What does the reform consist of?

On December 17, 2013, the European Parliament and the Member States reached a preliminary agreement on the proposal for a Directive amending the statutory audit Directive (Directive 2006/43/EC) and the proposal for a Regulation (Regulation) on specific requirements relating to the audit of public-interest entities. The compromise agreement approved by the Member States at the COREPER meeting on December 18, 2013, was adopted by the European Parliament's Committee on Legal Affairs on January 21, 2014.

Both compromise texts were adopted by the European Parliament in a plenary vote in Brussels on April 3, 2014, and approved by the Member States in the Council on April 14, 2014. Co-legislators officially signed the texts on April 16, closing the legislative process. The publication of the amended Directive and the new Regulation on statutory audit in the EU Official Journal (OJ L 158) took place on May 27, 2014. Both texts entered into force on June 16, 2014, 20 days after their publication in the Official Journal.

History

Why is a statutory audit important?

Why is statutory auditing important? The role of statutory auditors is to certify companies' financial statements, thereby providing interested parties such as investors and shareholders with an opinion on the accuracy of the company's accounts. A broad community of individuals and institutions relies on the quality of statutory audits. For this reason, by improving the integrity and efficiency of financial statements, statutory audits contribute to the orderly functioning of markets. Thus, statutory auditors fulfill an important societal role. Its importance is reflected in the legal requirement that certain companies undergo a statutory audit. Furthermore, only approved auditors may carry out these audits.

What are the existing EU rules on statutory audit?

At the EU level, statutory audit is currently regulated by the Statutory Audit Directive (2006/43/EC). The Directive, which sets out the duties of statutory auditors and audit firms, includes a requirement for the public oversight of the audit profession and for cooperation among regulatory authorities in the EU. In addition, certain EU-level legal texts impose the requirement for a statutory audit, notably the Accounting Directive 2013/34/EU and the Transparency Directive 2004/109/EC and the Solvency II Directive 2009/138/EC. The first group of legal instruments requires certain types of legal entities (depending on their legal form) to have their accounts audited. The second group of legal instruments addresses entities of public interest depending on their activity: i.e., financial institutions or listed companies.

Why are the rules governing legal audits being reformed?

The new rules address a number of deficiencies observed in the audit market:

The competent authorities of the Member States have noted deficiencies, and in some cases anomalies, in the audit reports.
Investors have raised doubts about the credibility and reliability of the audited financial statements of banks, other financial institutions, and listed companies, as evidenced by the economic and financial crisis. This has seriously weakened investors' confidence in auditors' reports.
An excessive familiarity between the management of a company and its audit firm, the risks of conflicts of interest, and the threats to the independence of statutory auditors that may challenge their ability to exercise full professional skepticism.
Lack of choice in auditing firms stems from the high concentration of the audit market among the largest firms.
A systemic risk due to the fact that the audit market is effectively dominated by the four largest firm networks.

What are the main objectives of the legal audit reform?

The reform aims to improve audit quality and restore investor confidence in financial information, an essential component for future investments and economic growth. The main objectives of the reform are: 1. To further clarify the role of the statutory auditor (authorized public accountant); 2. To strengthen the independence and professional skepticism of the authorized public accountant; 3. To facilitate the provision of cross-border statutory audit services in the EU; 4. To contribute to a more dynamic audit market in the EU; 5. To improve the oversight of statutory auditors and to coordinate audit oversight by competent authorities in the EU.

Definitions, scope, and entry into force

What is an entity of public interest (EPI)?

The definition of EIPs includes listed companies, credit institutions, and insurance companies. In addition, Member States may designate other undertakings or entities as EIPs that are of significant public importance by reason of their business nature, size, or number of employees.

The definition of entities of public interest (EPIs) is the same as the definition given to this term in the Accounting Directive (2013/34/EU).

What are the key elements of the reform?

The new legal framework is based on two legislative instruments: a Directive amending the existing statutory audit Directive and a new Regulation on specific requirements relating to the audit of public-interest entities. The new rules follow an extensive consultation process that began with the Commission's Green Paper on audit policy in October 2010 (see IP/10/1325), and which resulted in the Commission's presentation of two proposals in November 2011 (see IP/11/1480).

The reform is supported by two pillars, which include both horizontal measures and specific measures. The following horizontal measures apply to all statutory auditors and audit firms, regardless of whether the audited entity is a public interest entity or not:

Establishing stronger independence requirements, as reflected in improved organizational requirements for statutory auditors and audit firms;
Making the auditor's report more informative for investors by providing them with important information about the audited company beyond a simple standardized opinion on the financial statements.;
Strengthening the competencies and role of the competent authorities responsible for the public oversight of the auditing profession.;
Establishing a more effective sanctions/penalties regime by harmonizing the types and addressing the sanctions, such as the criteria that competent authorities should consider when applying sanctions.;
Granting the European Commission the authority to adopt the International Auditing Standards (IAS) at the EU level.

In addition, the following stricter requirements apply to the legal audits of EIPs:

The introduction of mandatory rotation every 10 years for statutory auditors and audit firms;
Defining a list of non-audit services that cannot be provided by statutory auditors or audit firms to the audited entity.;
Placing limits on the fees charged for non-audit services;
Strengthening the role and competencies of the audit committee by requiring improvements to its composition and by giving it a significant direct role in appointing the authorized public accountant or audit firm, as well as in monitoring the audit.;
Strengthening the requirements for the audit report and including an addendum for a more detailed report to the audit committee, which shall contain full information regarding audit performance.;
Establishing a dialogue between the statutory auditor or audit firm of an EIP on the one hand and the supervisors of that EIP on the other. Which types of audits are covered?

Which types of audits are covered?

The new framework covers all statutory audits required by EU legislation. In addition, the new framework also covers audits of small enterprises and voluntary audits carried out by small enterprises when national legislation considers them to fall within the scope of statutory audits. The framework contains specific requirements regarding the audit of EIPs. However, Member States have the option to exempt cooperatives and savings banks from these specific requirements.

Why are there stricter requirements for auditing public interest entities (PIE)?

The requirements governing the audit of public interest entities are stricter due to the potential negative consequences of anomalies for shareholders, investors, and society at large, which are typically greater compared to other types of enterprises. The potential costs of the specific rules in question are offset by the benefits of avoiding audit problems in these public interest entities.

When will the new rules take effect?

The Directive entered into force 20 days after its publication in the Official Journal of the European Union (see OJ L 158), and Member States have two years to adopt and publish the necessary provisions to comply with the revised regulatory framework. The Regulation also entered into force 20 days after publication in the Official Journal (see OJ L 158), and will apply within two years. This will ensure that, from the time the Regulation comes into force, each Member State will implement the necessary provisions to comply with the Directive. As a result, both texts are expected to be applied two years after their publication.

However, certain specific provisions will become applicable later. For example, rotation periods are subject to separate, calibrated transition periods. Similarly, the prohibition on “Big Four only” contractual provisions will apply three years after this regulation takes effect.

What will change: the main measures

I. Improved information for investors

Why are new rules being established for the audit report?

The primary objective of the reform is to enhance the quality of statutory audits. This means both increasing the independence of statutory auditors and providing investors and shareholders of the audited entities with better and more detailed information through the audit report.

The new rules will increase the informative value of the audit report – which is an essential tool from the investors' perspective. The provisions addressing the content of the audit report are set out both in the Directive and in the Regulation, as reforms that differentiate audit reports for public-interest entities and public-interest entities and that impose additional requirements on the former.

For example, in the case of the audit of an EIP, the Regulation sets out the requirement for statutory auditors auditing EIPs to report on the principal risk areas of material anomalies in the annual or consolidated financial statements.

In addition, statutory auditors must explain to what extent a statutory audit is considered capable of detecting irregularities, including fraud. By enhancing the information that the statutory auditor or audit firm provides to the audited entity, whether it is an EIP or not, the reform aims to help narrow the “expectation gap.” that often exists between the perceptions of what auditors should deliver and what they are required to deliver.

What is the purpose of the supplementary report to the audit committee?

Additional report for the audit committee, which should be prepared only when EIPs are audited, It is intended to further enhance audit quality and prevent any gaps by improving communication between the statutory auditor or audit firm on the one hand and the entity's audit committee on the other.

The supplementary report will provide audited EIPs with more detailed information on the results of the legal audit, including, for example, information on the methodology used, on any significant deficiencies identified in the internal control system, on the assessment methods applied, etc.

In principle, the additional report is not public; however, Member States may allow the audit committee to provide information on this additional report if their national law so provides.

Why should the role of the audit committee be strengthened?

The Statutory Audit Directive (2006/43/EC) introduced the requirement that public-interest entities have an audit committee. As part of an effective internal control system, audit committees help minimize financial, operational, and compliance risks. They also play a crucial role in contributing to high-quality statutory audits.

The new rules strengthen the role of the audit committee, both in terms of its composition (the majority of members must be independent, and the committee as a whole will now have significant expertise in the sector in which the audited entity operates), as well as in terms of its competencies.

For example, the audit committee will play a direct role in appointing the authorized public accountant or the audit firm. It will also monitor the statutory audit, as well as the performance and independence of the authorized public accountant.

Does the reform directly strengthen shareholders' role vis-à-vis auditors?

The new rules allow 51% of shareholders to initiate actions to dismiss the statutory auditor or the company's audit firm. This will give shareholders a direct tool to address potential concerns regarding the quality of the statutory audit, regardless of whether the audited entity is an EIP or not.

In addition, regarding the selection by an EIP of a statutory auditor or an audit firm, shareholders will be provided with information on the basis on which the statutory auditor or audit firm was recommended and preferred by the audit committee, the reasons why this choice was made, also referring to the tender documents that define transparent and non-discriminatory selection criteria. This will allow shareholders to make a more informed decision when selecting the legal auditors or audit firms of the EIPs.

II. Legal Audit of EIPs: Mandatory Rotation of Legal Auditors

Why should EIPs change their statutory auditors or audit firms?

There are obvious risks for EIPs when they continue with the same auditors or audit firms for 50 or 100 years, as is the case today. Such a long-term professional relationship can impede the independence of the authorized public accountant and negatively affect his professional skepticism. Rotating the lead audit partner within an audit firm is insufficient because the audit firm's primary focus remains on retaining the client.

A new partner will be under pressure to retain a client for a long time. The mandatory rotation of the audit firm will help reduce excessive familiarity between the certified public accountant and his clients, limiting the risks of maintaining repeated inaccuracies, and to encourage fresh judgment, thereby strengthening the conditions for genuine professional skepticism.

In this way, mandatory rotation will contribute to improving audit quality.To facilitate a smooth transition of the new auditor or the new statutory audit firm, the new rules require the previous auditor to transfer and deliver a file containing the relevant information to the successor statutory auditor.

When should EIPs change their statutory auditors or audit firms?

After the new rules take effect, EIPs will be required to change their statutory auditors or audit firms at most every 10 years. The duration of the audit engagement will be calculated from the date of the first financial year specified in the audit engagement letter. However, Member States may set shorter rotation periods (e.g., a maximum of seven or eight years).

In addition, Member States may allow EIPs to extend the audit engagement: i) by an additional 10 years through tender; or ii) by an additional 14 years in the case of joint audits.

What is a joint audit?

"Joint audit" is the term typically used to refer to the appointment of more than one statutory auditor or audit firm by the EIPs. The appointed auditors submit a joint audit report for the audited entity and bear full responsibility for the audit.

III. Audit of EIPs: Suspension of certain non-audit services for audit clients of the EIP audit

Why is the provision of certain non-audit services to EIP audit clients prohibited?

The objective of the reform is to ensure that statutory auditors and audit firms are independent in carrying out their primary role, which is also their societal role: statutory audit. When EIPs are audited, providing certain services other than audit services (non-audit services) creates an undeniable threat to their independence and can significantly increase the risk of conflicts of interest for statutory auditors and audit firms.

Consequently, The Regulation provides a list of non-audit services that statutory auditors and audit firms must not perform for the entity under audit, for its parent company, and for entities it controls within the group (the so-called ‘black list’), in order to avoid situations where the independence of statutory auditors or audit firms could be compromised.

Examples of services covered by the “blacklist” are:

• Specific tax, consulting, and advisory services to the audited entity;

• Services that play a role in the management or decision-making of the audited entity;

• Services related to the financing, capital structure and its allocation, and the investment strategy of the audited entity.

Member States may choose to deviate from the list of prohibited non-audit services to provide certain tax and valuation services when these services are immaterial or do not have a direct effect, individually or in aggregate, on the audited financial statements. Member States also have the option to prohibit additional non-audit services beyond those included in the “blacklist.”.

Will auditors have the opportunity to provide non-audit services to EIPs?

In addition to the non-audit services listed in the Regulation, and where Member States have not adopted stricter provisions, statutory auditors and audit firms may provide other services that differ from auditing for the entities they audit. In addition, statutory auditors and audit firms will continue to be able to provide all types of non-audit services to entities they do not audit.

IV. Structure of fees collected by EIPs

Why has a cap been placed on fees for non-audit services for EIPs?

Establishing a cap on fees for non-audit services for EIPs will strengthen the independence of statutory auditors and audit firms vis-à-vis their clients.

The Regulation provides that when a statutory auditor or an audit firm has provided non-audit services to the audited EIPs for a period of three or more consecutive financial years, in aggregate, the fees for these services will be limited to a maximum of 70% of the average fees paid over the last three consecutive financial years for the legal audits of the audited entity and, where applicable, of its parent undertaking, of the undertakings it controls, and of the consolidated financial statements of that group of undertakings.

All calculations for the limit must be made at the group level – i.e., they must take into account not only the audited entity but also, where applicable, its parent undertaking, its controlled undertakings, and the consolidated financial statements of that group of undertakings.

Is there any limit on the total fees—including audit and non-audit services—that statutory auditors or audit firms may receive from an EIP they audit?

There is no set limit on the amount of fees or honoraria that a statutory auditor or audit firm may charge an EIP they audit. However, there is a percentage cap designed to prevent the statutory auditor or audit firm from becoming overly dependent on the audited EIP.

Thus, when the total fees received – for both audit and non-audit services – from the statutory auditor or an audit firm from a single EIP in each of the last three consecutive years exceeds 151% of the total fees received by that statutory auditor or audit firm, this fact must be explained to the audit committee. In such a case, the audit committee should consider referring the audit engagement to a quality control review. If the fees received continue to exceed 15%, the audit committee should consider whether the audit engagement should be retained; and if so, the audit engagement may be retained, but for a period not to exceed two years.

V. A more dynamic EU audit market V.

Will it be easier for auditing firms to move within the EU?

The amended Directive encourages the development of a level playing field for audit firms at the EU level in order to foster more dynamic markets and open up the audit markets. It creates a “European passport” for audit firms to facilitate cross-border mobility within the EU and to strengthen the single market for auditing.

How will the new rules affect Small and Medium-sized Entities (SMEs)?

The audit reform does not impose any new burden on small and medium-sized enterprises that do not qualify as EIPs. This is in line with the conclusions set forth in the Small Business Act, adopted in June 2008 and revised in February 2011.

In addition, in accordance with the new Accounting Directive (2013/34/EU), at the EU level, there is no requirement for small undertakings that are not public-interest entities to have an audit, unless Member States deem it necessary and establish specific requirements for certain small undertakings.

According to the amended statutory audit Directive, when a Member State requires a statutory audit for small undertakings, it has the option to lay down simplified requirements to reduce the administrative burden on the auditor in respect of certain obligations, such as the internal organization of statutory auditors and audit firms, the documentation of client information, and audit files.

When a small and medium-sized enterprise qualifies as an EIP, the special requirements governing EIP audits will apply to it. However, the audit reform, taking their specificities into account, provides a proportional approach for small and medium-sized enterprises that qualify as EIPs.

Will the new rules promote market diversity?

Mid-tier audit firms (i.e., those that are not members of the larger networks) will benefit from the reform as new market opportunities emerge. Mandatory rotation, together with incentives for joint auditing and tendering, as well as the prohibition of certain non-audit services for audit clients – effectively require that another audit firm provide these services – are examples of measures that should make the market more dynamic and ultimately less concentrated.

In addition, tools have been strengthened to monitor the concentration of the audit market at the EU level. The European Competition Network (ECN), a network bringing together the European Commission and the national competition authorities of the Member States, will play a role in monitoring changes in the structure of the audit market. However, the ECN will not replace the competent authorities in the field of auditing.

What about the third-party clauses that limit the selection of auditors?

The audit market is characterized by a high degree of concentration at the top end of the market, especially in the field of statutory auditing of large enterprises, where only a small number of audit firms operate. In some cases, the choice of an audit firm is further restricted by so-called “Big 4 only” clauses that third parties such as banks or insurance companies impose on large enterprises. To encourage further choice, these restrictive contractual provisions are now prohibited, regardless of whether the enterprise is an EIP or not.

VI. Promoting Convergence and Cooperation

Why should the International Auditing Standards (IAS) be adopted at the EU level, and when will they become mandatory for Member States?

Both the amended Directive and the Regulation grant the European Commission the authority to adopt the SNA through delegated acts. Although the SNA are already in force in some Member States, their adoption at the EU level will promote a level playing field and prevent any potential fragmentation. National standards, procedures, or requirements in force in the Member States shall remain in force as long as the Commission has not adopted the International Auditing Standards covering the same area.

Are there any significant changes regarding cooperation with third countries?

The framework of existing requirements for issuing the Commission's decision on the equivalence and adequacy of third countries remains largely unchanged. Some minor changes have been made, particularly to emphasize the need to ensure the protection of trade interests in the field of information exchange.

VII. Improving oversight at the national and European level

What are the main changes in the organization of the public audit oversight system?

According to the amended Directive and the Regulation, each Member State must designate a single competent authority to have ultimate responsibility for the public audit oversight system. This does not prevent Member States from providing for the possibility of the competent authorities to delegate some of the tasks assigned to them, provided that they retain ultimate responsibility for the performance of those tasks. In addition, the powers and competencies of the competent authorities have been expanded, including investigative and sanctioning powers to detect, deter, and prevent breaches of the provisions of the Directive and the Regulation.

Why is the sanctions regime being strengthened? Why is the sanctions regime being strengthened?

A sanctions system is the key to ensuring that the rules are respected and that statutory auditors and audit firms will be held accountable, whether they are auditors of EIPs or not. Given that many audit firms are part of international networks and that the entities under audit are also often part of an international group, establishing a minimum basis with respect to sanctions is an important step to ensure the necessary convergence between the different regulatory frameworks.

The new rules require Member States to establish appropriate administrative penalties and measures that may be applied for breaches of EU audit legislation. To this end, the Directive requires Member States to set common minimum standards for:

• Types and addressing of sanctions;

• The criteria to be taken into account by the competent authorities when applying sanctions;

• Publication of sanctions;

• Mechanisms to encourage the reporting of possible violations.

All of these provisions do not affect the provisions of the criminal codes enforced by the respective countries.

How will cooperation between national supervisory authorities be improved?

Audit oversight will continue to be carried out at the national level. However, cooperation and coordination will be carried out at the European level by a committee of national audit oversight bodies (CEAOB), a group of experts that will assume the tasks of the existing European Group of Audit Oversight Bodies (EGAOB). Its primary task will be to ensure the effective coordination of the oversight of audit firms operating across the EU. A special role is being given to the European Securities and Markets Authority (ESMA) regarding cooperation between Member States and third countries in the field of public oversight of IPEs.

Why is the European Securities and Markets Authority (ESMA) given a special role in international relations?

ESMA is an independent EU authority that contributes to consolidating the EU's financial stability and to strengthening investor protection through enhanced supervision. As part of its mandate, ESMA strengthens international supervisory cooperation. The role assigned to ESMA within the CEAOB is intended to promote international cooperation between Member States and third countries regarding public audit oversight systems.

Is there any measure to specifically contribute to global financial stability?

The reform aims to improve the quality of statutory audit in general, across all segments of the economy. With regard to financial stability in particular, the Regulation requires that a dialogue be established between statutory auditors and the European Systemic Risk Board (ESRB). The ESRB monitors systemic risk in the European Union. In carrying out this task, it can draw on statutory auditors and audit firms of systemically important financial institutions, who provide it with their expertise on financial information.

Source: IEKA – Periodic Journal – Accounting, Finance and Auditing No. 36, June 2014