Ethics in the AAA exam

Ethical standards and their application form a significant part of the Advanced Audit and Assurance (AAA) syllabus and are examined regularly.

Approaching AAA

It is vital that candidates have a solid and thorough understanding of the ethical standards examined previously in Audit and Assurance. At AAA, it is the application of the content of those standards that is important. These include the IESBA International Code of Ethics for Professional Accountants (the Code) and the ACCA Code of Ethics and Conduct (refer to the examinable documents link in the Related Links box for full details).

UK/IRL/SGP exams: UK exam candidates will be examined on the Financial Reporting Council’s Ethical Standard. IRL exam candidates will be tested on the IAASA’s Ethical Standard for Auditors (Ireland). SGP candidates should also refer to the ISCA Code of Professional Conduct and Ethics.

Candidate will be familiar with ACCA’s Code of Ethics from the Audit and Assurance (AA) exam. This mirrors the IESBA’s Code with the five basic principles of integrity, objectivity, professional competence and due care, confidentiality, and professional behaviour.

These fundamental principles may be subject to areas of threat of self-review, self-interest, advocacy, familiarity, and intimidation.

UL/IRL exams: The FRC (Financial Reporting Council) Ethical Standard for the UK and the IAASA Ethical Standard for Auditors (Ireland) have an additional threat: Management threat to the overarching principles of integrity, objectivity and independence.

Stepping up from AA to AAA

Ensure a solid foundation of knowledge of the fundamental principles, threats to the principles and potential safeguards to these threats. Candidates at AAA will be expected to develop their understanding more than they did at AA, demonstrating their ability to apply their knowledge to the scenario and provide a depth of answer which addresses the fundamental principles, the threats, the implication of these threats and considering any possible safeguards or further actions to be taken.

Answering ethics questions at AAA

Read the scenario carefully, credit is awarded for appropriate application of the knowledge (referencing the scenario or specific issues from it, not just stating knowledge).

  1. Identify the ethical threat
  2. Evaluate and understand how it arises and the implication of the threat
  3. Apply the knowledge to the specific scenario to determine the safeguards or course of action required. When the professional accountant determines that appropriate safeguards are not available or cannot be applied to eliminate the threats or reduce them to an acceptable level, the professional accountant should consider whether to accept or continue with the engagement.

Worked example
There are further points in each case that could be developed and additional outcomes available within the ethical codes; however, they do represent a well-developed answer a candidate could use to attain the full marks available. 

Example 1
The audit committee of Mumbai Co has asked the partner to consider whether it would be possible for the audit team to perform a review of the company’s internal control system. A number of recent incidents have raised concerns amongst the management team that controls have deteriorated and that this has increased the risk of fraud, as well as inefficient commercial practices. The auditor’s report for the audit of the financial statements of Mumbai Co for the year ended 31 March 20X5 was signed a few weeks ago. Mumbai Co is a listed company.
Evaluate the ethical issues raised and any actions your firm should take in response to the client’s request.

(6 marks)

This is going to give rise to a self-review threat and may possibly lead to assuming a management responsibility.

This identification is the first step to answering the question, but these points alone will score minimal credit in the exam. Candidates should be aiming to demonstrate they understand how the issue has arisen and what the implication of that threat may be:

Providing a review of the company’s system and controls gives rise to a self-review threat as these controls will then be reviewed by the firm when determining our audit strategy. The firm may be reluctant to highlight errors or adopt a substantive approach during the audit as this may highlight deficiencies in the firm’s work on the additional service. (1 mark)

The design of systems and controls is a management responsibility so a review of such may give rise to a situation where the auditor is assuming a management responsibility by taking on the role of management. (1 mark)

Candidates should then apply the guidance to the scenario – evaluate the significance and suggest safeguards:

The code states that the threat to independence of undertaking management responsibilities for an audit client is so significant that there are no safeguards which could reduce the threat to an acceptable level. (1 mark)

From an exam technique point of view, candidates should be looking for depth of their answer. At this stage, it is not recommended to start speculating about relative fee size; focus on the information the examiner has provided in the scenario. Here, the company is flagged as being a listed company, so there will be further development available on this area. Candidates could consider how potential management responsibility issues may be overcome, using experience from their studies for AAA and past question practice. It is these points that may be used to attract further marks.

Management responsibility can be avoided if the client takes responsibility for monitoring the reports made and taking the decisions on recommendations.
(1 mark)

However, as this client is listed, we are prohibited from undertaking internal audit services which relate to a significant part of the controls over financial reporting. (1 mark)

An evaluation will require a conclusion demonstrating that the candidate can recommend a potential solution (a safeguard or declining the engagement).

As such we must decline the additional work. (1 mark)

In other circumstances, the safeguard of using separate teams to overcome self-review threats or considering the competence of the firm to provide this service would attain credit; however, in this case, the client is listed so these points are irrelevant here.

Note that, in the exam, minimal marks are awarded for simply listing self-review or management responsibility as they will need to be explained in the context of the scenario. As such, candidates should ensure to take the time to explain the threats rather than simply writing terms.


Candidates should ensure they have a solid understanding of the relevant ethical codes. The Examining Team are wanting to see how candidates demonstrate their application of knowledge to a scenario. This means that when preparing for this exam, a good grasp of the knowledge underpinning the syllabus is important but practising questions and developing the skills of applying that knowledge is key to passing. 

Written by a member of the AAA examining team