ICAEW.com works better with JavaScript enabled.

Engagement team and group audit

Published: 04 Mar 2025 Update History

Contents
Back to top
An overview of the key revisions to the 2025 edition of ICAEW's Code of Ethics which relate to the definition of “engagement team” and group audits.
Supporting the Code

This document is no substitute for reading the revised ICAEW Code of Ethics in full. It is your professional responsibility to familiarise yourself thoroughly with the Code.

Section 400 (application of the conceptual framework to independence for audit and review engagements) has been amended to clarify that this part of the Code now applies to all audit team members, including members of the engagement team (new sections 400.8 - 400.12).

The revisions introduce new independence considerations which are applicable to individuals; group auditor firms; network firms of a group auditor firm; and component auditor firms that are outside a group auditor firm’s network.

The revisions place a responsibility on the group engagement partner to communicate ethical and independence requirements to component auditor firms; and to ensure that such requirements have been complied with.

Where satisfactory assurance of compliance by component auditor firms has not been obtained, the revisions provide guidance for the group engagement partner on how to assess potential threats to independence and on the appropriate mitigating actions that should be taken.

In addition, the revisions extend existing requirements and guidance that are intended to mitigate the potential risks arising from long association of personnel with an audit client (including partner rotation) to the engagement review team; and to assurance clients.

Lastly, the revisions amend and introduce key defined terms in the glossary.

Important note

For professional accountants undertaking audits in line with UK ISAs and other public interest engagements in the UK

ICAEW has included these revisions in the Code as part of its obligations as an IFAC member body. However, in the UK, the definition of a public interest entity (PIE) is determined by the government and the Financial Reporting Council (FRC).

Please note that professional accountants carrying out audit engagements in line with ISAs (UK) and other public interest assurance engagements in the UK:

In the Glossary of Terms, the FRC defines PIEs in the following way:

“Public Interest Entities. These are:

  • (a) An issuer whose transferable securities are admitted to trading on a UK regulated market16;
  • (b) A credit institution within the meaning of Article 4(1)(1) of Regulation (EU) No 575/2013 of the European Parliament and of the Council17, which is a CRR firm within the meaning of Article 4(1)(2A) of that Regulation;
  • (c) A person who would be an insurance undertaking as defined in Article 2(1) of Council Directive 91/674/EEC of 19 December 1991 of the European Parliament and of the Council on the annual accounts and consolidated accounts of insurance undertaking as that Article had effect immediately before exit day, were the United Kingdom a Member State.

No other entities have been specifically designated in law in the UK as 'public interest entities'.”

However, the definition of PIE introduced by IESBA into section R400.17 of the 2025 Code will still be relevant for professional accountants practising outside the UK; and professional accountants undertaking non-public interest assurance engagements in the UK, in accordance with Part 4B of the Code.

Responsibility of the group engagement partner

New section 405 sets out specific requirements and application material which are applicable to a group audit. Key matters are highlighted below.

New section R405.3 requires the group engagement partner to take responsibility for making a component auditor aware of the relevant ethical requirements that are applicable to the group audit engagement, in its particular context.

In fulfilling this responsibility, the group auditor firm is required to communicate the necessary information, at the appropriate time, to enable the component auditor firm to meet its responsibilities.

New Section 3 A1 provides examples of the matters that the group auditor firm might communicate. These include:

  1. whether the group audit client is a public interest entity, and the relevant ethical requirements applicable to the group audit engagement;
  2. the related entities, and other components within the group audit client, that are relevant to the independence considerations applicable to the component auditor firm, and to the group audit team members within (or engaged by) that firm;
  3. the period during which the component auditor firm is required to be independent; and
  4. whether an audit partner who performs work at the component for purposes of the group audit is a key audit partner for the group audit.

New section R405.4 requires the group engagement partner to request the component auditor to confirm that the relevant ethical requirements applying to the Group Audit (including those relating to independence) have been complied with.

The section provides that this confirmation must include the communication of:

  1. any independence matters that require significant judgment; and
  2. in relation to those matters, the component auditor firm’s conclusion on whether the threats to its independence are at an acceptable level, and the rationale for that conclusion.

New section 4 A1 provides guidance in circumstances where the group engagement partner becomes aware of a matter which indicates that a threat to independence exists. In accordance with ISA 220 (Revised), the group engagement partner is required to evaluate the threat, and to take appropriate mitigation action.

Independence considerations for individuals

New section R405.5 requires members of the group audit team, who are within (or engaged by) the group auditor firm and its network firms, to be independent of the group audit client, in accordance with the applicable requirements of Part 4A.

New section R405.6 requires members of the group audit team within (or engaged by) a component auditor firm which is outside the group auditor firm’s network to be independent of:

  1. the Component audit client;
  2. the entity on whose group financial statements the group auditor firm expresses an opinion; and
  3. any entity over which the entity in subparagraph (b) above has direct or indirect control, provided that such entity has direct or indirect control over the component audit client, in accordance with the applicable requirements of Part 4A.

New section R405.7 applies to related entities or components within the group audit client other than those covered in paragraph R405.6.

In these circumstances, a member of the group audit team within (or engaged by) a component auditor firm which is outside the group auditor firm’s network, must notify the component auditor firm about any relationship or circumstance that the individual knows (or has reason to believe) might create a threat to the individual’s independence in the context of the group audit.

New section 405.7 A1 provides examples of relationships or circumstances involving the individual (or any of the individual’s immediate family members) which are relevant to the individual’s consideration in complying with the R405.7 notification requirement.

Such relationships or circumstances include:

  1. a direct or material indirect financial interest in an entity that has control over the group audit client, if the group audit client is material to that entity;
  2. a loan or guarantee involving:
    • an entity that is not a bank or similar institution (unless the loan or guarantee is immaterial); or
    • a bank or similar institution (unless the loan or guarantee is made under normal lending procedures, terms and conditions);
  3. a business relationship that is significant or involves a material financial interest;
  4. an immediate family member who is:
    • a director or officer of an entity; or
    • an employee in a position to exert significant influence over the preparation of an entity’s accounting records or financial statements;
  5. the individual serving (or having recently served) as:
    • a director or officer of an entity; or
    • an employee in a position to exert significant influence over the preparation of an entity’s accounting records or financial statements.

Upon receiving an R405.7 notification, new section R405.8 requires the component auditor firm to evaluate and address any threats to independence that might be created by the individual’s relationship or circumstance.

Independence considerations for a group auditor firm

New section R405.9 requires a group auditor firm to be independent of the group audit client, in accordance with the applicable requirements of Part 4A.

Independence considerations for network firms

R405.10 requires a network firm of the group auditor firm to be independent of the group audit client, in accordance with the applicable requirements of Part 4A.

Independence considerations for component auditor firms

New section R.405.11, requires a component auditor firm to:

  1. be independent of the component audit client in accordance with the requirements of Part 4A;
  2. not hold a direct financial interest, or a material indirect financial interest, in the entity on whose group financial statements the group auditor firm expresses an opinion (including in relation to financial interests held as a trustee, save in certain circumstances specified in section R510.7). Where such interests may have been acquired unintentionally, they should be dealt with in accordance with section R510.9; and
  3. apply the relevant requirements in section 511, with respect to loans and guarantees involving the entity on whose group financial statements the group auditor firm expresses an opinion.

New sections R405.12 and 13 provide that when a component auditor firm that is outside the group auditor firm’s network knows, or has reason to believe, that a relationship or circumstance involving the group audit client is relevant to the evaluation of the independence of the component auditor firm, then it should evaluate and address this circumstance as a potential threat.

Where the group audit client is a public interest entity, a component auditor firm that is outside the group auditor firm’s network, is required to comply with the provisions in section 600 in relation to the provision of non-assurance services to the component audit client.

Where the group audit client is a public interest entity, new section 405.16.A1 sets out specific services that a component auditor firm, which is outside the group auditor firm’s network, is prohibited from supplying to component audit clients that are NOT public interest entities. These include accounting and book keeping services; designing information technology systems; and acting in an advocacy role.

Key audit partners

New section 405.18 now requires the group engagement partner to determine whether an audit partner, who is performing work at a component for the purpose of the group audit, is a “key audit partner.”

New section 405.18. A1 defines a key audit partner as an individual: “who makes key decisions or judgements on significant matters with respect to the audit of the group financial statements on which the group auditor firm expresses an opinion in the group audit.”

Having made this determination, the group engagement partner is then required to inform the key audit partner of that fact; and to inform them of various matters.

The key audit partner must be informed that (in accordance with section 411.4) the firm’s evaluation or compensation of the key audit partner must not be based on their success in selling non-assurance services to the client.

Where the group audit client is a public interest entity, the key audit partner must also be informed that they are subject to the requirements set out in:

  1. Section R524.6 (independence will be deemed to be compromised where the key audit partner joins the client as a director, officer or employee able to exert significant influence over presentation of the client’s accounting records or financial statements, save in the specific and limited circumstances set out in that section);
  2. Section 540.5(c) (“time on” prohibition against acting as key audit partner for more than seven cumulative years); and
  3. Section R540.21 (restriction on activities that can be taken in respect of the client during a “cooling-off” period, following previous service as a key audit partner).

Breach of independence – component auditor firm

New section 23 sets out the specific actions that must be taken by a component auditor firm where it concludes that a breach of an independence provision has occurred. These actions are to:

  1. end, suspend or eliminate the interest or relationship that created the breach, and to address the consequences of the breach;
  2. evaluate the significance of the breach and its impact on the objectivity of the component auditor firm and its ability to perform audit work for the purpose of the group audit;
  3. depending on the significance of the breach, determine whether appropriate action can be taken to address the consequences satisfactorily; and
  4. promptly communicate the breach to the group engagement partner, in writing and in doing so, must include the assessment of the significance of the breach that was made by the component auditor firm.

Further guidance and application material on how to evaluate the significance and impact of the breach is set out in sections 400.80.A2 and A3.

New section R405.24 sets out the actions that group engagement partner is required to take upon receipt of a breach communication, These actions are to:

  1. review the assessment made by the component auditor firm about the significance and impact of the breach, and any actions taken;
  2. evaluate the ability of the group auditor firm to use the work of the component auditor firm for the purposes of the group audit; and
  3. determine the need for any further action.

New section 25 emphasises that the group engagement partner must exercise professional judgement and consider whether a reasonable and informed third party would be likely to conclude that the objectivity of the component auditor firm has been compromised and that therefore, the work of that firm cannot be used by the group auditor firm for the purposes of the group audit.

Where the group engagement partner determines that the consequences of the breach have been satisfactorily addressed by the component auditor firm and that the objectivity of that firm has not been compromised, then the group auditor firm may continue to use the work of the component auditor firm for the purpose of the group audit (section 405.25.A1).

The group engagement partner may also determine that additional actions are needed to address the breach satisfactorily and to use the work of the component auditor firm. Examples of such actions include the group auditor firm performing specific procedures on the areas impacted by the breach or requesting the component auditor firm to perform remedial work.

New section 405.25.A2 notes that where the breach has not been satisfactorily addressed, ISA 600 (Revised) prohibits the use of the component auditor’s work by the Group Auditor. In such circumstances, the group engagement partner may seek other means to obtain the necessary audit evidence about the component audit client’s financial information.

Communication with those charged with governance

Where breaches of independence provisions have been committed by a component auditor firm within the group auditor firm’s network, then by section 405.26.A1 and 84, the component auditor firm shall communicate, in writing, with those charged with governance.

Matters to be communicated include:

  1. the significance of the breach (including its nature and duration);
  2. how the breach occurred and how it was identified;
  3. action proposed or taken and how it has addressed the breach satisfactorily;
  4. the firm’s professional judgement on whether its objectivity has been compromised and the rationale for this conclusion; and
  5. further steps proposed or taken by the firm to reduce or avoid the risk of further breaches occurring.

Where breaches of independence provisions have been committed by a component auditor firm outside the group auditor’s firm network, section R405.27 requires that the group auditor firm shall hold discussions with those charged with governance of the group audit client. Discussions are generally to be held “as soon as possible”.

Matters to be discussed include:

  1. the assessment of the significance and impact of the breach upon the objectivity of the component audit firm that has been made by the component auditor firm (including the nature and duration of the breach, and the action that can or have been taken); and
  2. whether:
    1. the action will satisfactorily address (or has addressed), the consequences of the breach; or
    2. the group auditor firm will use other means to obtain the necessary audit evidence on the component audit client’s financial information.

By section R405.28, the group auditor firm shall communicate the matters discussed, to those charged with governance, in writing.

By section R405.29, if those charged with governance do not agree that actions can or have been taken to address the consequences of the breach satisfactorily, then the group auditor firm shall not use the work of the component auditor firm for the purposes of the group audit.

Long association of personnel and clients

Section 540 sets out requirements and guidance which are intended to mitigate the potential risks created by long association of personnel with an audit client (including partner rotation).

The section has been revised to extend these provisions to cover engagement quality reviews, or a review consistent with the objective of an engagement quality review (4 and 540.20).

Further revisions extend the provisions to cover long association of personnel with an assurance client (4 and R990.7).

Revisions to glossary definitions

The definitions of “assurance team”, “audit client”, “audit team”, “engagement team”, “key audit partner” and “review team” have all been revised.

In addition, the following new defined terms have been introduced: “component”, “component audit client”, “component auditor firm”, “group”, “group audit client”, “group auditor firm”, “group audit team”, “group engagement partner” and “group financial statements”.

Why has ICAEW revised the Code of Ethics?

ICAEW’s 2025 Code of Ethics is based on the Code of Ethics for Professional Accountants of the International Ethics Standards Board for Accountants (IESBA) published by the International Federation of Accountants (IFAC) in 2024 and is used with permission of IFAC.

As a member of IFAC, ICAEW is required to incorporate revisions to its Code of Ethics which have been introduced by IESBA.

IESBA has made revisions to the international Independence Standards for Audit and Review Engagements which are incorporated into Part 4A of the ICAEW Code.

ICAEW has made these revisions to the 2025 Code of Ethics to maintain alignment with the Code of Ethics produced by IESBA.

Support on the 2025 Code

Access guidance and support on the 2025 edition of ICAEW's Code of Ethics, including the evolving role and mindset of accountants and new provisions on technology.

Middle-aged white man studying laptop screen and taking notes
ICAEW Code of Ethics 2025

PDF (3,876kb)

The 2025 edition of the Code comes into effect on 1 July.

DownloadGuidance and support
Open AddCPD icon