With financial year-ends approaching, company directors will soon be presenting annual reports of the company they manage on behalf of their shareholders. Many readers of financial statements go straight to the numbers to analyse the financial performance, but I want to bring attention to another important aspect of the annual report, the Directors’ Report.
I say important, but the representations made within the Directors’ Report are in fact crucial as they detail the state of the company and its compliance with a set of financial, accounting and corporate social responsibility standards.
Yet, history is littered with scandals caused by manipulation of financial statements by the auditors and directors at the expense of shareholders and sometimes the tax payer. In the majority of cases, the auditors’ independence has been called into question. In some cases this resulted in criminal law suits and jail time for those involved (Enron et al). The typical industry response is to increase regulation. Some of the standards that were passed as a result of accounting scandals include the Corp Act 2001, The Sarbanes-Oxley Act (SOX) and APES 110 Code of Ethics. A common Directors’ Report might include a statement similar to the one below:
‘…the non-audit services provided do not undermine the general principles relating to auditor independence as set out in APES 110 Code of Ethics for Professional Accountants, as they did not involve reviewing or auditing the auditor’s own work, acting in a management or decision making capacity for the Company, acting as an advocate for the Company or jointly sharing risks and rewards.’
The nature of APES 110 being principle based, opens the door to subjective interpretation. Auditor independence is covered in detail as is the provision of non-assurance services to audit clients. An audit team must exercise significant judgement before undertaking a particular non-assurance service to determine whether it causes a threat to their independence ‘…If a threat is created that cannot be reduced to an acceptable level by the application of safeguards, the non-assurance service shall not be provided.’
Management needs to ask themselves whether they allow the audit firm to perform non-audit services like advising (acting in a management capacity) on risk management policy or hedge accounting treatment, or worse, performing duties such as preparing journals, mark-to-market valuations or modelling. If so, are there controls in place to mitigate the risk that the auditors are performing a self-review process? Are management reviewing the non-assurance work?
A popular approach used by accountants to reduce the threat of creating a self-review scenario is the use of ‘Chinese walls’ within the same organisation, or to use another firm within the same network of firms. For those who are not familiar with the term, it’s basically an information barrier within an organization that is erected to prevent exchanges or communication that could lead to conflicts of interest. Unfortunately after too many scandals, e.g. Worldcom scandal where the audit firm Arthur Andersen was posting journals to manipulate profits, the US now requires entities (those listed in the US or debt securities listed in US) to comply with SOX. It’s pretty clear, SOX simply restricts auditing companies from providing non-audit services, e.g. consulting, to the same clients. However, in other jurisdictions including Australia, non-audit services may still be performed by the same firm who audits the financial statements.
To help navigate the murky waters between audit and non-audit services, directors need to ensure they can review and confirm the non-audit work that is done. However, due to the complexity of some of the work involved, detailed training and knowledge are required. A simple briefing session to the directors will not suffice. Therefore, company directors can distance themselves from the above scenario by using a truly independent consultant for non-audit services. Furthermore, shareholders should, as it is in their best interest, demand that this is the case.