit committee”, which he welcomed: “The confidence that auditors have now to be more challenging is absolutely right.” 

When asked if audit quality had improved over recent years, Kemp pushed back somewhat, arguing that perhaps what had improved was more the quality of how auditors record audits: “I would like to think that good audits existed 20 years ago and the right judgements were made by sensible, qualified, experienced people. There is no doubt audit files have got significantly bigger. A focus on making sure that the right level of evidence for every judgement made is there. That’s positive.”

Mala Shah-Coulon, Associate Partner, Governance and Policy, EY, echoed Kemp’s description of “a very healthy relationship between auditors and audit committees and boards”, attributing the shift to the regulatory scrutiny, both at an individual engagement level of audit and also at a firm-wide level.

Since the 2018 corporate collapses, audit firms – particularly the larger firms – have made significant operational, structural and cultural reforms to comply with tighter regulation governing audit engagements: “We have to do a lot to actually satisfy the Financial Reporting Council (FRC) about the robustness of our underlying risk management, independence, ethics functions, talent functions, and there is a lot of regulatory and public expectation – rightly so.” 

The operational changes that EY has undergone, such as separating its audit and non-audit services, has “elevated the importance of consistently high audit quality and the public interest role of the auditor throughout the firm”, she said, adding that EY now has an audit board that looks at how management safeguard audit quality. 

Internal audit focus

Focusing on the second and, particularly, the third line of defence in the debate, Carolyn Clarke, founding partner of Brave Consultancy, said: “It matters that we have strong, supported, funded, second- and third-line functions within an organisation that take accountability. But it requires a proper voice at the table.”

Clarke said that internal auditors need to “step up” in terms of understanding where and how their assurance is coming from, and in looking forwards and not just backwards: “When we’re talking about things like sustainability assurance, it isn’t singularly about the external assurance that you might be getting, whether that comes through an external audit firm or through boutiques. It’s about how do you as directors exercise your accountability for getting that assurance real-time, day to day, into the boardroom.” 

Clarke added: “There are some real questions to ask around the variety of what might be functions that are not subject to the same expectations of professional qualifications and standards.”

Although the slated Audit and Assurance Policy (AAP) has been dropped from legislation, Clarke said there was more and more evidence that organisations were voluntarily applying the AAP for improved assurance mapping: “There is research that says that while the Audit and Assurance Policy itself has not come to fruition, at least at the moment, a significant proportion of organisations recognised the opportunity of assurance mapping, which really is an important part of it. I think that’s because it simply makes common sense.”

Kemp concurred on the importance of the AAP and added that another part of the slated legislation that was dropped was the Resilience Statement, which, he said together with the AAP – should be brought back under secondary legislation.

The ACCIF, Kemp said, has written to the government requesting that both the AAP and the Resilience Statement should be “reborn in secondary legislation, because I think both of them have a part to play in maintaining and developing trust”.  

Reformed regulation

The government and UK regulators have said they are reviewing regulation to “find the right balance” to encourage growth while deterring mismanagement, particularly for smaller companies that are the engine of the UK economy.

Richard Moriarty, Chief Executive of the FRC, also speaking at the conference, said there was now a need for a shift in approach to corporate governance and that he wanted company directors to abide by the UK’s ‘comply or explain’ rule, instead of submitting reams of information for fear of falling foul of the rules: “I often worry that when there is a failure or a scandal, the first cries in anguish are: ‘Where are the auditors?’ I think to myself, surely, the first question is: ‘Where were the directors?’” 

The FRC has unveiled its new three-year plan, with the focus on less prescriptive guidance and permissive regulation. “I do believe that regulators have a role, and I am keen that the FRC leans firmly in that direction, and partly that’s about supporting people with responsible risk-taking,” Moriarty said.

If the UK wants more growth, then “responsible risk-taking” is required, the FRC chief said, adding that the FRC’s role was “to support that, not to eliminate that”. 

Moriarty reiterated the need for the regulators to be recast as overseers of high standards of rules, but it was not their responsibility to prevent corporate failure, he said. “For the first time in our strategy, we are bold and clear that our role is not to prevent corporate failure. I think it’s really important we say that because if we don’t say that, the risk is we build a regulatory edifice that could be interpreted as trying to prevent corporate failure. That is not our role,” Moriarty said.

Rules are “made or broken by good corporate culture”, the FRC chief said, adding that the UK Corporate Governance code is 11 pages long, principles-based and applies primarily to premium-listed businesses on the stock exchange. 

“I appreciate there is some risk aversion. I appreciate the role of proxy advisers complicates matters. But I also think that some boards need to rediscover an element of courage,” Moriarty said.

Currently, the FRC’s powers to sanction wrongdoers only apply to members of the accountancy profession, which fund it, but do not apply to company directors. Various independent reviews since the 2018 corporate collapse of outsourcer Carillion have suggested a future regulator should have its powers expanded to include company directors, too.

Useful link

• The 2025 changes to Audit Regulations are now confirmed and will take effect on 1st June. Click here to find out more about the new regulations.