Among the many recent and upcoming initiatives to enhance audit quality there is one underdog that could really shift the landscape, but will it be soon enough? Could ISQM1 be the secret weapon we do not even realize we have?
There has been extensive debate lately on how to “fix” audit quality. One must consider whether that is a concept with real substance. Accompanying the audit quality debate, one often encounters the expectation gap debate. The argument being that the public are expecting more of auditors than professional standards and applicable regulations require of auditors. What is clear however, is that whatever the cause of the various incidents we have seen in the corporate landscape locally and abroad, there is something to do, and the current situation cannot continue indefinitely.
There is no shortage of initiatives both locally and abroad to enhance audit quality. The IAASB has undertaken various initiatives, for example the inclusion of NOCLAR requirements in the IESBA Code, and the launch of the a project to look at the role of the auditor in relation to fraud and going concern during 2020. Locally we have seen the IRBA implement a number of initiatives specifically focused on audit quality in the South African market, such as the requirement for audit firms to report to the regulator certain audit quality indicators (AQI), increased financial sanctions for disciplinary transgressions by auditors, and the upcoming implementation of mandatory audit firm rotation (MAFR). There is no auditor in South Africa that will deny the landscape is changing and that there is ever-increasing pressure on auditors to achieve high levels of audit quality.
All the initiatives above were implemented or undertaken with thorough stakeholder consultation and planning, but it is still very important to acknowledge that there is no one initiative that will “fix” audit quality in the eyes of the public. It is practically impossible for an audit to provide absolute assurance of material misstatement in financial statements, and likewise it is practically impossible for an audit to give even reasonable assurance over the absence of fraud in financial statements unless materiality is taken into account. To educate the public on these concepts would be immensely challenging, and hence the risk of an expectation gap will always exist. The initiatives under discussion will however, without a doubt, go some way to improving audit quality.
A fundamental challenge to improving audit quality is however the slowness of the feedback loop, especially to the public. If one considers MAFR as an example, with an implementation in 2023 one would only expect to see improvements in audit quality as a result of MAFR sometime after that, and for those results to filter into regulatory inspections, and then to the public via regulatory reporting could take several more years. The reality is that the current corporate failures we are living through were subjected to audit work that took place in most cases, 5 or more years ago, and cannot be taken as a proxy for the levels of audit quality in any of those firms right now.
The other challenge with these initiatives is that while they may be effective, they are not likely to target the very specific causes that any one firm may have for challenges with their own audit quality. Consider for example the IRBA Public Inspection Report which is issued each year. Even considering the variety of findings in that report, it is evident there could be many different root causes present in different firms that give rise to these findings.
When considering the above one cannot argue that the audit firms play a large part in improving and measuring their own audit quality, and ISQM 1 will play a vital role in my view in the enhancement of audit quality globally because of this. The overarching principle of ISQM1 is that the standard is scalable and allows firms to evaluate the risks that threaten their own quality objectives, and to implement responses to those risks that suit the particular firm. This will give firms an opportunity to do an honest evaluation of what gives rise to audit quality issues, or internal or external inspection findings, and customize their approach to addressing those risks and managing audit quality.
An important cog in the engine of ISQM1 is that the implementation thereof will have to be extremely well regulated. Regulators around the world will have the challenging task of ensuring that the regulation is robust enough to ensure comprehensive adoption of the standard, but at the same time flexible enough to allow firms to implement the standard with a meaningful level of customization and scaling. Firms on the other hand will have the responsibility to implement the standard with a great level of honesty and a commitment to truly modernize and tailor their approach to quality management. Any attempt to create responses to quality risks will be meaningless if the assessment of the risks is not honest and authentic.
ISQM1 provides an opportunity to make a significant move towards the expectations of the public of what a good audit is. The opportunity for firms to tailor their approach and channel treasured resources to where it will be the most effective is invaluable, but the implementation will be difficult to regulate. The biggest challenge however, for the public, for regulators, and for firms, is that we are likely to require a significant measure of patience to see the results of this through improved audits, and regulatory inspection reporting of this, in the public domain.
This article was originally commissioned for SAICA’s ASA magazine and published in the September edition here