Response to consultation on Guidelines on communication between competent authorities supervising credit institutions and statutory auditors
Go back
However, we would like to point out that the draft guidelines do not specify the meaning of proportionality in terms of its lower limits. They only mention the opposite direction in relation to global and other systemically important institutions.
Confidentiality rules ensure that all information and documents to which a statutory auditor has access when carrying out a statutory audit are protected (Article 23 Para. 1 of the Audit Directive). The professional duty of confidentiality aims to protect the client’s and the public’s trust in the accounting profession and is the basis of an effective public audit.
When discussing a possible override of confidentiality and justifying it with the public interest, one should bear in mind that confidentiality is a core principle that is also in the public interest. Confidentiality enables the extensive disclosure of facts and circumstances within the relationship of the audited entity and its auditor and therefore contributes to improving the quality of the auditor´s work from which the stakeholders and the public benefit. In contrast, overriding confidentiality may run the risk of creating inappropriate disincentives for the audited entity for the disclosure of certain information and circumstances resulting in a decrease of information pro-vided. In other words, the relationship of the auditor and the audited entity might be affected negatively, also against the background of the aforementioned lack of legal certainty for the auditor.
The framework in Annex I provides the authorities an ample scope when incorporating it into their practices. In every single case they can request a broad range of information that does not only refer to the audit process (see Annex I in detail). According to No. 28 and 45 the authority should consult the auditor with regard to the scope of the information shared and the frequency and timing of the communication. We are concerned that authorities do not use their option to consult the auditor on the issue of which and how much information is to be disclosed. If an authority does not request specific (proportional) information the auditor has to decide if information provided to the authority is actually relevant to the supervisory task. Despite Article 12 Para. 3 of the Audit Regulation there is a liabilty risk for the auditor as there is no guarantee that in a lawsuit a court also considers that information with no relevance to the supervisory task was provided in good faith.
In addition, the draft guidelines do not involve any legal consequences in case of disagreements between authorities and auditors with regard to the relevance of information to the supervisory task.
Annex I in detail:
Auditors should only be obliged to provide audit related information. Thus, all information to be provided by auditors should be limited to the audit report (Article 10 of the Audit Regulation), the additional report to the audit committee (Article 11 of the Audit Regulation) and to the report to supervisors (Article 12 Para. 1 Subpara. 1 a) to c) of the Audit Regulation). Furthermore, German auditors have to prepare a detailed report („Prüfungsbericht“ according to § 321 of the German Commercial Code, in Germany translated as long-form audit report) that also includes all relevant audit information.
Corporate governance and internal controls (a.): The information under a. is based on the personal view of an auditor and does not refer directly to the audit process. We question the purpose of that requirement as this is not part of the audit itself and not stated in the above mentioned audit reports. Providing that information could affect the relationship of the auditor and the audited entity negatively.
Audit approach: (g): To avoid liability risks auditors should only provide information in terms of specific questions asked by authorities so that the authority must define the particular transaction. (h. and i.): The meaning of that point is unclear. We propose to limit that information on that stated in the above mentioned audit reports. The German long-form audit report regularly reports on difficulties oder circumstances with significant change in the audit planning.
Auditors‘ reports: (c. and d.): It is unclear which issues are to be reported in addition to the audit report according to Article 10 of the Audit Regulation that has to describe the most significant assessed risks of material misstatement, the auditor's response to those risks and where rele-vant, key observations arising with respect to those risks.
With regard to general issues referring to statutory auditors the communication can be performed between the comptentent authorities and the Wirtschaftsprüferkammer as the latter upholds the interests of all of its members (§ 57 Abs. 1 of the revised German Public Accountant Act). The WPK is also subject to confidentiality when it obtains confidential information (§ 64 of the revised German Public Accountant Act).
We hope that our remarks will be taken into consideration in the subsequent course of the pro-ceedings. We would be delighted to answer any questions you may have.
1. Is the scope of application of the guidelines appropriate and sufficiently clear?
Yes2. As currently foreseen, the application date will be in the last quarter of 2016. Is the date of application of the guidelines appropriate?
Yes. As discussed in the public hearing on January 5th, 2016, the information to be provided should refer to issues occurring once the implementation process is finished (beginning 2017).3. Is the general framework of the communication between competent authorities and auditors appropriate and sufficiently clear? Please indicate any additional elements to be included.
Yes4. Please provide any comments you may have on the appropriateness of the proposed proportionality approach.
We welcome the proposed proportionality approach as it implicates that only appropriate infor-mation will be exchanged. That may lead to less costs and efforts for the parties of the dialogue as well as for audit clients who usually have to pay for any additional work of their auditors.However, we would like to point out that the draft guidelines do not specify the meaning of proportionality in terms of its lower limits. They only mention the opposite direction in relation to global and other systemically important institutions.
5. Are the guidelines on the scope of information to be shared during the communication appropriate and sufficiently clear? Are the issues on which information may be shared in Annex I appropriate and sufficiently clear? Please indicate any additional issues to be included.
German public accountants and sworn auditors are subject to confidentiality according to § 43 Para. 1 Sentence 1 of the German Public Accountant Act (Wirtschaftsprüferordnung) and § 9 and § 10 of the German Professional Charter (Berufssatzung WP/vBP). Article 23 of the Audit Directive 2006/43/EC of May 17, 2006 as well as § 323 Para. 1 Sentence 1 of the German Commercial Code (Handelsgesetzbuch) regulate that duty with regard to public auditors. A breach of that duty is also a criminal offence according to § 203 and 204 of the German Criminal Code (Strafgesetzbuch).Confidentiality rules ensure that all information and documents to which a statutory auditor has access when carrying out a statutory audit are protected (Article 23 Para. 1 of the Audit Directive). The professional duty of confidentiality aims to protect the client’s and the public’s trust in the accounting profession and is the basis of an effective public audit.
When discussing a possible override of confidentiality and justifying it with the public interest, one should bear in mind that confidentiality is a core principle that is also in the public interest. Confidentiality enables the extensive disclosure of facts and circumstances within the relationship of the audited entity and its auditor and therefore contributes to improving the quality of the auditor´s work from which the stakeholders and the public benefit. In contrast, overriding confidentiality may run the risk of creating inappropriate disincentives for the audited entity for the disclosure of certain information and circumstances resulting in a decrease of information pro-vided. In other words, the relationship of the auditor and the audited entity might be affected negatively, also against the background of the aforementioned lack of legal certainty for the auditor.
The framework in Annex I provides the authorities an ample scope when incorporating it into their practices. In every single case they can request a broad range of information that does not only refer to the audit process (see Annex I in detail). According to No. 28 and 45 the authority should consult the auditor with regard to the scope of the information shared and the frequency and timing of the communication. We are concerned that authorities do not use their option to consult the auditor on the issue of which and how much information is to be disclosed. If an authority does not request specific (proportional) information the auditor has to decide if information provided to the authority is actually relevant to the supervisory task. Despite Article 12 Para. 3 of the Audit Regulation there is a liabilty risk for the auditor as there is no guarantee that in a lawsuit a court also considers that information with no relevance to the supervisory task was provided in good faith.
In addition, the draft guidelines do not involve any legal consequences in case of disagreements between authorities and auditors with regard to the relevance of information to the supervisory task.
Annex I in detail:
Auditors should only be obliged to provide audit related information. Thus, all information to be provided by auditors should be limited to the audit report (Article 10 of the Audit Regulation), the additional report to the audit committee (Article 11 of the Audit Regulation) and to the report to supervisors (Article 12 Para. 1 Subpara. 1 a) to c) of the Audit Regulation). Furthermore, German auditors have to prepare a detailed report („Prüfungsbericht“ according to § 321 of the German Commercial Code, in Germany translated as long-form audit report) that also includes all relevant audit information.
Corporate governance and internal controls (a.): The information under a. is based on the personal view of an auditor and does not refer directly to the audit process. We question the purpose of that requirement as this is not part of the audit itself and not stated in the above mentioned audit reports. Providing that information could affect the relationship of the auditor and the audited entity negatively.
Audit approach: (g): To avoid liability risks auditors should only provide information in terms of specific questions asked by authorities so that the authority must define the particular transaction. (h. and i.): The meaning of that point is unclear. We propose to limit that information on that stated in the above mentioned audit reports. The German long-form audit report regularly reports on difficulties oder circumstances with significant change in the audit planning.
Auditors‘ reports: (c. and d.): It is unclear which issues are to be reported in addition to the audit report according to Article 10 of the Audit Regulation that has to describe the most significant assessed risks of material misstatement, the auditor's response to those risks and where rele-vant, key observations arising with respect to those risks.
6. Are the guidelines on the form of communication appropriate and sufficiently clear? Please indicate whether any particular form of communication should be used and under which circumstances it should be used.
Yes7. Are the guidelines on the participants in the communication between competent authorities and auditors appropriate and sufficiently clear? Are there any other participants that should be considered participating? Under which circumstances should other participants be considered?
Yes. No other participants should be considered participating.8. Are the guidelines on the frequency and timing of communication appropriate and sufficiently clear? Please provide information on any additional circumstances which may necessitate a different frequency and timing of communication.
As mentioned in the draft guidelines (page 32, costs under option 1) the participation in the mutual dialogue (esp. bilateral meetings) causes additional efforts and costs on the part of statutory auditors. Hence it is important that frequency and timing of communication are actually appropriate. Though authorities should consult auditors on the appropriateness (No. 45), the draft guidelines do not involve any legal consequences in case of disagreements between authorities and auditors with regard to the frequency and timing.9. Are the guidelines on the communication between competent authorities and auditors collectively appropriate and sufficiently clear? Please indicate any additional element which should be included in the guidelines regarding the communication of competent authorities and the auditors collectively.
According to No. 49 of the draft guidelines auditors collectively may be professional bodies representing the auditors. Starting June 17, 2016 the so called „Abschlussprüferaufsichtsstelle (APAS)“ (public oversight on the profession) will supervise German statutory auditors of credit institutions according to the Audit Regulation. As a result, the German competent authorities can communicate with the APAS with regard to audit-related issues. That communication is only reasonable in terms of general issues such as the external environment and profile of a credit institution. Due to the professional duty of confidentiality of the auditors the APAS will not receive broad information relating to every single audit. In cases where the APAS obtains confidential information (e. g. during disciplinary proceedings or inspections) it is itself subject to confidentiality (§ 66b of the revised German Public Accountant Act).With regard to general issues referring to statutory auditors the communication can be performed between the comptentent authorities and the Wirtschaftsprüferkammer as the latter upholds the interests of all of its members (§ 57 Abs. 1 of the revised German Public Accountant Act). The WPK is also subject to confidentiality when it obtains confidential information (§ 64 of the revised German Public Accountant Act).
10.Do you agree with the impact assessment and its conclusions, having regard to the baseline scenario used for this impact assessment? Please provide any additional information regarding the costs and benefits from the application of these guidelines.
The outlined benefits do not refer to statutory auditors but to the financial stability, safety and soundness of the banking system and the further convergence of existing practices across Member States (cf. objectives of the draft guidelines). The mutual dialoge as required by Article 12 Para. 2 of the Audit Regulation should implicate mutual benefits. Therefore it is important that competent authorities actually use their opportunity to share information with auditors (No. 32 – 34 of the draft guidelines) and that they involve auditors in their decision on which information is to be disclosed in strict accordance with the principle of proportionality.11.Please provide any additional comments on the draft guidelines.
We welcome the draft guidelines as an instrument to improve the dialogue between statutory auditors and competent authorities supervising credit institutions with the aim to foster financial stability and safety and soundness of the banking system as well as further convergence of existing practices across Member States. The draft guidelines should support the authorities and statutory auditors to establish an effective mutual dialogue according to Article 12 Para. 2 of the Audit Regulation (EU) No. 537/2014.We hope that our remarks will be taken into consideration in the subsequent course of the pro-ceedings. We would be delighted to answer any questions you may have.