UK audit reform proposals have application elsewhere, suggests Sir Donald Brydon
Brydon Report author believes focus needs to be on restoring trust in capital markets globally.
This Future of Audit Series interview is proudly brought to you by ACCA.
“Where was the auditor?” This is the question that has been asked in the wake of corporate failures such as Carillion in the UK, Wirecard in Germany and Steinhoff in South Africa. It is also the question Sir Donald Brydon CBE sought to answer when he embarked upon a report to review the quality and effectiveness of audit in the United Kingdom.
Sir Donald says audit criticisms have been unchanging for the past 25 years or more. There’s a need to move beyond criticism to implementing reform measures. His 2019 report, The quality and effectiveness of audit: independent review, lays out various recommendations for reform, which may have application outside of the UK, in countries including South Africa.
In preparing the report, Sir Donald, chairman of Sage Group, received 120 submissions (including submissions from various international jurisdictions) and held more than 150 meetings with regulators, auditors, investors, companies, and professional services firms. Most of his recommendations have since been included in the UK Government’s consultation document regarding governance, regulatory and audit reform.
In June, Sir Donald spoke to Lwazi Bam, chief executive, Deloitte Africa, and Bonga Nyembe, managing partner, responsible business and public policy, Deloitte Africa, in a “fireside chat” focused on UK audit reform and the ripple effect internationally.
Audit not fulfilling its intended role
“The problem we were covering was companies going bust, without any significant warning,” Sir Donald explained. “Looking back at audit reports, we were finding nothing there, which was a clue to the probable outcome that came about subsequently. That said that the audit wasn't informing those who most needed the information, and who were indeed paying for it for that very purpose.”
He added that the knock-on effect is a sense of anxiety and disquiet about the running of companies, which causes an increasing cost of capital for everyone. “What we needed to do was to try to restore trust in the system as a whole,” he explained, adding that it’s important to understand that it’s not only auditors who are involved, but a complex ecosystem incorporating management, boards, regulators and governments, among others.
Audit is a universal concept, but not technically a profession
“I didn't set out to change the entire world. But it was clear to me that there are a series of principles underlying audit, which are really common everywhere,” Sir Donald said. “Some things are not precisely applicable in different jurisdictions, but the essence of audit is the same.”
He believes that stakeholders want audits to answer two fundamental questions: is the company being honestly run, and has it got a reasonable chance of still being around in five or 10 years’ time? Auditors are in a privileged position in terms of being able to access all the information they want to see to provide assurance on these points. “But I’ll give you a tiny example of where I think things have gone wrong. A number of auditor changes took place during the time of my review, and several of them said that the auditor had resigned for commercial reasons, and that was it,” he said.
No further information was given on the reason for the change in auditor, and the assumption might be that it was due to simple economics on the audit firm’s side. However, Sir Donald suggested, often this might not have been the case. An auditor might resign because of a lack of confidence in the management of the company being audited, or because the required information was not being made available. “If that’s the case, they should say so because that is really valuable information for all the stakeholders who are paying for the audit and the audit process,” Sir Donald said. “It's a very small example, but auditors should start with the mindset of informing.”
Bonga pointed out that there is no regulation preventing auditors from sharing this type of information, but it might be a case of not wanting to ruffle feathers. He asked Sir Donald how to overcome the “human constraint” that seems to impede transparency in the profession.
Sir Donald responded by saying he had been surprised in undertaking his review to discover that there is no such thing as an audit profession. “The phrase ‘audit profession’ is used everywhere. And people talk about themselves being members of the audit profession. What I actually found was what you had was members of the accountancy profession, some of whom had done some work with audit and become specialists as auditors within their accountancy firms. As a result, other than the very broad generic background to the profession of accounting, there was no precise set of principles or governance of the way auditors behave. One of the conclusions I reached was that, in addition to an accounting qualification, it would be sensible to have an auditing profession – properly established and properly monitored, with its own set of principles and rules.”
Establishing a profession, Sir Donald said, would have an additional benefit. Where reporting and assurance work would be required for variables other than just financial ones, the same framework of principles and behavioural constraints could be used. This would ensure that that work was done to the same quality standards as financial audits.
“I wanted to try to get across that it’s actually for the auditors themselves to lead this change,” Sir Donald said. “They should want to, because being under the pressure they have been under for the last few years is not healthy. We're seeing the rate shrink in terms of providers. It makes it harder to recruit the very brightest and best into auditing. A clear audit profession that had clear standards, clear principles, and began with this whole concept of ‘We're here to inform’ would mean that anybody behaving according to those standards would answer the question of why they resigned as an auditor in a way that was much more helpful.”
The subtleties of audit and the issue of fraud
Sir Donald said that regulation needs to be managed in such a way that the way standards and rules are met by an audit does not outweigh whether the end user has been fully and satisfactorily informed by the audit. “You’re dealing with quite subtle information. It's not always black and white, and it helps people to have a framework of guidance as to how they should behave to work out how to report on something sensitively.”
He believes the idea of “best practice” sometimes gets in the way of this. “I get really cross when I hear about best practice, because I think the practice for any one company is what is good for that company, at that moment, with these particular characters and these particular pressures. There isn’t a one-size-fits-all approach.”
If we become obsessed with best practice, we risk losing sight of the objective. This is apparent in the reasoning by some that fraud has nothing to do with the auditor.
“Fraud starts with the directors. My recommendation was that the directors should have an obligation to report on what actions they've taken to ensure, as far as they can, that there is no fraud in the company. And then the auditors will have an obligation to use all reasonable endeavours to satisfy themselves that the steps taken by the directors were appropriate, and appropriately reported upon, and then add to that information around what steps they've taken to satisfy themselves that there is no fraud in the company,” Sir Donald explained.
He noted it’s impossible to expect a zero-failure approach – there will be fraud that is too clever and too difficult to detect. “We have to all understand that. But what is possible, with hindsight, is to go back and say, ‘What actions did you take to attempt to ensure that there was no fraud in the reporting?’”
Sir Donald stressed that the audit committee has a critical role to play in ensuring trusted decision-making through the appointment of the auditor and in overseeing the Audit and assurance policy statement (setting out the scope of the audit). He added that it is the responsibility of shareholders – not the auditor – to hold directors accountable. However, the information provided by the auditor should ensure they are able to do so.