By FCPA Jim Mcfie
A REQUEST TO COMMENT, BY 26 JUNE 2019, ON AN EXPOSURE DRAFT ON THE PROPOSED REVISIONS TO PART 4B OF THE INTERNATIONAL CODE OF ETHICS FOR PROFESSIONAL ACCOUNTANTS
In December 2013, the International Auditing and Assurance Standards Board (IAASB), a board within the International Federation of Accountants, published an International Standard on Assurance Engagements (ISAE 3000 Revised) for Assurance Engagements Other than Audits or Reviews of Historical Financial Information. It became effective for assurance reports dated on or after December 15, 2015. Audits or reviews of historical financial information are dealt with in International Standards on Auditing (ISAs) and International Standards on Review Engagements (ISREs). Assurance engagements covered by ISAE 3000 (Revised) include both attestation engagements, in which a party other than the practitioner measures or evaluates the underlying subject matter against defined criteria, and direct engagements, in which the practitioner measures or evaluates the underlying subject matter against defined criteria; the ISAE contains requirements and application and other explanatory material specific to reasonable and limited assurance attestation engagements; the ISAE may also be applied to reasonable and limited assurance direct engagements, adapted and supplemented as necessary in the engagement circumstances.
If an accountant conducts an assurance engagement, the ISAE states that the objectives of the accountant are:
(a) To obtain either reasonable assurance or limited assurance, as appropriate, about whether the subject matter information is free from material misstatement;
(b) To express a conclusion regarding the outcome of the measurement or evaluation of the underlying subject matter through a written report that conveys either a reasonable assurance or a limited assurance conclusion and describes the basis for the conclusion; and
(c) To communicate further as required by this ISAE and any other relevant ISAEs. In all cases when reasonable assurance or limited assurance, as appropriate, cannot be obtained and a qualified conclusion in the accountant’s assurance report is insufficient in the circumstances for the purposes of reporting to the intended users, ISAE 3000 requires that the practitioner disclaim a conclusion or withdraw (or resign) from the engagement, where withdrawal is possible under applicable law or regulation. The ISAE has a large number of definitions: assurance skills and techniques are defined as “those planning, evidence gathering, evidence evaluation, communication and reporting skills and techniques demonstrated by an assurance accountant that are distinct from expertise in the underlying subject matter of any particular assurance engagement or its measurement or evaluation”: it is of extreme importance that accountants enhance their skills in written communication, so that what is communicated to the user is exactly what is intended by the accountant – the “single source of truth” as one KPMG partner stated recently, taking the phrase from information systems design and theory, in which the single source of truth (SSOT) is the practice of structuring information models and associated data schema such that every data element is stored exactly once. A misstatement occurs when there is a difference between the subject matter information and the appropriate measurement or evaluation of the underlying subject matter in accordance with the criteria: misstatements can be intentional or unintentional, qualitative or quantitative, and include omissions.
If an accountant carries out an Assurance Engagement, s/he must comply with each requirement of ISAE 3000 (Revised) and each requirement of any relevant subject matter-specific ISAE, unless, in the circumstances of the engagement, the requirement is not relevant because it is conditional and the condition does not exist. As is the case of an audit of financial statements, in exceptional circumstances, the accountant may judge it necessary to depart from a relevant requirement in an ISAE: in such circumstances, the practitioner must perform alternative procedures to achieve the aim of that requirement. The need for the accountant to depart from a relevant requirement is expected to arise only where the requirement is for a specific procedure to be performed and, in the specific circumstances of the engagement, that procedure would be ineffective in achieving the aim of the requirement
If an accountant carries out an Assurance Engagement, s/he must comply with each requirement of ISAE 3000 (Revised) and each requirement of any relevant subject matter-specific ISAE, unless, in the circumstances of the engagement, the requirement is not relevant because it is conditional and the condition does not exist. As is the case of an audit of financial statements, in exceptional circumstances, the accountant may judge it necessary to depart from a relevant requirement in an ISAE: in such circumstances, the practitioner must perform alternative procedures to achieve the aim of that requirement
When carrying out such an engagement, the accountant must comply with the International Ethics Standards Board for Accountants (IESBA) Code related to assurance engagements, or other professional requirements, or requirements imposed by law or regulation, that are at least as demanding
On 27 March 2019, the International Ethics Standards Board for Accountants requested accountants around the world to submit, on or before 26 June 2019, their comments on proposed revisions to Part 4B of the Code to reflect terms and concepts used in ISAE 3000 (Revised). The exposure draft can be found at: https://www.ifac.org/system/ files/publications/files/IESBA-Part-4BAlignment-to-ISAE-3000-Revised.pdf
ISAE 3000 (Revised) introduced a change in terminology in the two types of assurance engagement reported above from “assertion-based” and “direct reporting” engagements in the original ISAE 3000 to “attestation” and “direct” engagements in the revised Standard. In changing the terminology, the IAASB has clarified that the distinction between the two types of assurance engagement is based on who is undertaking the measurement or evaluation of the subject matter (now referred to as “underlying subject matter” to avoid confusion with the term “subject matter information”) against the criteria. Moving from the term “assertion-based engagements” to “attestation engagements” and “direct reporting engagements” to “direct engagements” involved taking one of the two types of direct reporting engagements (where a measurer or evaluator, other than the professional accountant in public practice, measures or evaluates the underlying subject matter and makes an assertion as to the subject matter information that is not available to intended users) and including that type of engagement under attestation engagements. Direct engagements now include only the other type of engagement, where the accountant directly measures or evaluates the underlying subject matter. This results in a reclassification, but no substantive change in concepts. ISAE 3000 (Revised) includes requirements and guidance for attestation engagements only, rather than for both attestation engagements and direct engagements. Nevertheless, in the introduction, ISAE 3000 (Revised) notes that the ISAE may also be applied to reasonable and limited assurance direct engagements, adapted and supplemented as necessary in the engagement circumstances.
In an attestation engagement, a party other than the accountant measures or evaluates the underlying subject matter against the defined criteria. A party other than the accountant also often presents the resulting subject matter information (the outcome of the measurement or the evaluation) in a report or statement. In some cases, however, the subject matter information may be presented by the accountant in the assurance report. The accountant’s conclusion addresses whether the subject matter information is free from material misstatement. In a direct engagement, the accountant measures or evaluates the underlying subject matter against the defined criteria. In addition, the accountant applies assurance skills and techniques to obtain sufficient appropriate evidence about the outcome of the measurement or evaluation of the underlying subject matter against the criteria. The accountant may obtain that evidence simultaneously with the measurement or evaluation of the underlying subject matter, but may also obtain it before or after such measurement or evaluation. In a direct engagement, the accountant’s conclusion addresses the reported outcome of the measurement or evaluation of the underlying subject matter against the criteria and is phrased in terms of the underlying subject matter and the criteria. In some direct engagements, the accountant’s conclusion is, or is part of, the subject matter information.
The change in terminology used in ISAE 3000 (Revised) requires corresponding changes in the Code, in particular in the two types of assurance engagement (changed from “assertionbased engagement” to “attestation engagement”, and from “direct reporting engagement” to “direct engagement”). ISAE 3000 (Revised) states that all assurance engagements have at least three parties: the responsible party, the practitioner (i.e. the professional accountant in public practice), and the intended users. Additionally, depending on the engagement circumstances, there may also be a separate role of measurer or evaluator or engaging party. In ISAE 3000 (Revised), the term “responsible party” is used only for the party responsible for the underlying subject matter, and the term “measurer or evaluator” is reserved for the party who evaluates the underlying subject matter against the criteria to produce the subject matter information. The terminology used in the Exposure Draft has been aligned with these terms as they are now used in ISAE 3000 (Revised). The change in terminology used in ISAE 3000 (Revised) requires a change in the definition of Assurance Client in the Code. IESBA believes that, although the term “assurance client” is not used in ISAE 3000 (Revised) or in other IAASB material, it is nevertheless preferable to use this term in Part 4B for ease of reference when describing the party or parties from whom the professional accountant in public practice is required to be independent. The term is consistent with the principles of ISAE 3000 (Revised). It is also the equivalent of the term “audit client” used in Part 4A. The proposed revised definition of Assurance Client in the Exposure Draft is: “the assurance client is the responsible party and also, in an attestation engagement, the party taking responsibility for the subject matter information (who might be the same as the responsible party)”. There are a large number of changes proposed in the exposure draft (ED).
IESBA proposes that the effective date of the revised Part 4B, in accordance with the Board’s position on revisions to the revised and restructured Code, should be as follows: Part 4B relating to independence for assurance engagements with respect to underlying subject matter covering periods will be effective for periods beginning on or after June 15, 2021; otherwise, it will be effective as of June 15, 2021. Early adoption will be permitted.
IESBA requests comments on all matters addressed in the ED, but especially those identified in the Request for Specific Comments below. Comments are most helpful when they refer to specific paragraphs, include the reasons for the comments, and, where appropriate, make specific suggestions for any proposed changes to wording. When a respondent agrees with proposals in this ED, it will be helpful for IESBA to be made aware of this view. IESBA is not inviting comments on the terms and concepts included in ISAE 3000 (Revised) itself as these are the responsibility of IAASB and outside the scope of this Exposure Draft.
IESBA welcomes specific comments from respondents on the following matters:
(i) Do you believe that the changes in the key terminology used in the Exposure Draft, including the definition of “assurance client”, are clear and appropriate for use in Part 4B?
(ii) Do you have any comments on the application of IESBA’s proposals to the detailed independence requirements and application material as explained above and summarized in the appendix?
(iii) Do you have any comments on the other proposed changes, including on the consistency of terms and concepts in Part 4B in relation to the text of ISAE 3000 (Revised)? If so, please specify the area of inconsistency and suggest alternative wording.
(iv) Are there any other matters that you consider should be addressed with respect to the alignment with ISAE 3000 (Revised) in Part 4B or in other material, for example in an IESBA Staff publication? If so, please provide sufficient explanation, including practical examples of the matter where available.
(v) Do you agree with the proposed effective date? If not, please indicate why not and explain your reasoning.
In addition to the request for specific comments above, IESBA is also seeking comments on:
(a) Small and Medium Practices (SMPs): IESBA invites comments regarding the impact of the proposed changes for SMPs.
(b) Developing Nations: Recognizing that many developing nations have adopted or are in the process of adopting the Code, IESBA invites respondents from these nations to comment on the proposals, and in particular, on any foreseeable difficulties in applying them in their environment. Let us read the ED and submit our comments to ICPAK one week before 26 June 2019, for onward transmission to IESBA
