Improving the auditor's report on client assets

Comments from ACCA to the Financial Services Authority (FSA), December 2010.

ACCA is pleased to respond to the Consultation Paper Improving the auditor’s report on client assets issued by the Financial Services Authority (FSA). Our response is structured as answers to the twelve questions in the Paper. We welcome the FSA’s recent client asset related initiatives and we were pleased to participate in the external advisory group (referred to in paragraphs 1.23 to 1.26 of the Paper).

We responded to the earlier Discussion Paper Enhancing the Auditor’s Contribution to Prudential Regulation issued by the FSA and the Financial Reporting Council. In that response we dealt at length with the importance of professional scepticism. In our view, improvement in the exercise of professional scepticism, coupled with a renewed commitment to professional competence and due care are essential for auditors to address the material failings and weaknesses identified by the FSA that are reported in the above Papers. The current proposals for Handbook amendments will assist in this as it is important to all stakeholders that auditors have clear requirements with which to comply.

We are concerned, however, to ensure that the applicability of auditing (and other engagement) standards and related quality control and ethical requirements are clear. We believe that it is important for the FSA to continue to work closely with the Auditing Practices Board (APB) to resolve potential technical difficulties at a time when standards relating to limited assurance are in transition. Practice Note 21The audit of investment businesses in the United Kingdom (Revised) (PN 21) has done much to inform auditors and it is important that the revision of such guidance is done in step with changes to the Handbook. This would be an opportunity for the APB to utilise in particular the practical experience of the audit firms that participated in the FSA external advisory group.

Q1. Do you agree that we should stipulate the requirements for a reasonable assurance report where a firm is holding client money and/or assets and a limited assurance report where a firm claims not to hold client money and/or assets? If not, why not?

We agree with the suggested division of engagements as that reflects the relative risk relating to the client money and/or assets. However, no attention is paid to the absolute size of the firms and it may be that there is also scope to extend reasonable assurance to claims not to hold client money and/or assets where a firm is particularly large or extend limited assurance to holding client money where a firm is relatively small.

Currently there is little in the way of standards/guidance for limited assurance engagements on the subject matter concerned. Such material will need to be developed so that assurance is limited to the ‘level’ suited to the objectives of the engagement and that reporting acknowledges the difference between a conclusion (for a limited assurance engagement) and an opinion.

Q2. Do you agree that we should set out in guidance that we expect the auditor’s report on client assets to comply with applicable auditing standards and guidance promulgated by the relevant auditing standard setting bodies, specifically the APB? If not, why not?

We agree that compliance with high quality recognised standards is appropriate.

Q3. Do you agree with the proposals for our rules to stipulate the template to be used for the format of the auditor’s opinion? Do you foresee any difficulties auditors may face in using the proposed template provided in Annex 3?

We do not agree that the rules should stipulate the wording to be used as a template for the auditor’s opinion (or in the case of a limited assurance engagement, the auditor’s conclusion). The rules should merely set out what the report should address.

The proposed template, because it is concerned with detail, is open to criticism both through the way that detail is settled and the lack of flexibility which is vital to ensuring that reporting meets the needs of the individual circumstances.

Q4. Do you agree with proposals to require the auditor’s opinion to be signed by the individual with primary responsibility for the report within the audit firm? 

This is in keeping with the signing of company audit reports in the name of the senior statutory auditor and is appropriate.

Q5. Do you agree that auditors should complete a separate schedule listing the breaches of CASS identified in the firm during the period subject to the auditor’s report? Do you foresee any difficulties the auditors may face using the proposed template provided in Annex 4?

Ordinarily, the regulator should look to the firm itself to report breaches of CASS. However, so long as there is appropriate recognition of the inherent limitations of reporting by the auditors of matters that come to their attention, we believe that such reporting in the form proposed in the template in Annex 4 would be appropriate.

Q6. Do you agree that firms should set out their comments on actions taken (if any) and/or mitigating factors associated with the breach the auditor has cited? Do you foresee any difficulties in the firm providing their comments in the proposed template provided in Annex 4?

Reporting in the form proposed in the template in Annex 4 would be appropriate.

Q7. Do you agree that we should require the firm’s governing body to consider the findings of the auditor’s report on client assets?

We agree that ordinarily this would be appropriate. Reporting to those charged with governance is required by auditing standards and should be required for all engagements where such reporting would facilitate improved corporate governance.

We note that currently only ‘the firm’ (not the governing body) is required to use the client assets report as a tool to evaluate the effectiveness of the systems in place, and for the client assets report to be integrated into the firm's risk management framework and decision-making (SUP 3.11.3R).

Q8. Do you agree with the proposal to reintroduce Mandates (CASS 8) within the scope of the auditor’s report on client assets?

The reintroduction of Mandates (CASS 8) within the scope of the auditor’s report on client assets would be appropriate if the FSA judges that to be a reasonable and proportionate reaction to the associated risk. There could be circumstances where Mandates exist but the firm is outside the scope of the auditor’s report on client assets. Separate requirements would need to be introduced for consistency if the risk was considered also to be such as to require that. Conversely, Mandates may exist in entities not within the scope of regulation and the question arises whether a level playing field is more in the public interest in such circumstances.

Q9. Do you agree with our proposals to simplify our existing rules, contained within SUP 3.1, that stipulate the firms that are subject to the auditor’s report on client assets?

We agree with proposals for simplification. There are several circumstances where the current rules are in need of clarification.

Q10. Do you agree with our proposals to replace the existing guidance with a rule requiring auditors to deliver reports on client assets within four months from the end of the period covered?

Yes; such a timetable is appropriate. In drafting the related rules it will be necessary to ensure that there is no ambiguity over the interpretation of the precise period and hence the exact obligation.

Q11. Do you agree with our proposals to have the new requirements in place for the auditor’s reports for the period ending 30 June 2011 and onwards?

While larger auditors will have the technical resources to make changes quickly, the FSA may need to consult further with other auditors on this specific point.

Earlier in this response we suggested that PN 21 should be revised in step with changes to the Handbook. A later commencement date for the Handbook changes may be necessary to allow time for the APB to expose proposed changes to PN 21 as part of its due process.

Q12. What are your views on the benefits and costs of the proposed policy measures?

We do not comment on this, as auditors and firms are better placed to assess such matters.