Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
CHAPTER TWO
THE AUDIT PROFESSION: AUDIT STANDARDS, ETHICS AND
LEGAL LIABILITY
LEARNING OBJECTIVES
After studying the material in this chapter, you should be able to:
Identify the International Standards on Auditing (ISA) and describe how the standards
affect the nature of audits;
Know practical considerations needed to ensure proper compliance with ISA;
Explain the importance of ethical conduct for the accounting profession;
Describe the purpose and content of the Code of Professional Conduct;
Explain what ethics means to an accountant.
Describe the three parts of the IESBA Code and what each part covers.
Explain purpose and content of the IESBA Code of Ethics for Professional Accountants.
Identify and discuss the fundamental principles of ethics as described by the IESBA Code
of Ethics.
Discuss what threats to the fundamental principles are.
List and define the categories of threats to the fundamental principles.
Define safeguards and give some examples.
Use the primary legal concepts and terms concerning accountants’ liability as a basis for
studying legal liability of auditors;
Describe accountants’ liability to clients and related defences;
Describe accountants’ liability to third parties and related defences;
Specify what constitutes criminal liability for accountants; and
Explain the process of auditor’s appointment, remuneration, and removal/resignation.
1
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
UNIT ONE
INTERNATIONAL STANDARDS ON AUDITING (ISA)
International Standards on Auditing (ISAs) are developed by the International Federation of
Accountants (IFAC) through its International Auditing and Assurance Standards Board
(IAASB). The efforts of IFAC, founded in 1977, are directed towards developing international
technical, ethical and educational guidelines for auditors, and reciprocal recognition of
practitioners’ qualifications. The membership of IFAC member bodies represents several million
accountants in public and private practice, education, academe and government service.
International Standards on Auditing (ISAs) are the standards that are of most interest to auditors
because they are the standards for the most frequent work of auditors, that is, financial statement
audits and special purpose engagements. Although not all countries require ISAs, they will be
used as the basic standards throughout the audit course because they represent the highest and
best international representation of Generally Accepted Auditing Standards (GAAS).
ISAs are harmonization standards, the application of which promotes consistent auditing across
the world. The practice and theory of international auditing includes, in addition to knowledge of
ISAs, consideration of quality control standards, allocating materiality, performing the audit,
coordinating international reports and personnel, etc.
The International Auditing and Assurance Standards Board aims for voluntary international
acceptance of its guidelines. Therefore, the International Standards on Auditing (ISAs) are not
intended to override national regulations or pronouncements relating to audits of financial
information. These ISAs are not yet authoritative in the way that pronouncements of, say, the
Public Company Accounting Oversight Board (PCAOB) are to determine Generally Accepted
Audit Standards (GAAS) in the USA.
The IAASB’s Standards contain basic principles and essential procedures together with related
guidance in the form of explanatory and other material. The basic principles and essential
procedures are to be understood and applied in the context of the explanatory and other material
that provide guidance for their application. It is therefore necessary to consider the whole text of
a Standard to understand and apply the basic principles and essential procedures.
In exceptional circumstances, a professional accountant may judge it necessary to depart from a
requirement of a Standard to achieve more effectively the objective of the engagement. When
such a situation arises, the professional accountant should be prepared to justify the departure.
The Role of Auditing Standards
The role of the audit is to provide a high level of assurance to the users of the financial
statements. This assurance will be of greater value to users if they know that the audit has been
carried out in accordance with established standards of practice.
2
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
In addition, if users compare the financial statements of a number of companies, it is important
that the user has confidence that consistent auditing standards have been applied to the audits of
all of the companies.
International Standards on Auditing (known as ISAs) apply primarily to the external audit
process. However, their provisions can also often be seen as good practice for relevant areas of
the work of the internal auditor.
Structure of the ISAs
The current ISAs have a new structure, in which information is presented in separate sections:
Introduction, Objective, Definitions, Requirements, and Application and Other Explanatory
Material.
1. Introduction: Introductory material may include information regarding the purpose, scope,
and subject matter of the ISA, in addition to the responsibilities of the auditors and others in
the context in which the ISA is set.
2. Objective: Each ISA contains a clear statement of the objective of the auditor in the audit
area addressed by that ISA.
3. Definition: For greater understanding of the ISAs, applicable terms have been defined in
each ISA.
4. Requirements: Each objective is supported by clearly stated requirements. Requirements are
always expressed by the phrase "the auditor shall."
5. Application and Other Explanatory Material: The application and other explanatory
material explains more precisely what a requirement means or is intended to cover, or
includes examples of procedures that may be appropriate under given circumstances.
LIST OF INTERNATIONAL STANDARDS ON AUDITING APPLICABLE TO THE
AUDITS OF HISTORICAL FINANCIAL INFORMATION
200–299 GENERAL PRINCIPLES AND RESPONSIBILITIES
ISA 200, Overall Objectives of the Independent Auditor and the Conduct of an Audit in
Accordance with International Standards on Auditing
ISA 210, Agreeing the Terms of Audit Engagements
ISA 220, Quality Control for an Audit of Financial Statements
ISA 230, Audit Documentation
ISA 240, The Auditor’s Responsibilities Relating to Fraud in an Audit of Financial Statements
ISA 250, Consideration of Laws and Regulations in an Audit of Financial Statements
ISA 260, Communication with Those Charged with Governance
ISA 265, Communicating Deficiencies in Internal Control to Those Charged with Governance
and Management
300–499 RISK ASSESSMENT AND RESPONSE TO ASSESSED RISKS
ISA 300, Planning an Audit of Financial Statements
ISA 315, Identifying and Assessing the Risks of Material Misstatement through Understanding
3
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
the Entity and Its Environment
ISA 320, Materiality in Planning and Performing an Audit
ISA 330, The Auditor’s Responses to Assessed Risks
ISA 402, Audit Considerations Relating to an Entity Using a Service Organization
ISA 450, Evaluation of Misstatements Identified during the Audit
500–599 AUDIT EVIDENCE
ISA 500, Audit Evidence
ISA 501, Audit Evidence—Specific Considerations for Selected Items
ISA 505, External Confirmations
ISA 510, Initial Audit Engagements—Opening Balances
ISA 520, Analytical Procedures
ISA 530, Audit Sampling
ISA 540, Auditing Accounting Estimates, Including Fair Value Accounting Estimates, and
Related Disclosures
ISA 550, Related Parties
ISA 560, Subsequent Events
ISA 570, Going Concern
ISA 580, Written Representations
600–699 USING THE WORK OF OTHERS
ISA 600, Special Considerations—Audits of Group Financial Statements (Including the Work
of Component Auditors)
ISA 610, Using the Work of Internal Auditors
ISA 620, Using the Work of an Auditor’s Expert
700–799 AUDIT CONCLUSIONS AND REPORTING
ISA 700, Forming an Opinion and Reporting on Financial Statements
ISA 705, Modifications to the Opinion in the Independent Auditor’s Report
ISA 706, Emphasis of Matter Paragraphs and Other Matter Paragraphs
in the Independent Auditor’s Report
ISA 710, Comparative Information—Corresponding Figures and Comparative Financial
Statements
ISA 720, The Auditor’s Responsibilities Relating to Other Information in Documents
Containing Audited Financial Statements
800–899 SPECIALIZED AREAS
ISA 800, Special Considerations—Audits of Financial Statements Prepared in Accordance
with Special Purpose Frameworks
ISA 805, Special Considerations—Audits of Single Financial Statements and Specific
Elements, Accounts or Items of a Financial Statement
ISA 810, Engagements to Report on Summary Financial Statements
INTERNATIONAL AUDITING PRACTICE NOTES
IAPN 1000, Special Considerations in Auditing Financial Instruments
4
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
Preface to International Standards on Quality Control, Auditing, Review, Other Assurance
and Related Services
The IAASB issues a number of other international standards, in addition to ISAs. The table
below sets out these standards, including ISAs, and when the preface says they are to be applied.
Type of standard
International Standards on Auditing (ISAs)
International
Standards
on
Review
Engagements (ISREs)
International Standards on Assurance
Engagements (ISAEs)
International Standards on Related Services
(ISRSs)
When applied
In the audit of historical financial information
In the review of historical financial
information
In assurance engagements other than audits or
reviews of historical financial information
On compilation engagements, engagements to
apply agreed upon procedures to information
and other related services engagements
International Standards on Quality Control For all the above services
(ISQCs)
The IAASB’s pronouncements do not override local laws or regulations. If local laws or
regulations differ from, or conflict with, the IAASB’s standards then a professional accountant
should not state that he has complied with the IAASB’s standards unless he has fully complied
with all of those relevant to the engagement.
5
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
UNIT TWO
PROFESSIONAL ETHICS
I. What Are Ethics?
Ethics can be defined broadly as a set of moral principles or values. Each of us has such set of
values, although we may or may not have considered them explicitly. Philosophers, religious
organizations, and other groups have defined in various ways ideal sets of moral principles or
values. Examples of prescribed sets of moral principles or values at the implementation level
include laws and regulations, church doctrine, codes of business ethics for professional groups
such as Certified Accountants, and codes of conduct within individual organization.
It is common for people to differ in their moral principles and values and the relative importance
they attach to these principles. These differences reflect life experiences, successes and failures,
as well as the influences of parents, teachers, and friends.
II. Need for Ethics in Auditing
Ethical behavior is necessary for a society to function in an orderly manner. It can be argued that
ethics is the glue that holds a society together. Imagine, for example what would happen if we
couldn't depend on the people we deal with to be honest. If parents, teachers, employers,
siblings, co-workers, and friends all consistently lied, it would be almost impossible for effective
communication to occur.
The public attaches a special meaning to the term professional. Professionals are expected to
conduct themselves at a higher level than most other members of society. For, example, when the
press reports that a physician, clergyperson, or Certified Accountant has been indicted for a
crime, most people feel more disappointment than when the same thing happens to people who
are not labelled as professionals.
The term professional means a responsibility for conduct that extends beyond satisfying
individual responsibilities and beyond the requirements of society's laws and regulations. A
Certified Accountant, as a professional, recognizes a responsibility to the public, to the client,
and to fellow practitioners, including honorable behavior, even if that means personal sacrifice.
The underlying reason for a high level of professional conduct by any profession is the: need for
public confidence in the quality of service by the profession, regardless of the individual
providing it. For the Certified Accountant, it is essential that the client and external financial
statement users have confidence in the quality of audits and other services. If users of services do
not have confidence in physicians, judges, or Certified Accountants, the ability of those
professionals to serve clients and the public effectively is diminished.
It is not practical for users to evaluate the quality of the performance of most professional
services because of their complexity. A patient cannot be expected to evaluate whether an
operation was properly performed. A financial statement user cannot be expected to evaluate
audit performance. Most users have neither the competence nor the time for such an evaluation.
6
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
Public confidence in the quality of professional services is enhanced when the profession
encourages high standards of performance and conduct on the part of all practitioners.
Audit firms have a different relationship with users of financial statements than most other
Professionals have with the users of their services. Attorneys, for example, are typically engaged
and paid by a client and have primary responsibility to be an advocate for that client. Audit firms
are engaged and paid by the company issuing the financial statements, but the primary
beneficiaries of the audit are statement users. Often, the auditor does not know or have contact
with the statement users but has frequent meetings and ongoing relationships with client
personnel.
It is essential that users regard Audit firms as competent and unbiased. If users believe that Audit
firms do not perform a valuable service (reduce information risk), the value of Audit firms' audit
and other attestation reports is reduced and the demand for audits will thereby also be reduced.
Therefore, there is considerable incentive for Audit firms to conduct themselves at a high
professional level.
III. Ethics in the Accounting Profession
The attitude and behavior of professional accountants in providing auditing and assurance
services have an impact on the economic well-being of their community and country.
Accountants can remain in this advantageous position only by continuing to provide the public
with these unique services at a level that demonstrates that the public confidence is well founded.
The distinguishing mark of the profession is acceptance of its responsibility to the public.
Therefore, the standards of the accountancy profession are heavily determined by the public
interest. One could say in accountancy “the public and the auditees are our clients and our main
product is credibility.”
1. Conceptual Framework Approach
The ethical guidance set out by International Ethics Standards Board for Accountants
(IESBA) who report their recommendations to the IFAC Board after a research and appropriate
exposure of draft guidance. The guidance is incorporated into the Handbook of the Code of
Ethics for Professional Accountants (the Code). The Code is intended to serve as a model on
which to base national ethical guidance. It sets standards of conduct for professional accountants
and states the fundamental principles that should be observed by professional accountants in
order to achieve common objectives.
Rather than a list of rules that must be obeyed to be an ethical accountant, the so-called “rule
based” approach which holds sway in many countries, the IESBA and IFAC have chosen to use
a “conceptual framework” approach. A conceptual framework requires a professional accountant
to identify, evaluate and address threats to compliance with the fundamental principles, rather
than merely comply with a set of specific rules which may be arbitrary.
7
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
When an accountant identifies threats to compliance with the fundamental principles and
determines that they are not at an acceptable level, he/she shall determine whether appropriate
safeguards are available and can be applied to eliminate the threats or reduce them to an
acceptable level. What is a threat may depend on the auditor’s perspective. The auditor should
always consider the situation conservatively. If you put a safeguard in place that you believe will
reduce the impact of a threat on a fundamental principle to an acceptable level, then the
fundamental is not impaired. If you believe that a threat impairs the fundamental principle, then
you should consider that no safeguard will repair that impairment.
There are five fundamental principles of ethics applicable to ALL accountants, as they are
stated in part A of the Code. They are:
•
•
•
•
•
Integrity – to be straightforward and honest in all professional and business relationships.
Objectivity - to not allow bias, conflict of interest or undue influence of others to override
professional or business judgments.
Professional Competence and Due Care – to maintain professional knowledge and skill at
the level required to ensure that a client or employer receives competent professional services
based on current developments in practice, legislation and techniques and act diligently and
in accordance with applicable technical and professional standards.
Confidentiality – to respect the confidentiality of information acquired as a result of
professional and business relationships and, therefore, not disclose any such information to
third parties without proper and specific authority, unless there is a legal or professional right
or duty to disclose, nor use the information for the personal advantage of the professional
accountant or third parties.
Professional Behavior – to comply with relevant laws and regulations and avoid any action
that discredits the profession.
PART A General Application of the IESBA Code of Ethics for Professional Accountants
The IESBA guideline offers further discussion on these five fundamental principles. Each
concept is the topic of subsequent Sections (110–150) in the Code.
i) Integrity (Sec. 110)
The principle of integrity imposes an obligation on all professional accountants to be
straightforward and honest in all professional and business relationships. Integrity also implies
fair dealing and truthfulness.
A professional accountant shall not knowingly be associated with reports, returns,
communications or other information where the professional accountant believes that the
information:
•
•
•
Contains a materially false or misleading statement;
Contains statements or information furnished recklessly; or
Omits or obscures information required to be included where such omission or obscurity
would be misleading.
8
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
ii) Objectivity (Sec. 120)
The principle of objectivity imposes an obligation on all professional accountants not to
compromise their professional or business judgment because of bias, conflict of interest or the
undue influence of others.
An accountant or auditor may be exposed to situations that may impair their objectivity. They
should not perform a professional service if a circumstance or relationship biases or unduly
influences the accountant’s professional judgment.
iii) Professional Competence and Due Care (Sec. 130)
The principle of professional competence and due care imposes the following obligations on all
professional accountants:
•
•
To maintain professional knowledge and skill at the level required to ensure that clients or
employers receive competent professional service; and
To act diligently in accordance with applicable technical and professional standards when
providing professional services.
Professional competence may be divided into two separate phases: (a) Attainment of professional
competence; and (b) Maintenance of professional competence. Professional competence requires
a high standard of general education followed by specific education, training, examination in
relevant subjects, and work experience. The maintenance of professional competence requires a
continuing awareness and an understanding of relevant technical, professional and business
developments through continuing professional education. Diligence is the responsibility to act in
accordance with the requirements of an assignment, carefully, thoroughly and on a timely basis.
iv) Confidentiality (Sec. 140)
Professional accountants have an obligation to respect the confidentiality of information about a
client’s (or employer’s) affairs acquired in the course of professional services. The principle of
confidentiality imposes an obligation on all professional accountants to refrain from:
•
•
Disclosing outside the firm or employing organization confidential information acquired as a
result of professional and business relationships without proper and specific authority or
unless there is a legal or professional right or duty to disclose; and
Using confidential information acquired as a result of professional and business relationships
to their personal advantage or the advantage of third parties.
Accountants should respect the confidentiality of information acquired during the course of
performing professional services, including in a social environment. The auditor should be alert
to the possibility of inadvertent disclosure, particularly to a close business associate or a close or
immediate family member. There exists a responsibility to keep the information discovered in
the course of an assurance service confidential and thus continues even after the accountant–
client or the accountant–employer relationship ends. Accountants must also ensure that, in
9
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
addition to themselves, staff and outside advisers under their control understand and follow the
principle of confidentiality.
Permitted Disclosure of Confidential Information: There are circumstances where members
may disclose information to third parties without first obtaining permission. This would be
where, for example, there is a statutory right or duty to disclose, or where members are served
with a court order or some other form of witness summons, or where there is a professional duty
or right to disclose (such as in a peer review quality control program), under which they are
obliged to disclose information. When disclosure is authorized by the employer or client, the
accountants should consider the interests of all the parties, including third parties, who might be
affected.
v) Professional Behavior (Sec. 150)
The principle of professional behavior imposes an obligation on all professional accountants to
comply with relevant laws and regulations and avoid any action that the professional accountant
knows or should know may discredit the profession. This includes actions that a reasonable and
informed third party, weighing all the specific facts and circumstances available to the
professional accountant at that time, would be likely to conclude adversely affects the good
reputation of the profession.
For example, in marketing and promoting themselves and their work, professionals should be
honest and truthful and not: (a) Make exaggerated claims for the services they are able to offer,
the qualifications they possess, or experience they have gained; or (b) Make disparaging
references or unsubstantiated comparisons to the work of others.
2. Threats to the Fundamental Principles and Safeguards
Compliance with the fundamental principles may potentially be threatened by a broad range of
circumstances and relationships. The nature and significance of the threats may differ depending
on whether the audit client is a public interest entity, to an assurance client that is not an audit
client, or to a non-assurance client. The conceptual framework of the IESBA Code discusses
ways to identify threats to fundamental principles, determine the significance of those threats,
and, if they are significant, identify and apply safeguards to reduce or eliminate the threats.
Threats fall into one or more of the following categories:
• Self-interest;
• Self-review;
• Advocacy;
• Familiarity; and
• Intimidation.
10
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
(a) Self-interest threat
Occurs when a firm of a member of the assurance team has some financial or other interest in an
assurance client. Examples of circumstances that create self-interest threats for a professional
accountant in public practice include:
•
•
•
•
Providing a loan to a client.
A member of the assurance team having a direct financial interest in the assurance client.
A firm having undue dependence on total fees from a client.
A member of the assurance team having a significant close business relationship with an
assurance client.
(b) Self-review threat
Occurs when a previous judgment needs to be re-evaluated by members responsible for that
judgment. Examples of circumstances that create self-review threats for a professional
accountant in public practice include:
•
•
Performing a service for a client that directly affects the subject matter of an assurance
engagement.
A member of the assurance team being, or having recently been, a director or officer of the
client.
(c) Advocacy threat
Occurs when members promote a position or opinion to the point that subsequent objectivity
may be compromised. Examples of circumstances that may create this threat include:
•
•
Selling, underwriting or otherwise promoting financial securities or shares of an assurance
client;
Acting as an advocate on behalf of an assurance client in litigation or disputes with third
parties.
(d) Familiarity threat
Occurs when, because of a close relationship, members become too sympathetic to the interests
of others. Examples of circumstances that may create this threat include:
•
•
•
Long association with a client leading to over-familiarity with client management such that
professional judgment could be compromised.
A member of the engagement team having an immediate family member or close family
member who is a director or officer of the assurance client.
A professional accountant accepting gifts or preferential treatment from a client, unless the
value is trivial or inconsequential.
11
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
(e) Intimidation threat
Occurs when members are deterred from acting objectively by threats, actual or perceived.
Examples of circumstances that create intimidation threats for a professional accountant in public
practice include:
•
•
•
Being pressured to reduce inappropriately the extent of work performed in order to reduce
fees.
A firm being threatened with dismissal from a client engagement.
A firm being threatened with litigation by the client.
3. Safeguards to offset the threats
When threats are identified, other than those that are clearly insignificant, appropriate safeguards
should be identified and applied to eliminate the threats or reduce them to an acceptable level. If
elimination or reduction is not possible the auditor should decline or terminate the engagement.
When deciding what safeguards should be applied one must consider what would be
unacceptable to an informed third-party having knowledge of all relevant information.
Safeguards fall into three categories:
(1) Safeguards created by the profession, legislation or regulation; and
(2) Safeguards in the work environment
(3) Safeguards created by individual
See examples given for each category.
Three categories of safeguard
Created by the profession,
legislation or regulation
In the work
environment
• Education, training and
experience requirements
• Ethics and conduct
programmes
• CPD requirements
• Corporate governance
codes
• Recruitment procedures
• Professional standards
• Professional or regulatory
monitoring and disciplinary
• Disciplinary processes
• Leadership that stresses importance of
ethical behavior
• Strong internal controls
12
Created by
individual
• Complying with
CPD requirements
• Using an
independent
mentor
• Maintaining
contact with legal
advisors and
professional bodies
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
procedures
• Quality control procedures
• Training and education
• Different partners and teams for
provision of non-assurance services
• Procedures to empower employees to
communicate ethical concerns to
senior levels without fear of
retribution
• Consultation with another appropriate
professional accountant
4. Independence―Audit and Review Engagements (Section 290)
The independence of the auditor from the firm that he is auditing is one of the basic requirements
to keep public confidence in the reliability of the audit report. Independence adds credibility to
the audit report on which investors, creditors, employees, government and other stakeholders
depend to make decisions about a company. The benefits of safeguarding an auditor’s
independence extend so far as to the overall efficiency of the capital markets.
Independence as Discussed in the IESBA Code (Section 290): The IESBA Code of Ethics for
Professional Accountants, Section 290 addresses the independence requirements for audit
engagements and review engagements. Independence requirements for assurance engagements
that are not audit or review engagements are addressed in Section 291, not covered in this
reading material. The Code discusses independence in assurance services in terms of a
principles-based, conceptual approach that takes into account threats to independence, accepted
safeguards and the public interest.
Concepts Based Approach: The IESBA Code of Ethics for Professional Accountants is
developed on the belief that a high-quality principles-based approach to independence will best
serve the public interest by eliciting thoughtful auditor assessment of the particular
circumstances of each engagement. However, the Code gives related guidance and explanatory
material as well. The section on independence (Section 290) discusses the application of the
conceptual approach to specific situations such as financial interest, loans, fees and others.
Accountants must not only maintain an independent attitude in fulfilling their responsibilities,
but the users of financial statements must have confidence in that independence. These two
objectives are frequently identified as “independence of mind” and “independence in
appearance.” Independence of mind (historically referred to as independence in fact) exists when
the accountant is able to maintain an unbiased attitude throughout the audit, so being objective
and impartial, whereas independence in appearance is the result of others’ interpretations of this
independence.
13
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
The conceptual framework involves two views of independence to which the auditor must
comply: (1) Independence of Mind and (2) Independence in Appearance. Independence of Mind
is the state of mind that permits the expression of a conclusion without being affected by
influences that compromise professional judgment, thereby allowing an individual to act with
integrity and exercise objectivity and professional skepticism. Independence in Appearance is the
avoidance of facts and circumstances that are so significant that a reasonable and informed third
party would be likely to conclude, weighing all the specific facts and circumstances, that a
firm’s, or a member of the audit team’s, integrity, objectivity or professional skepticism has been
compromised.
The Ethics Code discusses independence in assurance services in terms of a principles-based
approach that takes into account threats to independence, accepted safeguards and the public
interest. The Section states principles that members of assurance teams should use to identify
threats to independence (self-interest, self-review, advocacy, familiarity and intimidation
threats), evaluate the significance of those threats, and, if the threats are other than clearly
insignificant, identify and apply safeguards created by the profession, legislation or regulation,
safeguards within the assurance client, and safeguards within the firm’s own systems and
procedures to eliminate the threats or reduce them to an acceptable level.
A professional accountant shall use professional judgment in applying this conceptual
framework to:
•
•
•
Identify threats to independence;
Evaluate the significance of the threats identified; and
Apply safeguards, when necessary, to eliminate the threats or reduce them to an acceptable
level.
5. Application of the conceptual framework to integrity, objectivity and independence
A professional accountant should consider when providing any professional service whether
there are threats to compliance with the fundamental principle of objectivity resulting from
having interests in, or relationships with, a client or directors, officers or employees. A
professional accountant who provide assurance services are required to be independent of the
assurance client. Independence of mind and in appearance is necessary to enable members in
public practice to express a conclusion, and be seen to express a conclusion, without bias,
conflict of interest or undue influence of others.
Ethical guidance for accountants in public practice includes specific circumstances and
relationships that create or may create threats to integrity, objectivity and independence. The
ethical guidance describes the potential threats and the types of safeguards that may be
appropriate to eliminate the threats or reduce them to an acceptable level and identify certain
situations where no safeguards could reduce the threats to an acceptable level. Here we will
cover the most common threats and safeguards concerning financial matters, business and
personal relationship and provision of non-assurance services.
14
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
5.1.
Threats arising from financial matters
(a) Financial interests
Threats
Safeguards
The following parties are not allowed to own a • Disposing of the interest
direct financial interest or an indirect material • Removing the individual from the team
financial interest in a client:
• Keep the client's audit committee informed
• Using an independent partner to review work
• The assurance firm
• A member of the assurance team
NB. If the firm has a direct financial interest in
• An immediate family member of a member an audit client, disposal of the interest is the
of the assurance team
only acceptable action.
(b) Loans and guarantees
Threats
Clients that are banks or similar institutions
• Loans or guarantees to the firm
- no threat if immaterial and on normal terms
- if material, apply safeguards
• Loans to members of the assurance team
- not a threat to independence if on normal
commercial terms
Clients that are not banks or similar institutions
• Loans or guarantees to/from the assurance
firm or members of the assurance team.
Safeguards
Review by an additional professional
accountant from outside the firm
No safeguard can reduce the threat unless the
loan is immaterial to client and firm/team
member
(c) Fees and pricing
Threats
Dependence where the total fees from an
assurance client represent a large portion of a
firm's total fees, the dependence on that
client and concern about the possibility of
losing that client may create a self-interest
threat.
Type of company
Listed and
interest
Private
other
Safeguards
Discussing the extent and nature of the fees
with the audit committee
Taking steps to reduce the dependency
External quality control reviews
Consulting Professional Associations such as
ACCA or another professional accountant
Consider reasonableness of Perception of objectivity
accepting or retaining a likely to be at risk
client (% of firm's total
fees)
public
5%
10%
10%
15
15%
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
• Overdue fees
• discuss with the audit committee, including
Threat is similar to that of a loan (see (b)
the possibility of resigning if overdue fees
above).
are not paid.
• Contingent fees
No safeguards can reduce these threats to an
A fee arrangement under which the amount of acceptable level.
the fee is contingent on the result of the audit
work creates self-interest and advocacy
threats.
• Pricing
The firm must be able to demonstrate that:
If a firm has obtained an assurance • Appropriate time and quality staff have been
engagement at a fee lower than that charged
assigned, and
by their predecessor or quoted by other firms • All applicable standards are being complied
('lowballing'), a self-interest threat is created.
with
(d) Gifts and hospitability
Threat
Safeguards
Accepting gifts or hospitality from the client A firm or member of the assurance team
may create self-interest and familiarity threats. should not accept gifts or hospitality unless the
value is clearly insignificant.
5.2.
Threats arising from employment and other relationships
(a) Close business relationships
Threat
Inappropriate close business relationships
between an audit firm and an audit client which
create a self-interest threat include:
• Having a material financial interest in a joint
venture with the assurance client
• Arrangements to combine one or more
services or products of the firm with one or
more services or products of the assurance
client and to market the package with
reference to both parties
• Distribution or marketing arrangements under
which the firm acts as distributor or marketer
of the assurance client's products or services
or vice versa
Safeguards
Unless the interest is clearly insignificant, an
assurance provider should not participate in
such a venture with an assurance client.
If an individual member of an assurance team
had such an interest, he should be removed
from the assurance team.
16
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
(b) Family and personal relationships
Threat
Family or close personal relationships between
members of the assurance firm and client staff
could create self-interest, familiarity or
intimidation threats. Each situation has to be
evaluated individually.
Factors to consider are:
• The individual's responsibilities on the
assurance engagement
• The closeness of the relationship
• The role of the other party at the assurance
client
Safeguards
When an immediate family member of the
assurance team is a director, an officer or an
employee of the assurance client in a position
to exert direct and significant influence over
the subject matter information of the assurance
engagement, the individual should be removed
from the assurance team.
If a firm inadvertently violates the rules
concerning family and personal relationships,
they should apply additional safeguards such
as undertaking a quality control review of the
audit and discussing the matter with the audit
committee of the client, if there is one.
(c) Employment
Threat
Safeguards
Director, officer or employee of client in a Safeguards might include:
position to exert direct and significant • Considering the necessity of modifying the
influence on the subject matter of the assurance
plan for the assurance engagement
engagement has been a member of the • Assigning an assurance team with sufficient
assurance team or partner in the firm.
experience in relation to the individual who
has joined the client
This may create self-interest, familiarity and • Involving an additional professional
intimidation threats.
accountant who was not a member of the
assurance team to review the work done
The significance of the threat will depend on:
• Quality control review
• The position taken at the assurance client
• The individual concerned is not entitled to
• The involvement the individual will have
any benefits or payments from the firm
with the assurance team
unless these are made in accordance with
• The length of time that has passed since the
fixed predetermined arrangements
individual was a member of the assurance • The individual does not continue to
team or firm
participate or appear to participate in the
• The former position of the individual within
firm's business or professional activities.
the assurance team or firm.
A key audit partner should not accept a key
management position with their audit client
unless at least two years have elapsed since the
conclusion of the audit.
Former officer, director or employee of client If during the period covered by the assurance
has joined the assurance firm.
report or the preceding two years, the
individual was in a position to exert influence
17
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
This may create self-interest, self-review and over the financial statements, the individual
familiarity threats.
should not be assigned to the audit team.
Serving as an officer or director on the board The only course of action is to refuse to
of an assurance client.
perform, or withdraw from the assurance
engagement.
If a partner or employee of the firm performs
this role, the self-review and self-interest
threats are so significant that no safeguards
could reduce the threat to acceptable level.
(d) Long association
Threat
Safeguards
Using the same senior personnel on an Safeguards might include:
assurance engagement over a long period of • Rotation of senior personnel
time may create a familiarity threat.
• Involving another professional accountant
who was not a member of the assurance team
The significance of the threat will depend
to review the work done.
on:
• Independent quality control reviews.
Note: for listed and other public interest
• Length of time the person has been a member
entities:
of the team
• Engagement partner should be rotated after
• Role of the team
no more than 5 years and should not return
• Structure of the firm
until 5 years have elapsed.
• Nature of the assurance engagement
• Other key audit partners should be rotated
after no more than 7 years and should not
return until 2 years (5years if returning as
engagement partner) have elapsed.
(e) Actual and threatened litigation
Threat
Safeguards
When litigation takes place or appears likely • Disclose to the audit committee
between the firm or member of the assurance • Removal of individual involved in litigation
team and the assurance client, a self-interest or
from the assurance team
intimidation threat may be created.
• Refuse to perform the assurance engagement.
5.3.
Provision of non-assurance services
Firms have traditionally provided to their assurance clients a range of non-assurance services that
are consistent with their skills and expertise. Assurance client’s value the benefits that derive
from having these firms, who have a good understanding of the business, bring their knowledge
and skill to bear in other areas. Furthermore, the provision of such non-assurance services will
18
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
often result in the assurance team obtaining information regarding the assurance client's business
and operations that is helpful in relation to the assurance engagement.
The following activities would generally create self-interest or self-review threats that are so
significant that only avoidance of the activity or refusal to perform the assurance engagement
would reduce the threats to an acceptable level:
•
•
•
Authorizing, executing or consummating a transaction, or otherwise exercising authority on
behalf of the assurance client, or having the authority to do so;
Determining which recommendation of the firm should be implemented; and
Reporting, in a management role, to those charged with governance.
Threat
Safeguards
General
The following activities may create self-review • Making arrangements so that personnel
or self-interest threats:
providing such services do not participate in
the assurance engagement.
• Having custody of an assurance client’s assets • Involving an additional professional
• Supervising assurance client employees in the
accountant to advise on the potential impact
performance of their normal recurring
of the activities on the independence of the
activities; and
firm and the assurance team.
• Preparing source documents or originating • Policies and procedures to prohibit
data, in electronic or other form, evidencing
professional staff from making management
the occurrence of a transaction.
decisions for the assurance client.
• Discussing independence issues related to the
provision of non-assurance services with
those charged with governance, such as the
audit committee.
• Disclosing to those charged with governance,
such as the audit committee, the nature and
extent of fees charged.
Preparing accounting records and financial
statements.
This may result in a self-review threat.
The threat created could not be reduced to an
If accounting assistance amounts to making acceptable level of safeguards.
management decisions, eg
• Determining or changing journal entries
without client approval
• Authorizing or approving transactions
Safeguards could include:
For clients that are not listed by other public • Arrange that the services are not performed
interest entities.
by a member of the assurance team
• Requiring source data to be originated by the
client
• Obtaining client approval for any propose
19
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
journal entries
For clients that are listed or other public No safeguard except a prohibition of such
interest entities.
services except in emergency situations could
reduce the threat to an acceptable level.
Provision of tax services
Frequently the firm may be asked to provide
taxation services to an audit client. These may
include compliance, planning, provision of
formal taxation opinions and assistance in the
resolution of tax disputes. Such assignments
are generally not seen to create threats to
independence.
Provision of internal audit services
Appropriate safeguards include:
A self-review threat may be created when a • The audit client is responsible for internal
firm provides internal audit services to a
audit activities and acknowledges its
financial statement audit client. The level of
responsibility for establishing, maintaining
threat will depend on the nature of service
and monitoring the system of internal
provided.
controls
• The audit client designates a competent
employee to be responsible for internal audit
activities
• The audit client is responsible for evaluating
and determining which recommendations of
the firm should be implemented
• Such non-assurance service should be
provided only by personnel not involved in
the financial statement audit engagement and
with different reporting lines within the firm.
6. Enforcement of Ethical Requirements
The effectiveness of enforcing ethical standards varies from country to country. In many
countries an auditor who violates the ethical standard may be disciplined by law or by the
professional organization. The penalties range from a reprimand to expulsion or fine. In the USA
expulsion from a state society or the American Institute of Certified Public Accountants
(AICPA) does not mean that the expelled member cannot practice public accounting because
only the state boards of public accountancy have the authority to revoke a license. As illustrated
in the case of Arthur Andersen if a company is convicted of a felony, the US Security and
Exchange Commission (SEC) prohibits them from auditing publicly traded companies. In other
countries such as Japan, France and Germany government often take a formal role in the
enforcement of the standards.
International Ethics Standards Board of Accountants (IESBA) has no authority to require
disciplinary action for violation of the Code of Ethics. IESBA relies on legislation or the
constitution of professional bodies in each country.
20
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
Disciplinary action ordinarily arises from such issues as: failure to observe the required standard
of professional care, skills or competence; non-compliance with rules of ethics and discreditable
or dishonorable conduct. Sanctions commonly imposed by disciplinary bodies include:
reprimand, fine, payment of costs, withdrawal of practicing rights, suspension, and expulsion
from membership. Other sanctions can include a warning, the refund of the fee charged to the
client, additional education, and the work to be completed by another member at the disciplined
member’s expense.
21
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
UNIT THREE
AUDITORS DUTIES AND LEGAL LIABILITY
I. Auditors Duties and the Expectations of Audit Services Users
Many users of audit reports expect auditors to detect fraud, theft, and illegal acts and to report
them publicly. Auditors take responsibility for detecting material misstatements in financial
statements but they are very cautious about taking responsibility for detecting all manner of
fraud, and are especially cautious about accepting a public reporting responsibility. Fraud and
misleading financial statements loom large among the concerns of financial statement users.
They are afraid of information risk, and they want it to be reduced, even eliminated.
The users of audit services can broadly be classified as auditees (the board of directors of the
company) and third parties (shareholders, bankers, creditors, employees, customers, and other
groups). Each of these groups has its own set of expectations with regard to an auditor’s duties.
Expectations were found with regard to the following duties of auditors in giving an opinion on
the:
fairness of financial statements;
company’s ability to continue as a going concern;
company’s internal control system;
occurrence of fraud;
occurrence of illegal acts.
Current developments in each of these duties will be described in the remainder of this section.
1. Opinion on the Fairness of Financial Statements
Giving an opinion on the fairness of the financial statements is generally regarded as the
auditor’s core business. Most of the national and international auditing guidelines are concerned
with this particular duty. Expectation gap studies demonstrate that public expectations are high.
Basically, it seems that a large part of the financial community (users of audit services) expects
that financial statements with an unmodified (unqualified) audit opinion are completely free from
error. Companies like Enron, Parmalat, and WorldCom who reported fraudulent financial
statements had financial statements that did not fairly reflect the underlying financial condition
of those companies. The inherent limitations of auditing, expressed in materiality and audit risk
are not entirely accepted and/or understood by all groups of users.
Standard on Auditing (ISA) 705 deals with the auditor’s responsibility to issue an appropriate
report in circumstances when, in forming an opinion in accordance with ISA 700, the auditor
concludes that a modification to the auditor’s opinion on the financial statements is necessary.
ISA 700 requires the auditor, in order to form an opinion on the financial statements, to conclude
as to whether reasonable assurance has been obtained about whether the financial statements as a
whole are free from material misstatement.
22
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
2. Opinion on the Company’s Ability to Continue as a Going Concern
Perhaps the most disturbing events for the public’s trust in the audit profession are cases where
an unmodified (unqualified) audit report has been issued shortly before a company’s bankruptcy.
Under ISA 570 and most national regulations, auditors need to determine whether the audited
entity is able to continue as a going concern. Although warning the financial statement users of
any threatening financial distress is appropriate, the disclosure of a possible future bankruptcy –
especially when the future course of events is hard to predict – may prove to be a self-fulfilling
prophecy which deprives management of its means to save the company.
3. Opinion on the Company’s Internal Control System
The issue of testing and reporting on the quality of a company’s internal control system has been
recognized as one of the focal issues in auditing. ISA 315 states that “the objective of the auditor
is to identify and assess the risks of material misstatement … through understanding the entity
and its environment, including the entity’s internal control.” ISAE 3000 states that “the
assurance report should be in writing and should contain a clear expression of the practitioner’s
conclusion about the subject matter information.” Furthermore, the United States SarbanesOxley Act of 2002 requires that company officers certify that internal controls are effective and
requires that an independent auditor verify management’s analysis. US Public Company
Accounting Oversight Board (PCAOB) has promulgated Audit Standard #5 that addresses
internal control audits.
Expectation gap surveys show high expectations of the auditor’s role in testing whether a
satisfactory system of internal control is being operated. These expectations are likely to be met
in current audit environments.
4. Opinion on the Occurrence of Fraud
The auditor's responsibility for detecting fraud in financial statements is a complex topic, and
auditing standards have emphasized that the auditor's need to be diligent in the pursuit of fraud.
However, while auditors have taken steps to increase their detection and awareness of fraud, the
responsibility they assume is still less than many users expect. This disparity leads to lawsuits,
even when auditors have performed an audit with due professional care.
The audit expectation gap is frequently associated with the fraud issue. Both governments and
the financial community expect the auditor to find existing fraud cases and report them. The fact
that this part of the expectation gap has attracted so much attention is partly attributable to the
evolution of auditing. Studies about of the history of auditing showed that the detection of fraud
has been one of the profession’s cornerstones.
The current position of the audit profession is described in ISA 240. According to ISA 240, the
primary responsibility for the prevention and detection of fraud and error rests with both those
charged with the governance and the management of an entity. Fraud may involve sophisticated
and carefully organized schemes designed to conceal it, such as forgery, deliberate failure to
record transactions, or intentional misrepresentations being made to the auditor. The auditor is
23
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
responsible for obtaining reasonable assurance the financial statements are free from material
statement, whether caused by fraud or error.
5. Opinion on the Occurrence of Illegal Acts
Closely related to the subject of fraud is the auditor’s reaction to the occurrence of illegal acts in
a company. Both ISA 250 and most national regulators state that the auditor’s responsibility in
this area is restricted to designing and executing the audit in such a way that there is a reasonable
expectation of detecting material illegal acts which have a direct impact on the form and content
of the financial statements. In reporting illegal acts, most national regulators require the auditor
to assess the potential impact on the financial statements and determine the consequences of the
uncertainty or error in the financial statements for the nature of the opinion.
Apart from reporting the acts through the report, the professional regulations in some countries
require the auditor to inform members of the audit committee or board of directors. Informing
third parties is not allowed, except for some very special, narrowly defined circumstances.
II. Legal Liability
There are many stakeholders who rely on audited financial statements: the client (with which
there is a privity relationship), and third parties such as actual and potential stockholders,
vendors, bankers and other creditors, employees, customers, and the government (like the tax
authorities). Legal liability of the auditor to each stakeholder varies from country to country.
This liability can generally be classified based on one or more of the following: common law,
civil liability under statutory law, criminal liability, and liability as members of professional
accounting organizations.
1. Liability under Common Law
Liability for auditors under common law generally falls in two categories: liabilities to clients
and third-party liability.
1.1. Liability to Clients
The most common source of lawsuits against Certified Accountants is from clients. The suits
vary wide including such claims as failure to complete a non-audit engagement on the agreedupon date, inappropriate withdrawal from an audit, failure to discover a defalcation (theft of
assets), and breaching the confidentiality requirements of Certified Accountants. Typically, the
amount of these lawsuits is relatively small, and they do not receive the publicity often given to
other types of suits.
Clients may bring a lawsuit for breach of contract. The relationship of direct involvement
between parties to a contract is known as privity. When privity exists, a plaintiff usually need
only show that the defendant accountant was negligent. (Ordinary negligence-a lack of
reasonable care in the performance of professional accounting tasks-is usually meant when the
24
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
word negligence stands alone). If negligence is proved, the accountant may be liable, provided
the client has not been involved in some sort of contributory negligence in the dispute.
A typical lawsuit involves a claim that the auditor did not discover an employee defalcation as a
result of negligence in the conduct of the audit. The lawsuit can be for breach of contract, a tort
action for negligence, or both. Tort actions can be based on ordinary negligence, gross
negligence, or fraud. Tort actions are common because the amounts recoverable under them are
normally larger than under breach of contract.
The principal issue in cases involving alleged negligence is usually the level of care required.
Although it is generally agreed that nobody is perfect, not even a professional in most instances,
any significant error or mistake in judgment will create at least a presumption of negligence that
the professional will have to rebut. In the auditing environment, failure to meet ISA is often
conclusive evidence of negligence.
The question of level of care becomes more difficult in the environment of an unaudited review
or compilation of financial statements in which there are fewer accepted standards to evaluate
performance. There are some widely known examples of a lawsuit dealing with the failure to
uncover fraud in unaudited financial statements. Although the Certified Accountant was never
engaged to conduct an audit for the client, the Certified Accountant may be found liable for
failing to detect an embezzlement scheme conducted by, for instance, one of the client's
managers. One of the reasons for this outcome was the lack of a clear understanding between the
client and the Certified Accountants as to the exact nature of the services to be performed by the
Certified Accountant. Now, Audit firms and clients typically sign engagement letters to
formalize their agreements about the services to be provided, fees, and timing. There can be
privity of contract without a written agreement, but an engagement letter defines the contract
more clearly.
1.2. Liabilities to Third Parties
Third parties include all stakeholders in an audit other than the audit client. An audit firm may be
liable to third parties such as banks who have incurred a loss due to reliance on misleading
financial statements.
The leading precedent-setting auditing case in third-party liability are discussed next.
1.2.1. Ultramares
The most famous US audit case in third party liabilities happened in the 1931 Ultramares–
Touche case (Ultramares Corporation v Touche et al.). In this case, the court held that although
the accountants were negligent in not finding that a material amount of accounts receivable had
been falsified when careful investigation would have shown the amount to be fraudulent, they
were not liable to a third party bank because the creditors were not a primary beneficiary, or
known party, with whom the auditor was informed before conducting the audit. This precedent is
called the Ultramares doctrine, that ordinary negligence (the failure to use reasonable care) is not
25
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
sufficient for a liability to a third party because of lack of privity of contract between the third
party and the auditor.
1.2.2. Caparo
The 1990 Caparo case (Caparo Industries, PLC v Dickman and Others), is a leading English tort
law case on the test for a duty of care of an auditor. The decision arose in the context of a
negligent preparation of accounts for a company. Prior to the decision, if a statement (like an
audit opinion) was made negligently, then the person making the statement will be liable for any
loss which results. The question in Caparo was the scope of the assumption of responsibility, and
what the limits of liability ought to be.
The House of Lords, following the Court of Appeal, set out a "three-fold test". In order for an
obligation (duty of care) to arise in negligence: (1) harm must be reasonably foreseeable as a
result of the defendant's conduct; (2) the parties must be in a relationship of proximity and (3) it
must be fair, just and reasonable to impose liability. In the case of annual financial statements,
this purpose was to give the shareholders the information necessary to enable them to question
the past management of the company, to exercise their voting rights and to influence future
policy and management.
In the leading precedent-setting auditing case in third-party liability- Ultramares Corporation v.
Touche, which established the Ultramares doctrine, the court held that although the accountants
were negligent, they were not liable to the creditors because the creditors were not a primary
beneficiary.
Primary beneficiaries are third parties for whose primary benefit the audit or other
accounting service is performed. Such a beneficiary will be identified to, or reasonably
foreseeable by, the accountant prior to or during the engagement, and the accountant will know
that his or her work will influence the primary beneficiary's decisions. For example, an audit firm
may be informed that the report is needed for a bank loan application at the ABC Bank.
Accountants may also be liable to creditors, investors, or potential investors who rely on
accountant's work. If the accountant is reasonably able to foresee a limited class of potential
users of his or her work (e.g., local banks, regular suppliers), liability may be imposed for
ordinary negligence. This, however, is an uncertain area, and liability in a particular case
depends entirely on the unique facts and circumstances.
Other parties not in privity had no cause of action for breach of contract. However, if the
negligence is so great as to constitute gross negligence-lack of even minimum care in
performing professional duties, indicating reckless disregard for duty and responsibilitygrounds might exist for concluding that the accountant had engaged in constructive fraud. Actual
fraud is characterized as an intentional act designed to deceive, mislead, or injure the rights of
another person. Constructive fraud, however, may not have the same element of intent, but the
result is the same-to deprive or injure another unsuspecting party.
26
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
General beneficiaries (third parties other than primary beneficiaries) may recover damages if
they are able to show that an accountant was grossly negligent and perpetrated a constructive
fraud. Ordinary negligence is insufficient for liability to third parties because of the lack of
privity of contract between the third party and the auditor, unless the third party is a primary
beneficiary. In a subsequent trial of the Ultramares case discussed above, the court pointed out
that had there been fraud or gross negligence on the part of the auditor, the auditor could be held
liable to third parties who are not primary beneficiaries i.e., general beneficiaries.
1.3. Burden of Proof on the Plaintiff
Actions brought under common law place most of the burdens of affirmative proof on the
plaintiff, who must prove: (1) he or she was damaged or suffered a loss, (2) the necessary privity
or beneficiary relationship, (3) the financial statements were materially misleading or the
accountant's advice was faulty, (4) he or she relied on the statements or advice, (5) their reliance
was the direct cause of the loss, and (6) the accountant was negligent, grossly negligent,
deceitful, or otherwise responsible for damages.
1.4. Defences of the Accountant
The defendant accountant in a common-law action presents evidence to mitigate or refute the
plaintiff’s claims and evidence. For example, the accountant might offer evidence that the
plaintiff was not foreseen, the financial statements were not misleading, or the plaintiff
contributed to the negligence. The primary defence against a negligence claim is to offer
evidence that the audit had been conducted in accordance with ISA with due professional care.
Accountants can defend a common-law action by presenting arguments and evidence to mitigate
the plaintiff's claims and evidence. In particular, an accountant can offer evidence to show:
1. There is lack of duty to perform the service means that the Audit firm claims that there was
no implied or expressed contract. For example, the Audit firm might claim that
misstatements were not uncovered because the firm did a review service, not an audit. A
common way for an Audit firm to demonstrate a lack of duty to perform is by use of an
engagement letter. Many litigation experts believe that a well-written engagement letter is
one of the most important ways in which Audit firms can reduce the likelihood of adverse
legal actions.
2. The plaintiff did not suffer a real loss.
3. The financial statement misstatements were not material or the accountant's advice was not
faulty.
4. The plaintiff did not rely on the financial statements but on some other source of information.
5. Even if the plaintiff used the financial statements, the loss was caused by some other events
beyond the accountant's scope of responsibility. In other words, the auditor is claiming that
there is absence of causal connection. To succeed in an action against the auditor, the client
must be able to show that there is a close causal connection between the auditor's breach of
the standard of due care and the damages suffered by the client. For example, assume that an
auditor failed to complete an audit on the agreed-upon date. The client alleges that this
caused a bank not to renew an outstanding loan, which caused damages. A potential auditor
27
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
defence is that the bank refused to renew the loan for other reasons, such as the weakening
financial condition of the client. This defence is called an absence of casual connection.
6. The accountant's work was performed in accordance with professional standards (e.g., ISA
for audits of financial statements). In this case, the Audit firm claims that the audit was
performed in accordance with ISA. Even if there were undiscovered misstatements, the
auditor is not responsible if the audit was conducted properly.
In addition, accountants can defend themselves on the grounds of contributory negligence. A
defence of contributory negligence exists when the client's own actions either resulted in the loss
that is the basis for damages or interfered with the conduct of the audit in such a way that
prevented the auditor from discovering the cause of the loss. As an example of the first
circumstance, suppose a client claims that an Audit firm was negligent in not uncovering an
employee's theft of cash. If the Audit firm had notified the client (preferably in writing) of a
weakness in internal control that would have prevented the theft but management did not correct
it, the Audit firm would have a defence of contributory negligence. As an example of the second
circumstance, suppose an Audit firm failed to determine that certain accounts receivable were
uncollectible and, in reviewing collectability, were lied to and given false documents by the
credit manager. In this circumstance, assuming the audit of accounts receivable was done in
accordance with ISA, a defence of contributory negligence would exist.
2. Civil Liability under Statutory Law
Most countries have laws that affect the civil liabilities of auditors. Securities laws, for example,
may impose strict standards on professional accountants. In the USA, the Securities Act of 1933
not only created the Securities and Exchange Commission (SEC), it established the first statutory
civil recovery rules for third parties against auditors. Original purchasers of securities of a firm
newly registered to make a public offering have recourse against the auditor for up to the original
purchase price if the financial statements are false or misleading.
Anyone who purchased securities described in the SEC registration statement may sue the
auditor for material misrepresentations or omissions in financial statements published in the
registration statement. The auditor has the burden of demonstrating that reasonable investigation
was conducted or all that the loss of the purchaser of securities (plaintiff) was caused by factors
other than the misleading financial statements. If the auditor cannot prove this, the plaintiff wins
the case.
The United States Sarbanes Oxley Act of 2002 also prescribes civil penalties for CFOs and
CEOs. If there is a material restatement of a company’s reported financial results due to the
material noncompliance of the company, as a result of misconduct, the CEO and CFO must
reimburse the company for any bonus or incentive or equity-based compensation received within
the 12 months following the filing with the financial statements subsequently required to be
restated . Financial statements filed with the SEC by any public company must be certified by
CEOs and CFOs. If all financials do not fairly present the true condition of the company, CEOs
and CFOs may receive fines for fraud.
28
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
3. Criminal Liability
Note that what may amount to a civil offence in one country may amount to a criminal offence in
another and vice versa.
Criminal liability can arise in the following circumstances:
a) It is always an offence to accept appointment as auditor when ineligible to do so, or to
continue in office after becoming ineligible.
b) It may be a criminal offence to:
misappropriate another's property;
obtain a financial advantage by deception;
falsify accounting records or documents; and
publish a misleading statement intended to deceive members or creditors.
In many high-profile cases such as the Guinness scandal in the UK, where, it is impossible to
prove more serious charges, the seemingly minor offence of falsifying accounting records is
used and the maximum penalties applied.
c) In countries with established and mature stock markets, securities legislation usually makes
"insider dealing" an offence.
This is the misuse of unpublished price sensitive information'. Auditors are in a privileged
position to obtain price sensitive information such as mergers and take-overs or sudden
changes in profits. To encourage staff not to take advantage of this information, audit firms
often prohibit staff from holding and dealing in shares in client companies. In the USA
securities legislation itself prohibits auditors from holding shares in client companies.
d) Financial services legislation, as noted above, provides criminal sanctions for auditors and
others (principally directors) who knowingly or recklessly make false statements in
connection with the issue of securities (principally via the prospectus).
4. Liabilities as Members of Professional Accounting Organizations
Nearly all national audit professions have some sort of disciplinary court. In most countries,
anyone can lodge a complaint against an auditor, regardless of one’s involvement with the
auditor. The disciplinary court typically consists of representatives of the audit and legal
professions, and sometimes representatives of the general public. Having heard the arguments of
the plaintiff and the defendant, the court makes its judgment and determines the sanction – if any
– against the auditor. The sanction may vary. It may be:
a fine;
a reprimand (either oral or written);
a suspension for a limited period of time (e.g. six months); or
a lifetime ban from the profession.
29
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
In some countries, the trials of these disciplinary courts are public. In most countries, the verdicts
are made public, in particular if the verdict is either a suspension or a lifetime ban. Appeal
against the verdict of the disciplinary court is usually possible. Suppose the auditor is condemned
by the disciplinary court for an audit failure. Is that enough for a civil suit against an auditor? No.
In order to hold the auditor legally liable successfully in a civil suit, the following conditions
have to be met:
An audit failure/neglect has to be proven (negligence issue). A verdict by the disciplinary
court is often the basis for meeting this condition.
The auditor should owe a duty of care to the plaintiff (due professional care issue).
The plaintiff has to prove a causal relationship between his losses and the alleged audit
failure (causation issue).
The plaintiff must quantify his losses (quantum issue).
5. Suggested Solutions to Auditor Liability
It is widely acknowledged that the financial risks resulting from litigation for audit firms and
partners might be a threat to the viability of the audit profession. In order to reduce these risks
several measures are considered:
A limit or cap on claims (a maximum settlement amount) is known in advance and limits
settlements. Liability is now capped in Austria, Belgium, Germany, Greece and
Slovenia.
In some countries, a system of proportionate liability is under study. In such a system, an
audit firm is not liable for the entire loss incurred by plaintiffs (as is the case under joint
and several liability), but only to the extent to which the loss is attributable to the auditor.
The US has a system of proportionate liability, but only under the federal acts.
To make insurance of all liability risks compulsory using new legislation was one of the
recommendations of a EU commission.
Exclude certain activities with a higher risk profile from the auditors' liability. A
mechanism to achieve this outcome would be to introduce so-called safe harbour
provisions by legislation.
In order to protect the personal wealth of audit partners, some audit firms are structured
as a limited liability partnership (e.g. in the UK).
30
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
UNIT FOUR
APPOINTMENT, REMUNERATION, AND REMOVAL OF AUDITORS
I. Auditor's Appointment
Auditors are commonly appointed by shareholders, directors or sometimes by a supervisory
board or audit committee. Occasionally, government appoints the first auditors where enterprises
are being privatized.
It is usually the shareholders that appoint auditors; although in practice they generally accept the
recommendations of directors. A simple majority, two-thirds, or a 75% majority may be required
to appoint auditors, depending on legislation and the company's constitution.
Generally, auditors are appointed for a term of one year, although this is often extended. The
auditor's remuneration is generally fixed with the directors or the audit committee and the
auditors have a contract with the company.
II. Removal and Resignation of Auditors
It is uncommon for auditors to resign, or to be removed by their client before the end of their
term of office. If auditors disagree with their clients over fees or accounting policies, they simply
do not offer themselves for re-appointment when their contract is finished. Removal or
resignation before the end of the audit contract implies serious disagreement between auditor and
client and is often accompanied by litigation.
Removal procedures
It is generally more difficult to remove auditors than to appoint them as shareholders and/or
directors need to be properly informed as to the nature of the problem. A simple majority, two
thirds, or a 75% majority resolution of directors and/or shareholders is usually required to
remove auditors, along with some sort of special notice in writing to those concerned. The
auditor is sometimes given the right to make written representation and to speak at the meeting at
which it is proposed to remove him. It is also common for the auditor to be required to make
some sort of statement, either orally, or in writing, to the effect that there are no circumstances
surrounding his removal that ought to be brought to the attention of the shareholders or others. If
such circumstances exist, where, for example, there is a severe disagreement over accounting
policies or suspected fraud, then the auditor should say So! This is commonly referred to as a
'Statement of Circumstances'. Removals must usually be notified to regulatory authorities.
These provisions are necessary to ensure that auditors are not removed for improper reasons
without the knowledge of shareholders, and that auditors do not seek to avoid the responsibilities
by 'going quietly', where problems arise, without informing shareholders.
31
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
Resignation procedures
Resignation usually requires written notice by the auditor to the company and to the regulatory
authorities. It also requires a statement of circumstances as discussed above and the auditor -is
again, permitted to speak and communicate in writing with shareholders and others. In some
cases, he is also allowed to require the company to call a meeting in order to discuss the reasons
for his resignation. This time, it is the auditor who may be breach of contract, and he may be
sued by the client.
Appointment
•
•
•
Removal
•
•
Resignation
•
•
•
SUMMARY
Normally appointed annually
By shareholders resolution
In particular circumstances, eg first auditors, casual vacancy, directors
can appoint auditors
Resolution by shareholders
Auditors entitled to:
o Notice of resolution
o Make written representation
o Speak at shareholders meetings until their term of office
have expired
Auditors may resign at any time
Give written notice to registered office of the company
Send statement of circumstances to everyone entitled to a copy of the
accounts
32
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
QUESTIONS TO PONDER WITH IN CLASS
QUESTION: SECTION ONE
1. The body that issues international pronouncements providing auditing procedural and reporting
guidance is the:
a) International Federation of Auditors.
b) Multinational Reporting Commission.
c) International Auditing and Assurance Standards Board.
d) Auditing Standards Board.
2. Which of the following best describes what is meant by international auditing standards?
a) Acts to be performed by the auditors.
b) Measures of the quality of the auditors' performance.
c) Procedures to be used to gather evidence to support financial statements.
d) Audit objectives generally determined on audit engagements.
QUESTION: SECTION TWO
1. A professional accountant should maintain objectivity and be free of conflicts of interest when
performing:
a) Audits, but not any other professional services.
b) All attestation services, but not other professional services.
c) All attestation and tax services, but not other professional services.
d) All professional services.
2. If the IESBA Code of Professional Conduct does not specifically address a threat to auditor
independence the auditor should:
a) Conclude that the threat is not significant unless proven so.
b) Conclude that the threat results in a lack of independence unless it can be shown that no impairment
of independence occurs.
c) Consider the threat from the perspective of a reasonable an informed third party who has knowledge
of all the relevant information.
d) Consult the Statements on Auditing Standards for guidance.
3. Which of the following is not one of the 5 ethical principles contained in the IESBA code of Ethics?
a) Integrity.
b) Confidentiality.
c) Professional Cleverness.
d) Objectivity.
4. Which of the following are considered an ethical threat?
i) Self Review.
ii)Self Instruction.
iii)Self Interest.
iv)Advocacy.
v)Confidentiality.
a) All of the above b) i) & iii) only
c) i) and iv) only
d) i), iii) & iv) only
5. An example of a self-review threat is:
a) An auditor who holds shares in the company which they are auditing.
b) An auditor who implements an accounting system for an audit client.
c) An auditor who prepares tax returns for clients other than audit clients.
d) An auditor who speaks on behalf of a client at a tax investigation.
33
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
6. Put the following in the correct order to assess an ethical threat:
i) Make a decision.
ii) Consider the ethical issue and the ethical threat involved.
iii)Assess the facts to understand the issue.
iv)Discuss any potential safeguards to reduce the threat
a) ii), iii), i), iv)
b) iii), ii), iv), i)
c) i), iii), ii), iv)
d) iii), iv), ii), i)
7. Which of the following is considered lowballing?
a) Offering the audit at an artificially high fee to ensure that a good margin is made on the fee.
b) Offering the client tax services only.
c) Offering the audit an artificially low fee in order to get the work before increasing fees later or
offering other services to the client.
d) Offering the client a low fee in the hope that they will tell others and increase the
auditor’s client base.
8. A self-interest threat would occur when the auditor has a financial interest in the client. Which of the
following would constitute such a threat?
a) An auditor owning shares in a potential new audit client and selling them before
accepting the appointment.
b) A shareholder in the client firm owning shares in another firm which is audited by the same auditor.
c) A client not paying the fee for last year’s audit by the time this year’s audit begins.
d) A client paying fees on account in advance of this year’s audit as part of an agreed
payment plan between the client and auditor.
9. Archie is an auditor who has been working as part of an audit team of four on the audit of a large listed
client for several weeks. During his time there he has often interacted with client members of staff and
has enjoyed their company. On the last day of the audit Archie is invited out for dinner and drinks by
the client staff who say ‘you’ll not have to pay for a thing as we will use the company credit card’.
Which of the following would best describe this situation?
a) A small self-interest threat that could be avoided by politely declining the invite.
b) A large self-interest threat that should be reported to the audit partner and declined in no uncertain
terms.
c) An attempt to bribe the auditor to influence their opinion.
d) No threat whatsoever.
10. Which of the following is most likely to be unique to the audit work of CPAs as compared to work
performed by practitioners of other professions?
a) Due professional care
b) Competence
c) Independence
d) Complex body of knowledge
11. Which of the following is not a safeguard created by the profession, legislation or regulation?
a) Professional monitoring processes. b) Continuing education requirements.
c) Internal policies to monitor compliance with independence ethics. d) Peer review of quality control.
12. Independence is required of an auditor performing:
a) Audits, but not any other professional services.
b) All attestation services, but not other
professional services. c)All attestation and tax services, but not other professional services.
d) All professional services.
13. The IESBA Code of Professional Conduct would be violated if an auditor accepted a fee for services
and the fee was:
a) Fixed by a public authority.
b) Based on a price quotation submitted in
competitive bidding. c) Based on performing work relating to judicial proceedings.
d) Payable if the audit of the financial statements led to a loan.
14. An audit independence issue might be raised by the auditor's participation in consulting services
engagements. Which of the following statements is most consistent with the profession's attitude
toward this issue?
34
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
a) Information obtained as a result of a consulting services engagement is confidential to that specific
engagement and should not influence performance of the attest function.
b) The decision as to loss of independence must be made by the client based on the facts of the
particular case.
c) The auditor should not make management decisions for an audit client.
d) The auditor who is asked to review management decisions, is also competent to make these
decisions and can do so without loss of independence.
15. An auditor violates the Code of Professional Conduct, the professional association to whom the
auditor is a member may do which of the following:
a) Reprimand the offending member.
b) Suspend the offending member.
c) Expel the offending member.
d) All can be the answer
QUESTION: SECTION THREE
1. Which of the following best describes the responsibility of the board of directors in a company for
dealing with the risk of fraud in the organization?
a) To design and implement controls to reduce the risk of fraud.
b) To employ an external auditor to test all areas for fraud indicators.
c) To design a system that reduces the risk of fraud to zero.
d) To monitor all systems on a daily basis personally to ensure no fraud takes place.
2. Which of the following best describes the Auditor’s responsibility for detecting fraud within the client:
a) The auditor designs controls to prevent fraud and informs the client of those controls when reporting
on fraud to management.
b) The auditor is responsible for detecting material error caused by fraud and reporting immaterial
fraud to management if found.
c) The auditor should not consider the risk of fraud at the planning stage of the audit in
case this clouds their judgement.
d) The auditor should report all fraud to shareholders as soon as they find it through calling an
Extraordinary Shareholders Meeting.
3. An audit should be designed to achieve reasonable assurance of detecting material misstatements due
to:
a) Errors.
b) Errors and fraud.
c) Errors, fraud, and those illegal acts with a direct effect on financial statement amounts.
d) Errors, fraud and illegal acts.
4. An auditor will most likely be considered negligent when they fail to:
a) Detect all of a client's fraudulent activities.
b) Include a negligence disclaimer in the client engagement letter.
c) Warn a client of known internal control weaknesses.
d) Warn a client's customers of embezzlement by the client's employees.
5. Professional Accountants should not be liable to any party if they perform their services with: a)
Ordinary negligence.
b) Regulatory providence.
c) Due professional care.
d) Good faith.
6. Which of the following is the best defense that an auditor can assert against common law litigation by a
stockholder claiming fraud based on an unqualified opinion (clean audit report) on materially misstated
financial statements?
a) Lack of due diligence. b) Lack of gross negligence. c) Contributory negligence on the part of the
client. d) A disclaimer contained in the engagement letter.
35
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
7. An auditor's duty of due care to a client most likely will be breached when an auditor:
a) Gives a client an oral report instead of a written report.
b) Gives a client incorrect advice based on an honest error of judgment.
c) Fails to give tax advice that saves the client money.
d) Fails to follow International Auditing Standards.
8. If an auditor recklessly departs from the standards of due care when conducting an audit, the auditor
will be liable to third parties who are unknown to the auditor based on:
a) Ordinary negligence.
b) Gross negligence.
c) Strict liability.
d) Criminal deceit.
9. A reasonable cause for action against the auditor for breach of contract may include all of the following
except
a) violating client confidentiality.
b) withdrawing from an audit engagement without justification.
c) failure to provide the audit report on time.
d) failure to discover an immaterial error.
10. The auditor is responsible for ordinary negligence in most countries to
a) clients.
b) third-party general users.
c) third-party primary beneficiaries. d) both A and C.
11. In a common law action against an accountant, the burden of proof that the plaintiff sustained a loss
must be proven by the:
a) Plaintiff. b) Defendant. c) Regulatory Body. d) Jury.
12. In a common law action against an auditor, lack of privity or lack of no implied or expressed contract
is a viable defense if the plaintiff:
a) Is the client's creditor who sues the auditor for negligence.
b) Can prove the presence of gross negligence that amounts to a reckless disregard for the truth. c) Is
the auditor's client. d) Bases the action upon fraud.
QUESTION: SECTION FOUR
1. The board of directors has responsibility for which of the following:
i) Preparation of the Financial Statements.
ii)Implementing an internal control system.
iii)The risk management of the entity.
iv)Preventing fraud and error.
a) iii) only
b) All of the above
c) i) ii) & iv) only
2. Which of the following is a duty of the Auditor?
a) Prepare a set of accounts that is ‘true and fair’.
b) Help management to form better relations with shareholders.
c) Give an opinion on the integrity of management.
d) Give an opinion on the financial statements.
3. An auditor can be removed from their position as Auditor by:
a) A vote by the majority of the board of directors.
b) The International Federation of Accountants only.
c) A vote by a majority of the shareholders.
d) A decision made by the CEO and Chairman of the company.
36
d) i) & iii) only
Auditing Principles and Practices-I- Notes on Chapter Two- Compiled for AAU Students, Nov 2022
QUESTION: SECTION FIVE
The following two independent situations involve possible violations of the Code of Professional Ethics
and/or standards for the performance of audits, reviews, other forms of assurance engagements, and/or
related services.
Required: For each situation, state whether the Code of Professional Ethics has violated and/or other
standards. Explain your reasoning.
1. On August 20, 2018, Henok, a Certified Accountant and partner, was offered and accepted the
engagement to audit the annual financial statements of JK Corporation for the year ended December
31, 2016. Preliminary work began on the audit on September 15, 2018 and the engagement ended on
March 7, 2019. JK Corporation is a public company. Henok served as controller of JK Corporation
from December 1, 2014, until April 10, 2018, at which time he terminated his employment with JK.
2. Sena, a Certified Accountant, is the auditor of a local real estate development company. While
performing the audit engagement, Sena learns of the company’s plans to acquire a major block of older
homes in the area, for the purpose of consolidating the properties. The developer also plans to ask the
city government to rezone the area from “single family” to “multiple unit” housing. Such rezoning,
which the developer believes will very likely be successful, would significantly increase the market
value of the properties. Sena mentions the developer’s plans to her brother during a family gathering,
and the brother then quickly purchases several homes in the affected area, with the intention of reselling to the developer and realizing a capital gain.
QUESTION: SECTION SIX
Auditors may be held liable to both their clients and third parties under common law.
Required:
a) What must a client prove to recover its losses from the auditors under common law?
b) In a court that adheres to the precedent set by the Ultramares v. Touche case what must an ordinary
third party prove to recover losses from the auditors under common law?
37
