The tragic circumstances in Ukraine mean that for many, there are much more important issues at hand than ‘business as usual’ activities such as audit. In many cases, offices of companies and auditors will be closed and obtaining sufficient appropriate evidence will be impossible. There will be different challenges for entities located in Russia and Belarus, where business will be continuing but under sanctions and other restrictions. 

With this in mind, this guide offers practical considerations in relation to the work of group auditors to address the requirements of ISAs (UK). It may also be relevant for group auditors in other jurisdictions with similar requirements. Although the circumstances are very different, the implications for group audits are similar to those that existed as a result of COVID-19, which also gave rise to a fast-evolving situation.

ISA (UK) 600 requirements 

Companies and their auditors may be facing unprecedented practical challenges in a number of areas, including group audits. ISA (UK) 600 includes a requirement for the group auditor to evaluate and review the work of the component auditor.

If this is not possible, then the group auditor is required to undertake other measures, such as additional work, and inform the FRC. The requirement in paragraph 42-1(a) of ISA (UK) 600 to inform the FRC is a ‘UK-plus’ to the standard, but other jurisdictions may have similar local requirements.

Many auditors have met this requirement in the past through local site visits to the component auditor team to review key audit working papers and attend closing meetings with local management. The UK Foreign Office currently advises against all travel to Ukraine, Belarus, Russia, and the Transnistria region of Moldova. Additionally, from 2 March 2022, Poland extended a law limiting access until 30 June 2022 to areas in Poland close to the Belarusian border. With travel restrictions in place, group auditors will need to consider whether alternative procedures still allow them to meet the requirements of ISA (UK) 600.

Considerations for auditors in meeting ISA requirements

In meeting the UK requirements, group auditors may find the following considerations helpful:

• Identify impacted audits: Travel restrictions vary by jurisdiction. There is a high degree of uncertainty around how long restrictions are likely to continue, although if conditions improve, these may be eased or lifted. Where auditors travel overseas for component auditor work, they will need to be aware of local laws and regulations, as well as potential penalties such as fines and/or imprisonment for any breaches.
• Categorise audits: Review the impacted components and determine whether they are immaterial, material but not significant, or material and significant for the group opinion. This will allow the group auditor to better understand the risk associated with each engagement.
• Understand the impact on the component: The group auditor might need to consider whether the group still controls the component, and if not whether it should continue to be part of the group audit. Where the component is still part of the group audit, consider to what extent the component’s ability to prepare necessary information has been affected. Workforce shortages due to evacuation and travel restrictions could limit management’s ability to provide supporting evidence. The group auditor may wish to discuss with management how the business has been impacted, and how management intends to obtain the information needed to prepare the group financial statements.
• Review the status of work done: Gain an understanding of what work has been performed to date, for example, as part of planning or interim audit work.
• Consider whether the ability to gather evidence has been affected: For example, bank closures, sanctions on services such as SWIFT, or even mass withdrawals of cash, may result in an inability to confirm cash balances. This may have implications for the ability of the group auditor to form an opinion on the group accounts.
• Discuss amending reporting timescales: The situation in Ukraine may mean either a delay in the reporting timetable, or if offices in Ukraine do not reopen for a long period or at all, there simply may be no way to obtain information for the audit in time to meet for signing deadlines. With this in mind, a delay in the reporting timetable could allow for time for the situation on the ground in Ukraine and other affected countries to change, and for travel restrictions to be eased or lifted. However, there is no guarantee that conditions will improve.The group auditor will need to understand whether the reporting timetable has been set due to regulatory or other deadlines, such as reporting on covenants. If it reflects company preference only, a delay should be encouraged to allow local management and auditors time to recover from the disruption resulting from the conflict. Office closures make it likely that work will be behind schedule in terms of original reporting deadlines.
• Consider whether the component audit team is still in place: Offices in Ukraine will have closed and staff will not be responding to requests for information from group auditors.
• Review of component teams: If there is still access to component auditors, consider alternative activities to demonstrate the review and evaluation of the component team where originally a visit by the group auditor was planned, such as:
• Can data be shared cross-border, to allow for group auditor review? Could files be loaded into a cloud-based portal and a login provided to the group auditor? Local laws may restrict this cross-border data sharing. If in doubt, advice should be sought on any local legal restrictions.
• Can video calls and/or screen sharing software be used to talk through the work with the component auditor?
• Can the component auditor be asked to complete a detailed questionnaire or clearance on the work they have performed?
• Consider the outcome of any prior visits, including visits during planning or at an interim stage – what work was reviewed previously?
• Consider the past work of the component auditor – have there been significant errors or issues, or has work been to a high standard?
• Can a more detailed memorandum be provided to the component auditor on what work should be done for group reporting?
• What work can be done centrally by the group audit team? If finance systems are integrated, data may be accessible for group auditor review. Management may be able to provide information directly to the group auditor to allow for testing.

The Audit and Assurance Faculty guide 'Remote auditing in practice', originally developed for COVID-19 scenarios, provides further considerations that may be helpful when working remotely.

The Audit report

Each individual engagement will need to be assessed on a case by case basis to determine what may be appropriate.

• Assess the results of alternative actions taken: Consider whether alternative actions have allowed the requirements of ISA (UK) 600 to be met, in particular, has sufficient, appropriate audit evidence been obtained? Does the language in the audit report need to be amended if reporting under ISA (UK) 701, for example, on the scope of work undertaken and involvement with component audit teams? Even after undertaking these alternative actions, does the opinion need to be modified under ISA (UK) 705? Faculty guides provide advice when preparing a modified audit opinion. If still in doubt, ICAEW members can contact the Technical Advisory Service on +44 (0)1908 248 250 or via webchat.
• Consider the implications for the audit report:
• Assess whether there has been a limitation to the scope of the audit that would lead the auditor to issue a qualified audit opinion, or to disclaim their opinion.
• Assess whether the going concern basis is appropriate, and whether there are longer term risks to viability.
• Consider whether the impact requires an emphasis of matter paragraph under ISA (UK) 706.
• Determine whether there are wider accounting effects, for example for companies with March 2022 year-ends, consider whether any operational closures may have resulted in a need to impair assets or write down inventory values.
• Review how management have disclosed the impact of the conflict, for example in disclosures on the principal risks to their business. How are they providing updated information to shareholders and monitoring the situation? 
• Auditors required to report on Key Audit Matters (KAMs) under ISA (UK) 701 will need to consider whether the situation in Ukraine requires inclusion of a KAM.

Other guidance

• The Audit and Assurance Faculty’s article 'War in Ukraine: the auditing implications' gives an overview of key areas for auditors to consider in light of the war.
• ICAEW’s Financial Reporting Faculty’s article 'War in Ukraine: the corporate reporting implications' highlights the financial reporting implications of the war for businesses of all sizes.

Our thoughts are with everyone affected at this challenging time. We encourage all parties to stay up to date with the latest UK Foreign Office advice.