Ire.lu

Official Journal of the European Communities COMMISSION RECOMMENDATION
of 15 November 2000
on quality assurance for the statutory audit in the European Union: minimum requirements
(notified under document number C(2000) 3304) (Text with EEA relevance)
THE COMMISSION OF THE EUROPEAN COMMUNITIES, Having regard to the Treaty establishing the European Community, and in particular Article 211, second Council Directive 84/253/EEC, of 10 April 1984, based on Article 54(3)(g) of the EEC Treaty, on the approval of persons responsible for carrying out the statutory audits of accounting documents (1), lays down the requirements for persons who are allowed to carry out statutory audits.
Quality assurance for the statutory audit is fundamental for ensuring good audit quality. Good audit quality implies adding credibility to published financial information and adding value and protection to shareholders, investors, creditors and other stakeholders.
Quality assurance is the profession's principal means of assuring the public and regulators that auditors and audit firms are performing at a level that meets the established auditing standards and ethical rules. Quality assurance also allows the profession to encourage quality improvements.
Audit opinions throughout the European Union should give a certain minimum level of assurance concerning the reliability of financial information. It could therefore be argued that Member States should have already taken measures to ensure that all statutory auditors carrying out statutory audits are subject to a quality assurance system.
However, quality assurance in the European Union is a relatively new phenomenon which is reflected in the fact that several Member States have implemented it very recently and several other Member States did not have a quality assurance system as at 1 January 1999.
The current national quality assurance systems differ in several aspects such as the scope of the quality review, being mandatory or voluntary, the cycle of coverage and the existence of public reporting. Such differences make it difficult to assess whether national quality assurance systems At this moment there is no internationally accepted standard defining minimum requirements for quality assurance which could be used as a benchmark for national quality assurance systems.
The scope of this initiative on quality assurance is the EU statutory audit profession as a whole and it aims at setting a benchmark for Member State quality assurance systems throughout the European Official Journal of the European Communities The definition of minimum requirements can be complemented by other forms of external control on the statutory audit function that may be carried out by supervisory authorities, stock exchange regulators or other sector specific regulators with the objective of improving the quality of statutory Additional quality controls of the statutory audit are at the discretion of Member States.
The issue of quality assurance was addressed by the Commission's Green Paper on the role, position and liability of the statutory auditor in the European Union (1), which was supported by the Council, the Economic and Social Committee and the European Parliament.
Following on to the Commission's Communication ‘The statutory audit in the European Union, the way forward’ (2)the EU Committee on Auditing was established which has decided to put quality assurance as one of the priorities on its agenda and its discussions showed agreement that each Member State should have in place a system of quality assurance for statutory audit.
The abovementioned Communication clearly contains an intention to work on harmonising and improving quality on statutory audit preferably without preparing new legislation. It is therefore appropriate to issue a Commission recommendation. If this Recommendation does not bring about the desired harmonisation on quality assurance, the Commission will reconsider the need for legislation. To this effect, the Commission intends to review the situation three years after the The Commission has, following the conclusions of the Lisbon European Council, issued a communi- cation ‘The financial reporting strategy: the way forward’ (3)which underlines the importance of a statutory audit carried out to uniformly high levels across the European Union.
There is general agreement in the EU Committee on Auditing and in the Contact Committee on the Accounting Directives on the minimum requirements in this Recommendation, That quality assurance systems in the Member States of the European Union should meet the following 1. COVERAGE OF THE QUALITY ASSURANCE REGIME
Member States should take measures to ensure that all persons carrying out statutory audits
are subjected to a quality assurance system.
The term persons is related to the eighth Directive which defines rules on the approval of persons carrying out statutory audits (statutory auditors). Currently not every person in the European Union carrying out statutory audits is subject to a system of quality assurance.
2. METHODOLOGY
Both peer review and monitoring are acceptable methodologies for quality assurance.
There are essentially two different methodologies of quality assurance applied within the European Union: monitoring and peer review. Monitoring refers to a situation where staff employed by the professional body or regulator manages the quality assurance system and carries out the quality assurance reviews. Peer review refers to a situation where (active)members, ‘peers’, carry out review (3)COM(2000)359 final, 13 June 2000.
Official Journal of the European Communities Monitoring and peer review are considered as methodologies of equal stature. In either case, care should be taken to ensure both the quality of the reviewers and their objectivity. Adequate measures should be taken to ensure that reviewers have an up-to-date knowledge on auditing standards and quality control systems (see also point 9). This is in particular relevant where the monitoring Concerns regarding reviewers objectivity should be mitigated by a sufficient public supervision over the administration and functioning of the quality assurance system and the presentation of its results (see also points 6 and 10). This is of particular importance when the peer review methodology is used.
3. REVIEW COVERAGE AND SELECTION OF REVIEWEES
3.1. The subject for a quality review is the statutory auditor, which can be an audit firm or an
individual auditor (see point 1).
Some Member States require joint audits. In this situation the starting point for selection of the subject of quality review could be the individual statutory audit assignment instead of the statutory auditor but the subject of quality review remains the statutory auditor.
3.2. The selection of the statutory auditors for review should be made on a consistent basis so as
to ensure coverage of all statutory auditors over a predetermined period.
Provided that a full coverage of all statutory auditors is ensured over a predetermined period of time, the annual selection of statutory auditors for review could be made on a risk basis (for example based on the nature of the client portfolio, the turnover from auditing in relation to total turnover or the results of previous reviews), on a random basis or by a combination of these methods.
3.3. In the case of a multi-office audit firm the optimal unit size for a quality review is the office. A
quality assessment of a multi-office audit firm should always include an adequate coverage of
its offices.
Larger audit firms have firm wide control policies and procedures ensuring a certain degree of uniformity but individual offices might apply norms and standards differently. It is therefore consid- ered that offices are the most appropriate subject for quality assurance reviews.
3.4. The cycle to achieve full coverage of all statutory auditors should be a maximum of six years.
The current EU systems of quality assurance achieve full coverage in cycles varying from one year to 10 years. In accordance with the differentiation under point 5.1, the cycle of full coverage should be shortened for statutory auditors with ‘public interest entity’ clients.
Where a statutory auditor audits only small, low-risk entities it may be acceptable for the cycle of review to extend to a maximum of 10 years. In such cases it will be necessary to obtain regular information from the statutory auditor to confirm that the nature of his client portfolio has not 3.5. The cycle should be shortened for statutory auditors previously reviewed with less than
satisfactory results.
In situations where the outcome of the quality review was in general satisfactory but with some recommendations for improvement it could be more effective to follow up the implementation of the specific recommendations than to carry out a new comprehensive quality review.
Official Journal of the European Communities 4. SCOPE OF QUALITY REVIEW
4.1. Quality assurance relates to statutory audits of financial statements carried out by statutory
auditors in public practice. The scope of the quality review should include an assessment of
the internal quality control system of an audit firm with sufficient compliance testing of
procedures and audit files to verify its adequate functioning.
All Member States have already required audit firms to implement an internal quality control in line with the International Standard on Auditing 220 ‘Quality Control for Audit work’. In addition to the black-lettered paragraphs of ISA 220 it could be necessary to establish at Member State level more specific requirements on the internal quality control of statutory auditors underpinning the quality reviews. These additional requirements could be based on the quality control procedures as mentioned in point 6 of ISA 220, dealing with the objectives of internal quality control systems of audit firms.
4.2. The scope of quality review should include the following subjects for testing individual audit
— the quality of the evidence from the audit working papers as a basis for assessing the
quality of the audit work,
— compliance with auditing standards,
— compliance with ethical principles and rules, including independence rules,
— audit reports:
1. appropriate format and type of opinion;
2. compliance of financial statements with the financial reporting framework as referred to
in the audit report;
3. failure to mention non-compliance of financial statements with other legal requirements
as referred to in the audit report.
A statutory audit carried out in compliance with legal requirements, established auditing standards and respecting ethical rules is crucial to users of audited financial information because it ensures a certain level of credibility of audited financial statements. Specific requirements are laid down concerning the audit report because of its importance as the public product of a statutory audit. Compliance with a financial reporting framework is included to underline the instrumental role of the statutory audit for the enforcement of accounting standards.
5. DIFFERENTIATION IN METHODOLOGY
5.1. It is considered appropriate to differentiate between the approach of quality assurance for
statutory auditors with public interest entity clients and quality assurance for those with no
public interest entity clients. The differentiation relates to some systematic aspects of quality
assurance such as a higher frequency of coverage, increased public oversight on managing the
quality assurance, and the possibility of access to files of the reviewer by the competent
authorities (see point 5.2). Differentiation does not alter the scope, the objectives or the
overall methodology of the individual quality review.
The term ‘public interest entity’ includes amongst others: listed companies, credit institutions,
insurance companies, investment firms, UCITS (undertakings for collective investments in
transferable securities) and pension funds.
Official Journal of the European Communities 5.2. The regulator or competent authority ultimately responsible for administrating and main-
taining the quality assurance system may have access to individual files of the reviewer
prepared on statutory auditors with, in particular, public interest entity clients. The access to
files of the reviewer should be subject to the confidentiality provisions outlined under point 8.
6. PUBLIC OVERSIGHT AND PUBLIC REPORTING
6.1. Quality assurance systems should have adequate public oversight consisting of a majority of
non-practitioners on the overview board of the quality assurance system.
Quality assurance systems in the European Union should have enough credibility to satisfy the external objectives: sustaining public confidence and demonstrating to regulators the adequate discharge of self-regulating responsibilities. The public oversight requirement is meant to ensure that the quality assurance is in fact and appearance an exercise with sufficient public integrity. The actual organisation of public oversight for quality assurance will differ between Member States depending on existing structures of supervision on the statutory audit profession and the importance of sector specific regulatory monitoring of statutory audit quality.
Public oversight for quality assurance could be an ‘add-on’ to existing supervision structures on the audit profession that already involve public participation whilst in other situations it would require a separate committee including non-professionals such as representatives of business, representatives of securities regulators and representatives of shareholders.
The objectives of public oversight on quality assurance could include: 1. supervision of the management (planning and control)of the quality assurance system; 3. approval of public reporting of results of quality assurance (see point 6.2).
6.2. The results of quality assurance should be adequately published.
Publication of quality assurance results is another means of adding public credibility to the quality assurance systems. Publication of aggregated results of the quality assurance without naming indi- vidual audit firms is considered to be adequate. Public credibility would be enhanced if the reporting also includes recommendations for professional and/or regulatory actions, follow-up to recommenda- 7. DISCIPLINARY SANCTIONS
It is necessary to have a systematic link between negative outcomes of quality reviews and
initiating sanctions under the disciplinary system. The disciplinary system should include the
possibility of removal of the statutory auditor from the audit register.
Quality assurance is not in itself the only tool for disciplinary sanctions. Quality assurance aims at enforcing, demonstrating and improving audit quality. The link between quality reviews and disci- plinary sanctions is adding public credibility and is also logical because quality assurance can be seen as an enforcement tool. The possibility of removal from the register is particularly relevant for countries where the registration of certified auditors is separated from the professional body carrying Official Journal of the European Communities 8. CONFIDENTIALITY
8.1. The statutory auditor should be exempted from confidentiality clauses concerning audit files
of clients for quality assurance reviews.
Most Member States with a quality assurance system have exempted the handing over of audit working files to reviewers from the normal rules on auditor confidentiality. This implies that handing over audit files to the reviewer cannot be a breach of confidentiality and therefore cannot lead to 8.2. The reviewer should be subject to confidentiality rules similar to those that statutory auditors
have to comply with. Nevertheless, when giving the regulator or competent authority access
to the files of the reviewer (see point 5.2) this cannot constitute a breach of confidentiality.
Most Member States with a quality assurance system have included rules on the confidentiality of the reviewer identical to the confidentiality rules that statutory auditors have to comply with when 8.3. It should be provided for that all persons who work or who have worked for the relevant
regulators or competent authorities responsible for administrating and maintaining the quality
assurance system, as well as the members of the public oversight board, shall be bound by the
obligation of professional secrecy.
Ultimately depending on national legislation, professional secrecy in this context implies that persons concerned may not divulge confidential information which has been received in the course of their duties to any person or authority whatsoever, save in summary or aggregate form such that the reviewer or the statutory auditor subjected to the quality review, and the audit client to whom the reviewed files relate and the related parties of this audit client cannot be individually identified.
9. QUALITY OF REVIEWER
The quality assurance system should ensure that the persons, either peers or employees of a
monitoring organisation, who carry out quality reviews should have appropriate professional
education and relevant experience combined with specific training on quality assurance
reviews.
In several countries only professionals active in public practice can be appointed as a peer-reviewer.
The relevant experience can also relate to sector specific experience.
10. INDEPENDENCE AND OBJECTIVITY OF REVIEWER
The quality assurance system should ensure that for the selection of reviewers for individual
review assignments possible conflicts of interest are adequately taken into account. The
reviewers should be subjected to the independence requirements applicable to statutory
auditors.
The selection of reviewers for individual quality reviews should be based on criteria ensuring the reviewer's independence and objectivity in fact and appearance. The actual application of selection criteria for reviewers could be monitored by the public oversight board.
11. RESOURCES
Adequate resources (input) should be allocated to quality assurance systems in order to give
them a realisticimpact in the light of publiccredibility.
It will be clear that quality assurance systems cost money and should therefore be as efficient and effective as possible in order to fulfil the realistic requirements of the public and regulators. If a system of quality assurance is applied in an even-handed way to all statutory auditors in the European Union it will not effect the level playing field of competition in this area.
Official Journal of the European Communities There are apparent differences in resources used for quality assurance. For a meaningful comparison the total resources should be related to the number of statutory audits, taking into account the (lack of)public interest entity clients of statutory auditors (see also point 3.4, full cycle of coverage).
Publication of the resources allocated to external quality assurance will add public credibility.
12. FINAL PROVISION
This Recommendation is addressed to the Member States.

Source: http://www.ire.lu/fileadmin/media/Env_juridique_legislation_LU_EU/20001115eurecqualgb.pdf