The risk of long association

 

The current IAASA Ethical Standard 2020 came into effect on the 15th July 2021.
 
Per section 3.1, there is a requirement to consider if partners or staff in senior positions have a long association issue or extensive and/or regular involvement with an entity relevant to the engagement.
 
In particular, per section 3.5, where an engagement partner has held this role for a continuous period of ten years, careful consideration should be given as to whether it is probable that an objective, reasonable and informed third party would conclude the integrity, objectivity or independence of the firm or covered persons are compromised.
 
Where that individual is not rotated after ten years, it is important that:
(a) safeguards are applied; and
(b) the reasoning as to why the individual continues to participate in the engagement is documented, and the facts are communicated to those charged with governance of the entity.
 
In responding to the risk of long association for a sole-practitioner / sole statutory auditor in a multi-partner firm where there is only one statutory auditor, we would encourage the firm to consider all safeguards within section 3.4 of the Ethical Standard;
 
· appointing a partner who has no previous involvement with the entity as the engagement partner;
· removing (‘rotating’) the partners and the other senior members of the engagement team after a pre-determined number of years;
· involving an additional partner, who is not and has not recently been a member of the engagement team, to review the work done by the partners and the other senior members of the engagement team and to advise as necessary or
· arranging an engagement quality control review of the engagement in question.
 
However, the firm may also consider a consultation and review process if this is adequately considered and documented on files. 
 
A consultation and review process is a detailed discussion with another statutory auditor on the possibility that an independent third party might question an auditor’s independence and objectivity because of the long association risk.
 
In documenting a consultation and review process on files, the following should be detailed on files;
  • Details of what was discussed with the independent auditor;
  • Who the auditor was;
  • When the discussion occurred;
  • Issues raised;
  • Conclusions reached; and
  • Any other detail the auditor considers appropriate to include. For example, where independence issues are believed to exist by the independent statutory auditor, what safeguards per section 3.4 has the statutory auditor adopted.
 
Where such a memo on file is boiler plate or generic, these would be deemed not sufficient. Similarly, in the absence of a memo and a high-level conclusion paragraph is included on file only, this would also be deemed insufficient.