The FRC has set out in the consultation paper their aims in amending ISA 570, which in brief are as follows:
- Foster an appropriately independent and challenging mindset of the auditor
- Increase transparency, with greater insight into the audit process
- Enhance documentation of the auditor’s judgement
- Keep ISAs fit for purpose, with robust requirements
- Reinforce the need for robust communication and interactions between engagement partners, their teams and those charged with governance.
As we have mentioned in the article about the FRC’s recent position paper, other changes to ISAs and Ethical requirements will also be made as a result of recent events.
Having looked at the aims of the project, let’s now consider the main changes that have been proposed. These changes can primarily be considered under four headings:
- Evidence gathering
Much of the overall structure of the standard will still be familiar if the changes are implemented, but there are extensive additional sections enhancing all the areas listed above.
These have been enhanced to specifically state that the auditor will be gathering evidence to conclude on whether there is a material uncertainty relating to going concern. This is in addition to the current requirement to consider the appropriateness of the use of the going concern basis in the accounts.
Whilst you might feel that a requirement to consider whether there is a material uncertainty in relation to going concern is already implicit in the current ISA 570, the proposed new wording emphasises that this won’t be a by-product of other work but will require specific procedures to allow the auditor to conclude on whether there is a material uncertainty.
There is also further clarification of what is meant by a material uncertainty, as definitions have been inserted for this and for management bias, which is referred to in several of the required audit procedures.
Much of the planning work that an auditor does is directed by ISA 315, as part of the risk assessment procedures. The proposed new ISA 570 further enhances the areas that the auditor must consider in relation to risk assessment in respect of going concern, linking them to ISA 315.
On reading these extra steps (see para 10) you might reasonably conclude that the specified areas, such as considering the business model, strategies and related risks, would already have been performed under the current ISA. Indeed, this may well have been the case, but the point here is that the FRC have seen evidence of inadequate work on going concern, therefore they are making it clear what should be done.
As well as the more obvious steps, the auditor must establish how the entity’s management identifies events and conditions that might indicate a going concern problem and whether there is any management bias. For entities with poorly developed risk management systems this may well lead to challenges (and changes in systems) to ensure that they do have procedures to identify potential challenges to their going concern status.
The next stage of the changes involves the work that the auditor must carry out to gather sufficient appropriate audit evidence to allow an opinion to be formed. As with the planning section there are further required procedures which spell out the nature of the work needed. For instance, when considering management’s assessment of going concern: is the method appropriate; has it changed since the prior period; is it mathematically correct; is the underlying data correct; and are the assumptions supported? Again, these would already have been included in a robust audit of going concern under the current ISA, but as they are now laid out in paragraph 12 it is clearer that they are essential.
There is also a further requirement in paragraph 13 for the auditor to consider whether management’s assessment includes “all available information about the future”. This presumably seeks to ensure that if information is available about the future, but outside of the period being explicitly considered by management for their going concern assessment, the impact is still considered.
Occasionally management’s assessment of going concern does not cover a sufficiently long period of time (this remains at 12 months from the date of approval of the financial statements) or there is some other deficiency in the provision of information to the auditor. If this is the case the auditor shall not only consider the implications for their report, but also whether there is a significant deficiency in the internal controls of the entity.
The requirements for reporting by the auditor have also been enhanced. Given that the objectives have been altered to include specific consideration of a material uncertainty in relation to going concern it is no surprise that the reporting now covers this explicitly. The proposals in the ED require the auditor to include the following in their report where the use of the going concern basis is appropriate, under the heading "Conclusions relating to Going Concern":
- An explanation of how the auditor evaluated management’s assessment, including key observations with regard to that evaluation;
- A statement that the auditor has not identified a material uncertainty relating to going concern;
- A conclusion that the management’s use of the going concern basis is appropriate;
- A statement that the auditor has nothing to add or draw attention to in relation to statements about compliance with the UK Corporate Governance Code where this is relevant.
These considerably enhance the information that the auditor must provide in an unmodified report.
The requirements for reporting where the use of the going concern basis is inappropriate, or where there is a material uncertainty have not changed significantly for most companies. This means there will still be an adverse opinion if the going concern basis is used when inappropriate and the auditor will still draw attention to any material uncertainty relating to going concern.
It is clearly vital that good quality audit work is done on going concern, including whether a material uncertainty that may cast significant doubt on the entity's ability to continue as a going concern exists. The proposed standard sets out additional requirements throughout the ISA. We have looked in summary at those relating to the main parts of the audit, but there are numerous other changes proposed, including additional documentation requirements.
Although these changes are not planned to take effect until audits of periods commencing on or after 15 December 2019, many of the listed steps would already be regarded as best practice. This would be a good time to both consider the exposure draft itself and the way you and your teams currently carry out audit work on going concern, to ensure that you are adequately covering this critical audit area.