Firms have traditionally provided to their assurance clients a range of non-assurance services that are consistent with their skills and expertise. Assurance clients value the benefits that derive from having these firms, which have a good understanding of the business, bring their knowledge and skill to bear in other areas. Furthermore, the provision of such non-assurance services will often result in the assurance team obtaining information regarding the assurance client's business and operations that is helpful in relation to the assurance engagement. The greater the knowledge of the assurance client's business, the better the assurance team will understand the assurance client's procedures and controls, and the business and financial risks that it faces.
The provision of non-assurance services may, however, create threats to the independence of the firm, a network firm or the members of the assurance team, particularly with respect to perceived threats to independence. Consequently, it is necessary to evaluate the significance of any threat created by the provision of such services. In some cases it may be possible to eliminate or reduce the threat created by application of safeguards. In other cases no safeguards are available to reduce the threat to an acceptable level.
The following activities would generally create self-interest or self-review threats that are so significant that only avoidance of the activity or refusal to perform the assurance engagement would reduce the threats to an acceptable level:
The examples set out in paragraphs 290.166 through to 290.205 are addressed in the context of the provision of non-assurance services to an assurance client. The potential threats to independence will most frequently arise when a non-assurance service is provided to a financial statement audit client. The financial statements of an entity provide financial information about a broad range of transactions and events that have affected the entity. The subject matter information of other assurance services, however, may be limited in nature.
Threats to independence, however, may also arise when a firm provides a non-assurance service related to the subject matter information, of a nonfinancial statement audit assurance engagement. In such cases, consideration should be given to the significance of the firm’s involvement with the subject matter information, of the engagement, whether any self-review threats are created and whether any threats to independence could be reduced to an acceptable level by application of safeguards, or whether the engagement should be declined. When the non-assurance service is not related to the subject matter information, of the non-financial statement audit assurance engagement, the threats to independence will generally be clearly insignificant.
The following activities may also create self-review or self-interest threats:
The significance of any threat created should be evaluated and, if the threat is other than clearly insignificant, safeguards should be considered and applied as necessary to eliminate the threat or reduce it to an acceptable level. Such safeguards might include:
New developments in business, the evolution of financial markets, rapid changes in information technology, and the consequences for management and control, make it impossible to draw up an all-inclusive list of all situations when providing nonassurance services to an assurance client might create threats to independence and of the different safeguards that might eliminate these threats or reduce them to an acceptable level. In general, however, a firm may provide services beyond the assurance engagement provided any threats to independence have been reduced to an acceptable level.
The following safeguards may be particularly relevant in reducing to an acceptable level threats created by the provision of non-assurance services to assurance clients:
Before the firm accepts an engagement to provide a non-assurance service to an assurance client, consideration should be given to whether the provision of such a service would create a threat to independence. In situations when a threat created is other than clearly insignificant, the non-assurance engagement should be declined unless appropriate safeguards can be applied to eliminate the threat or reduce it to an acceptable level.
The provision of certain non-assurance services to financial statement audit clients may create threats to independence so significant that no safeguard could eliminate the threat or reduce it to an acceptable level. However, the provision of such services to a related entity, division or discrete financial statement item of such clients may be permissible when any threats to the firm’s independence have been reduced to an acceptable level by arrangements for that related entity, division or discrete financial statement item to be audited by another firm or when another firm re-performs the nonassurance service to the extent necessary to enable it to take responsibility for that service.
Assisting a financial statement audit client in matters such as preparing accounting records or financial statements may create a self-review threat when the financial statements are subsequently audited by the firm.
It is the responsibility of financial statement audit client management to ensure that accounting records are kept and financial statements are prepared, although they may request the firm to provide assistance. If firm, or network firm, personnel providing such assistance make management decisions, the self-review threat created could not be reduced to an acceptable level by any safeguards. Consequently, personnel should not make such decisions. Examples of such managerial decisions include:
The audit process involves extensive dialogue between the firm and management of the financial statement audit client. During this process, management requests and receives significant input regarding such matters as accounting principles and financial statement disclosure, the appropriateness of controls and the methods used in determining the stated amounts of assets and liabilities. Technical assistance of this nature and advice on accounting principles for financial statement audit clients are an appropriate means to promote the fair presentation of the financial statements. The provision of such advice does not generally threaten the firm's independence.
Similarly, the financial statement audit process may involve assisting an audit client in resolving account reconciliation problems, analysing and accumulating information for regulatory reporting, assisting in the preparation of consolidated financial statements (including the translation of local statutory accounts to comply with group accounting policies and the transition to a different reporting framework such as International Financial Reporting Standards), drafting disclosure items, proposing adjusting journal entries and providing assistance and advice in the preparation of local statutory accounts of subsidiary entities. These services are considered to be a normal part of the audit process and do not, under normal circumstances, threaten independence.
The examples in paragraphs 290.170 through 290.173 indicate that self-review threats may be created if the firm is involved in the preparation of accounting records or financial statements and those financial statements are subsequently the subject matter information of an audit engagement of the firm. This notion may be equally applicable in situations when the subject matter information of the assurance engagement is not financial statements. For example, a self-review threat would be created if the firm developed and prepared prospective financial information and subsequently provided assurance on this prospective financial information. Consequently, the firm should evaluate the significance of any self-review threat created by the provision of such services. If the self-review threat is other than clearly insignificant safeguards should be considered and applied as necessary to reduce the threat to an acceptable level.
The firm, or a network firm, may provide a financial statement audit client that is not a listed entity with accounting and bookkeeping services, including payroll services, of a routine or mechanical nature, provided any self-review threat created is reduced to an acceptable level. Examples of such services include:
The significance of any threat created should be evaluated and, if the threat is other than clearly insignificant, safeguards should be considered and applied as necessary to reduce the threat to an acceptable level. Such safeguards might include:
The provision of accounting and bookkeeping services, including payroll services and the preparation of financial statements or financial information which forms the basis of the financial statements on which the audit report is provided, on behalf of a financial statement audit client that is a listed entity, may impair the independence of the firm or network firm, or at least give the appearance of impairing independence. Accordingly, no safeguard other than the prohibition of such services, except in emergency situations and when the services fall within the statutory audit mandate, could reduce the threat created to an acceptable level. Therefore, a firm or a network firm should not, with the limited exceptions below, provide such services to a listed entity that is a financial statement audit client.
The provision of accounting and bookkeeping services of a routine or mechanical nature to divisions or subsidiaries of a financial statement audit client that is a listed entity would not be seen as impairing independence with respect to the audit client provided that the following conditions are met:
(a) the services do not involve the exercise of judgment
(b) the divisions or subsidiaries for which the service is provided are collectively immaterial to the audit client, or the services provided are collectively immaterial to the division or subsidiary
(c) the fees to the firm, or network firm, from such services are collectively clearly insignificant.
If such services are provided, all of the following safeguards should be applied:
(a) the firm, or network firm, should not assume any managerial role nor make any managerial decisions
(b) the audit client should accept responsibility for the results of the work
(c) personnel providing the services should not participate in the audit.
The provision of accounting and bookkeeping services to financial statement audit clients in emergency or other unusual situations, when it is impractical for the audit client to make other arrangements, would not be considered to pose an unacceptable threat to independence provided:
(a) the firm, or network firm, does not assume any managerial role or make any managerial decisions
(b) the audit client accepts responsibility for the results of the work
(c) personnel providing the services are not members of the assurance team.
A valuation comprises the making of assumptions with regard to future developments, the application of certain methodologies and techniques, and the combination of both in order to compute a certain value, or range of values, for an asset, a liability or for a business as a whole.
A self-review threat may be created when a firm or network firm performs a valuation for a financial statement audit client that is to be incorporated into the client’s financial statements.
If the valuation service involves the valuation of matters material to the financial statements and the valuation involves a significant degree of subjectivity, the self-review threat created could not be reduced to an acceptable level by the application of any safeguard. Accordingly, such valuation services should not be provided or, alternatively, the only course of action would be to withdraw from the financial statement audit engagement.
Performing valuation services for a financial statement audit client that are neither separately, nor in the aggregate, material to the financial statements, or that do not involve a significant degree of subjectivity, may create a self-review threat that could be reduced to an acceptable level by the application of safeguards. Such safeguards might include:
In determining whether the above safeguards would be effective, consideration should be given to the following matters:
(a) the extent of the audit client's knowledge, experience and ability to evaluate the issues concerned, and the extent of their involvement in determining and approving significant matters of judgment
(b) the degree to which established methodologies and professional guidelines are applied when performing a particular valuation service
(c) for valuations involving standard or established methodologies, the degree of subjectivity inherent in the item concerned
(d) the reliability and extent of the underlying data
(e) the degree of dependence on future events of a nature which could create significant volatility inherent in the amounts involved
(f) the extent and clarity of the disclosures in the financial statements.
When a firm, or a network firm, performs a valuation service for a financial statement audit client for the purposes of making a filing or return to a tax authority, computing an amount of tax due by the client, or for the purpose of tax planning, this would not create a significant threat to independence because such valuations are generally subject to external review, for example by a tax authority.
When the firm performs a valuation that forms part of the subject matter information of an assurance engagement that is not a financial statement audit engagement, the firm should consider any self-review threats. If the threat is other than clearly insignificant, safeguards should be considered and applied as necessary to eliminate the threat or reduce it to an acceptable level.
In many jurisdictions, the firm may be asked to provide taxation services to a financial statement audit client. Taxation services comprise a broad range of services, including compliance, planning, provision of formal taxation opinions and assistance in the resolution of tax disputes. Such assignments are generally not seen to create threats to independence.
A self-review threat may be created when a firm, or network firm, provides internal audit services to a financial statement audit client. Internal audit services may comprise an extension of the firm's audit service beyond requirements of generally accepted auditing standards, assistance in the performance of a client’s internal audit activities or outsourcing of the activities. In evaluating any threats to independence, the nature of the service will need to be considered. For this purpose, internal audit services do not include operational internal audit services unrelated to the internal accounting controls, financial systems or financial statements.
Services involving an extension of the procedures required to conduct a financial statement audit in accordance with International standards on auditing would not be considered to impair independence with respect to the audit client provided that the firm’s or network firm’s personnel do not act or appear to act in a capacity equivalent to a member of audit client management.
When the firm, or a network firm, provides assistance in the performance of a financial statement audit clientss internal audit activities or undertakes the outsourcing of some of the activities, any self-review threat created may be reduced to an acceptable level by ensuring that there is a clear separation between the management and control of the internal audit by client management and the internal audit activities themselves.
Performing a significant portion of the financial statement audit clientss internal audit activities may create a self-review threat and a firm, or network firm, should consider the threats and proceed with caution before taking on such activities. Appropriate safeguards should be put in place and the firm, or network firm, should, in particular, ensure that the audit client acknowledges its responsibilities for establishing, maintaining and monitoring the system of internal controls.
Safeguards that should be applied in all circumstances to reduce any threats created to an acceptable level include ensuring that:
(a) the audit client is responsible for internal audit activities and acknowledges its responsibility for establishing, maintaining and monitoring the system of internal controls
(b) the audit client designates a competent employee, preferably within senior management, to be responsible for internal audit activities
(c) the audit client, the audit committee or supervisory body approves the scope, risk and frequency of internal audit work
(d) the audit client is responsible for evaluating and determining which recommendations of the firm should be implemented
(e) the audit client evaluates the adequacy of the internal audit procedures performed and the findings resulting from the performance of those procedures by, among other things, obtaining and acting on reports from the firm
(f) the findings and recommendations resulting from the internal audit activities are reported appropriately to the audit committee or supervisory body.
Consideration should also be given to whether such non-assurance services should be provided only by personnel not involved in the financial statement audit engagement and with different reporting lines within the firm.
The provision of services by a firm or network firm to a financial statement audit client that involve the design and implementation of financial information technology systems that are used to generate information forming part of a client’s financial statements may create a self-review threat.
The self-review threat is likely to be too significant to allow the provision of such services to a financial statement audit client unless appropriate safeguards are put in place ensuring that:
(a) the audit client acknowledges its responsibility for establishing and monitoring a system of internal controls
(b) the audit client designates a competent employee, preferably within senior management, with the responsibility to make all management decisions with respect to the design and implementation of the hardware or software system
(c) the audit client makes all management decisions with respect to the design and implementation process
(d) the audit client evaluates the adequacy and results of the design and implementation of the system
(e) the audit client is responsible for the operation of the system (hardware or software) and the data used or generated by the system.
Consideration should also be given to whether such non-assurance services should be provided only by personnel not involved in the financial statement audit engagement and with different reporting lines within the firm.
The provision of services by a firm, or network firm, to a financial statement audit client which involve either the design or the implementation of financial information technology systems that are used to generate information forming part of a client’s financial statements may also create a self-review threat. The significance of the threat, if any, should be evaluated and, if the threat is other than clearly insignificant, safeguards should be considered and applied as necessary to eliminate the threat or reduce it to an acceptable level.
The provision of services in connection with the assessment, design and implementation of internal accounting controls and risk management controls are not considered to create a threat to independence provided that firm or network firm personnel do not perform management functions.
The lending of staff by a firm, or network firm, to a financial statement audit client may create a self-review threat when the individual is in a position to influence the preparation of a client’s accounts or financial statements. In practice, such assistance may be given (particularly in emergency situations) but only on the understanding that the firm’s or network firm’s personnel will not be involved in:
(a) making management decisions
(b) approving or signing agreements or other similar documents
(c) exercising discretionary authority to commit the client.
Each situation should be carefully analysed to identify whether any threats are created and whether appropriate safeguards should be implemented. Safeguards that should be applied in all circumstances to reduce any threats to an acceptable level include:
Litigation support services may include activities such as acting as an expert witness, calculating estimated damages or other amounts that might become receivable or payable as the result of litigation or other legal dispute, and assistance with document management and retrieval in relation to a dispute or litigation.
A self-review threat may be created when the litigation support services provided to a financial statement audit client include the estimation of the possible outcome and thereby affects the amounts or disclosures to be reflected in the financial statements. The significance of any threat created will depend upon factors such as:
The firm, or network firm, should evaluate the significance of any threat created and, if the threat is other than clearly insignificant, safeguards should be considered and applied as necessary to eliminate the threat or reduce it to an acceptable level. Such safeguards might include:
If the role undertaken by the firm or network firm involved making managerial decisions on behalf of the financial statement audit client, the threats created could not be reduced to an acceptable level by the application of any safeguard. Therefore, the firm or network firm should not perform this type of service for an audit client.
Legal services are defined as any services for which the person providing the services must either be admitted to practice before the Courts of the jurisdiction in which such services are to be provided, or have the required legal training to practice law. Legal services encompass a wide and diversified range of areas including both corporate and commercial services to clients, such as contract support, litigation, mergers and acquisition advice and support and the provision of assistance to clients' internal legal departments. The provision of legal services by a firm, or network firm, to an entity that is a financial statement audit client may create both self-review and advocacy threats.
Threats to independence need to be considered depending on the nature of the service to be provided, whether the service provider is separate from the assurance team and the materiality of any matter in relation to the entities' financial statements. The safeguards set out in paragraph 290.162 may be appropriate in reducing any threats to independence to an acceptable level. In circumstances when the threat to independence cannot be reduced to an acceptable level the only available action is to decline to provide such services or withdraw from the financial statement audit engagement.
The provision of legal services to a financial statement audit client which involve matters that would not be expected to have a material effect on the financial statements are not considered to create an unacceptable threat to independence.
There is a distinction between advocacy and advice. Legal services to support a financial statement audit client in the execution of a transaction (e.g. contract support, legal advice, legal due diligence and restructuring) may create self-review threats; however, safeguards may be available to reduce these threats to an acceptable level. Such a service would not generally impair independence, provided that:
(a) members of the assurance team are not involved in providing the service
(b) in relation to the advice provided, the audit client makes the ultimate decision or, in relation to the transactions, the service involves the execution of what has been decided by the audit client.
Acting for a financial statement audit client in the resolution of a dispute or litigation in such circumstances when the amounts involved are material in relation to the financial statements of the audit client would create advocacy and self-review threats so significant no safeguard could reduce the threat to an acceptable level. Therefore, the firm should not perform this type of service for a financial statement audit client.
When a firm is asked to act in an advocacy role for a financial statement audit client in the resolution of a dispute or litigation in circumstances when the amounts involved are not material to the financial statements of the audit client, the firm should evaluate the significance of any advocacy and self-review threats created and, if the threat is other than clearly insignificant, safeguards should be considered and applied as necessary to eliminate the threat or reduce it to an acceptable level. Such safeguards might include:
The appointment of a partner or an employee of the firm or network firm as General Counsel for legal affairs to a financial statement audit client would create self-review and advocacy threats that are so significant no safeguards could reduce the threats to an acceptable level. The position of General Counsel is generally a senior management position with broad responsibility for the legal affairs of a company and consequently, no member of the firm or network firm should accept such an appointment for a financial statement audit client.
The recruitment of senior management for an assurance client, such as those in a position to affect the subject matter information of the assurance engagement, may create current or future self-interest, familiarity and intimidation threats. The significance of the threat will depend upon factors such as:
The firm could generally provide such services as reviewing the professional qualifications of a number of applicants and provide advice on their suitability for the post. In addition, the firm could generally produce a short-list of candidates for interview, provided it has been drawn up using criteria specified by the assurance client. The significance of the threat created should be evaluated and, if the threat is other than clearly insignificant, safeguards should be considered and applied as necessary to reduce the threat to an acceptable level. In all cases, the firm should not make management decisions and the decision as to whom to hire should be left to the client.
The provision of corporate finance services, advice or assistance to an assurance client may create advocacy and self-review threats. In the case of certain corporate finance services, the independence threats created would be so significant no safeguards could be applied to reduce the threats to an acceptable level. For example, promoting, dealing in, or underwriting of an assurance client’s shares is not compatible with providing assurance services. Moreover, committing the assurance client to the terms of a transaction or consummating a transaction on behalf of the client would create a threat to independence so significant no safeguard could reduce the threat to an acceptable level. In the case of a financial statement audit client the provision of those corporate finance services referred to above by a firm or a network firm would create a threat to independence so significant no safeguard could reduce the threat to an acceptable level.
Other corporate finance services may create advocacy or self-review threats; however, safeguards may be available to reduce these threats to an acceptable level. Examples of such services include assisting a client in developing corporate strategies, assisting in identifying or introducing a client to possible sources of capital that meet the client specifications or criteria, and providing structuring advice and assisting a client in analysing the accounting effects of proposed transactions. Safeguards that should be considered include:
* See Definitions
2 See also interpretation 2003-01
