At present, 130 jurisdictions use, or are committed to using, the International Standards on Auditing (ISAs), demonstrating their increasing importance in the global community. This widespread and continually growing international use underscores the importance of the International Auditing and Assurance Standards Board (IAASB) continuing to focus its efforts on maintaining the quality and scalability of these standards for entities of all sizes, and to meeting the expectations that stakeholders have regarding their application.
There are continuing concerns raised by the IAASB’s stakeholders relating to the complexity and difficulties in applying the ISAs, and a growing call for urgent global action. More recently there have been various jurisdictional or regional initiatives specifically targeted at audits of smaller entities. The IAASB has heard the call for action and is now progressing forward in relation to what can be done on a global basis.
On April 26, 2019 the IAASB issued for comment the Discussion Paper (the DP) Audits of Less Complex Entities: Exploring Possible Options to Address the Challenges in Applying the ISAs (available in English, French and Spanish). The purpose of the consultation is to obtain input on the challenges that have been identified and to further understand of the underlying reasons for, or root causes of, the identified challenges. This will help the IAASB to consider how these challenges can be best addressed and determine its future actions. Comments are requested by September 12, 2019. A feedback statement will be published to share the input received, and the IAASB will then deliberate about how to best move forward.
What is a Less Complex Entity?
The discussion about the challenges of applying the ISAs has historically been around the difficulties experienced in audits of smaller entities. However, the IAASB is of the view that it is appropriate to focus on the complexity of the entity rather than its size. In today’s environment it is not only about size―there may be entities that are smaller but may be considered complex, and there may be other entities that would not be considered smaller but would be considered less complex.
Further consideration will be given to how the IAASB describes less complex entities (LCEs) for the purpose of its work. How this description may be applied in individual jurisdictions will depend on the nature of the outputs arising from the consultation process. As a starting point, the IAASB has looked to the current definition in its Handbook of a “smaller entity,” (see page 101) which sets out many of the qualitative characteristics that could also be attributable to an LCE, including concentration of ownership and management in a small number of individuals, straightforward or uncomplicated transactions, simple record-keeping, few internal controls, and few personnel, many having a wide range of duties.
It is recognized that the qualitative characteristics are not exhaustive, and the DP includes a specific question about whether the description is appropriate for the types of entities that is the focus of the work in relation to audits of LCEs, or if there are other characteristics that should be included.
Challenges within the Scope of the IAASB’s Work on Audits of LCEs
The IAASB has always been mindful of the need for the ISAs to be applicable to all entities, ranging from those whose nature and circumstances are simpler and more straightforward (i.e., LCEs), to those entities where the nature and circumstances are more complex.
In March 2009, the Board completed its Clarity Project, which had involved a comprehensive review of all ISAs to improve their clarity and thereby facilitate their consistent application. The requirements are set out as principles, and application material sets out further explanation and guidance about how to implement the requirements. This principles-based approach enables the application of the ISAs to entities with a wide variety of nature and circumstances.
Since the Clarity Project, the IAASB has been making concerted efforts to keep the revised or newly developed standards operational and scalable. For example, it has increased its focus on scalability and proportionality to explore what more can done in the current and recent projects revising some of the core ISAs. The IAASB also receives regular and timely input from IFAC’s SMP Committee highlighting the perspectives of both SMEs and small- and medium-sized practices (SMPs).
The Board is interested to hear which particular ISAs, and which specific requirements, are difficult to apply in an LCE audit. In addition, the Board would like to understand the underlying cause(s), how these have been managed or addressed, and if there are any other broad challenges that have not been identified that should be considered.
Challenges Not within the Control or Scope of the IAASB Work on Audits of LCEs
In developing the DP, the IAASB identified a number of issues that were contributing to the challenges experienced in applying the ISAs. However, there are some factors driving the challenges and other relevant matters that may impact the audit environment for LCEs, but that do not fall within the IAASB’s remit as an international standard-setter, or which the IAASB does not intend to consider as part of this project. This includes:
- Legal and other requirements for an audit – the IAASB does not set the requirements for which entities require an audit or influence in any way where an entity voluntarily elects to have an audit undertaken.
- Commercial considerations relating to an audit – audit fee pressure may lead to questions about the cost-benefit of performing the required audit procedures.
- Technology tools/ methodologies – access may be limited.
- Education and people – a lack of understanding of existing, new or revised ISAs may negatively impact the way that the ISAs are applied.
- Engagements other than audit – other standards (i.e., review, assurance and related services standards) may be an appropriate alternative in cases where an audit is not required or needed, but are ‘not in scope’ when considering audits of LCEs.
- Value of an audit – for example, the relevance of reporting on historical financial statements compared to forward-looking information.
- Public expectations – the gap between what the auditor is required to do and what the public expects.
While the IAASB does not intend to directly address these as part of its work in relation to audits of LCEs, it may be in a position to further consider how it may best influence and encourage actions by others in these areas and is interested to hear where this focus should be.
Possible Actions to be Explored
The potential possible actions outlined in the DP are set out below. It should be noted that the IAASB has not yet made any decisions about which option it may progress. In addition, the options that follow may not be exclusive; more than one option may be undertaken.
Revising the ISAs
The ISAs could be revised to make the auditor’s work effort clearer. Broadly, this may involve a greater focus on more clearly setting out what the auditor needs to do (i.e., focusing on the way the requirements have been articulated using clearer and understandable language), revising the application material to feature more scalability and proportionality considerations (e.g., providing examples of both simple and complex circumstances in order to contrast the differences), and/ or adopting an approach of revising the standards by setting out the basic requirements for all audits, then expanding as needed to address more complex circumstances (the so-called “building-blocks approach”).
There are various ways that such a revision of the ISAs could be undertaken, including revising all the ISAs as part of one substantial project, revising the ISAs on a rolling or phased basis, or making targeted changes when an ISA is being revised.
Developing a Separate Auditing Standard for Audits of LCEs
Another option is to develop a separate auditing standard for audits of LCEs. From outreach undertaken to date, it is clear that the level of assurance for the audit opinion issued in accordance with such a standard should be the same as the ISAs (i.e., reasonable assurance). However, what reasonable assurance means in the circumstances may vary by context, which may need to be explored further.
A separate standard may include a description of the types of entities for which it would be appropriate to use or not (for example, it may not be appropriate to use such a standard for audits of publicly listed entities). As with the ISAs, local laws and regulations would prescribe when such a standard could be used in a particular jurisdiction.
A separate auditing standard could be based on the existing ISAs with the aim of achieving the same objective. Features could include retaining principle and risk-based requirements, which are presented in a way that follows the work flow of an audit and allow the auditor to use their professional judgment.
An alternative is to explore the development of a standalone standard taking a different approach from the risk-based approach in the current ISAs. This would likely require the development of a supporting framework, including relevant criteria, with the objective that the engagement would result in the same assurance as an audit opinion. Such an approach could, for example, be more substantive in nature.
Developing Guidance for Auditors of LCEs or Other Related Actions
An option could also be the development of guidance and other support material specifically for audits of LCEs that is outside of the ISAs (i.e., not application or other explanatory material within the ISAs), so the nature of such material would be non-authoritative. This may include:
- A comprehensive guide about how to apply the ISAs in circumstances where the nature and circumstances of the entity being audited are less complex. This could involve collaboration with IFAC to enhance its Guide to Using ISAs in Audits of SMEs.
- An International Auditing Practice Note (IAPN) for Audits of LCEs―IAPNs do not impose additional requirements on auditors beyond those required by the ISAs, nor do they change the auditor’s responsibility to comply with all of the ISAs relevant to the audit being undertaken.
- Guidance for the application of specific areas within the ISAs, or particular ISAs specifically for challenges identified related to audits of LCEs―for example, a guide specifically targeted at risk identification and assessment.
- Focused “implementation packs” for new and revised ISAs specifically for audits of LCEs―including slide presentations, webinars and focused guidance about how to implement the revised or new ISA, to educate and assist once new or revised standards are published.
We Need to Hear from You!
The Board would like to understand stakeholders’ views about each of the possible actions, including what should be pursued as a priority and the implications or consequences if the possible action(s) were undertaken. There may also be other actions that should be considered.
Your input will help the Board to develop a clear direction for its future work in this area and to appropriately scope any future projects related to these matters.
The IAASB have organized a series of webinars during the comment period to take participants through key aspects of the DP:
- English - Monday July 22, 7:00am – 8:00am EST. Click to register.
- French – Tuesday July 23, 8:00 – 9:00am EST. Click to register.
- Spanish – Wednesday July 24, 9:00 – 10:00 EST. Click to register.
In addition, IFAC has launched an Audits of Less Complex Entities Survey (available in English, Spanish and French) aimed at stakeholders who are not intending to respond to the DP.