Ethical requirements in assurance engagements

The fundamental ethical principles that apply to all services that professional accountants in public practice provide are: integrity, objectivity, professional competence and due care, confidentiality, professional behaviour and technical standards. Equally, the International Standard on Quality Control 1 (ISQC1) will apply to all audit and assurance and related services that the practitioner provides.

Professional ethics and independence

Independence requirements should be considered for any non-audit assurance services in accordance with ISQC1 (paras 21-25). Judgment must be applied as to whether any management responsibilities that formed a part of non-assurance services provided have a bearing on the subject matter for the assurance engagement. For example, where a firm provides internal audit services and is asked for an assurance report on a system/process/controls.

Before accepting any professional engagement, the practitioner considers whether there are any ethical factors which should lead the practitioner to decline the appointment. Chartered accountants are subject to ethical and other guidance laid down by the ICAEW, including the Fundamental Principles of the Code of Ethics, as set out in Part A Section 100 Introduction and Fundamental Principles in performing any professional services. ICAEW’s Code of Ethics is consistent with the Code of Ethics for Professional Accountants issued by the IESBA.

When performing assurance engagements other than audits and reviews, the practitioner needs to consider applicable independence requirements set out in Part B Section 291 Independence – Other Assurance Engagements. Part B Section 291 is based on a conceptual approach that takes into account threats to independence, accepted safeguards and the public interest.

Under this approach, firms and members of assurance teams have an obligation to identify and evaluate circumstances and relationships that create threats to independence and, where necessary, to take appropriate action to eliminate these threats or to reduce them to an acceptable level by the application of safeguards.

In particular, appropriate consideration should also be given to independence of mind and in appearance in respect of the responsible party and the user. For example, the provision of assistance to a responsible party in preparing its report may result in a self-review threat if the impact of the assistance on the matter being reported on is subjective and material. If the practitioner identifies threats which are not insignificant, appropriate safeguards need to be considered and implemented.

These might include:

• The use of independent teams where appropriate.
• An independent review of the key judgments on the engagement.
• Where the practitioner concludes that no safeguards would reduce the threat to independence to an insignificant level, the practitioner declines to accept the engagement.

The practitioner considers the objectivity requirements in Part B Section 280 Objectivity – All Services which is applicable to all services. The practitioner also needs to consider existing relationships between the responsible party and the user. A threat to the practitioner’s objectivity or confidentiality requirements may arise when the practitioner performs services for clients whose interests are in conflict or the clients are in dispute with each other in relation to the matter or transaction in question. Part B Section 220 Conflicts of Interest sets out guidance on threats to objectivity or confidentiality when the practitioner provides services to multiple clients whose interests may be in conflict.

In the UK, the FRC’s Ethical Standard applies to public interest assurance engagements, including not only audits and reviews of financial statements and accountant’s reports delivered in accordance with Standards for Investment Reporting, but also any other engagements undertaken in compliance with performance standards issued by the FRC which, at present include only engagements to provide assurance on client assets to the Financial Conduct Authority.

The FRC’s Ethical Standard does not apply to any other assurance engagements; there are, therefore, subtle differences between the independence requirements that apply to the majority of assurance engagements and those that apply to audits.

In practice, this means that the group of individuals within the chain of command of a firm who are considered to be members of a non-financial assurance team is more narrowly drawn than would be the case for an audit team, with consequences for personal independence. It also means that specific threats to independence are considered with reference to the subject matter alone.

For example, it may be acceptable for a firm to assume a management responsibility as part of any other services provided to a non-financial assurance client, as long as that responsibility is not related to the subject matter or subject matter information of the non-financial assurance engagement provided by the firm.

While an assurance practitioner is required to consider the familiarity threat that can arise from long association with an assurance client, there are no fixed periods after which senior team members are required to rotate off an assurance engagement and other safeguards can be considered.

Although the independence requirements for non-financial assurance are generally thought of as less strict than those for financial statement audit, assurance practitioners cannot assume that, if they have satisfied themselves as to their independence for the purposes of the financial statement audit, they must also meet the independence requirements for non-financial assurance; a second consideration of independence relevant specifically to the non-financial assurance engagement should be performed.

Moreover, if the assurance practitioner is also the financial statement auditor, the assurance engagement will constitute a non-audit service, the consequences for audit independence of which will need to be considered.