Audit Policy FAQs

European Directive on Statutory Audits of Annual and Consolidated Accounts and Regulation on Statutory Audit of Public Interest Entities

FEE is pleased to share these Frequently Asked Questions (FAQ) on the European Directive on Statutory Audits of Annual and Consolidated Accounts and the Regulation on Statutory Audits of Public Interest Entities adopted by the European Parliament on 2 April 2014 and published in the Official Journal of the European Union on 27 May 2014.

These questions and answers are provided with the intention of informing all stakeholders at European and national level, in regulatory institutions, in professional bodies and in practice seeking clarification on the many questions raised by this legislation with a view to facilitating implementation, helping resolve practical issues and preserving and enhancing audit quality.

The legislation dealt with in these FAQs is complex and voluminous. The proposed answers in these FAQs are work in progress; they will continue evolving: new FAQs will be added and the answers proposed may be further adapted and refined.

The answers in these FAQs do not express a position of FEE or a legal opinion. They are provided on a best endeavours basis and they do not bind FEE or any of its Members. FEE will therefore not accept any liability whatsoever in any jurisdiction with respect to any aspect of these FAQs.

Readers have the possibility to provide feedback to FEE in relation to these FAQs by sending an email to [email protected]. Comments or suggested additional questions are welcome. This should however not be seen as an on-line help function and FEE makes no commitment whatsoever as to the treatment of the feedback provided.

1. GENERAL

  • 1. What is the context of the reform of the audit market?

    In his time as Commissioner, Michel Barnier wanted to put the European Union (EU) on a path of triple reform aimed at making the financial sector more resilient and proposed:

    • The banking reform;
    • The credit rating agencies reform; and
    • The audit reform to improve the relevance of the audit, de-concentrate the market and reinforce auditor independence.

    Regarding the latter, on 13 October 2010, Commissioner Barnier published a Green Paper entitled “Audit Policy: Lessons from the Crisis”. He opened a consultation inviting stakeholders to respond to 38 detailed questions on the implementation of statutory audit within the EU.

    After this consultation process, in November 2011, the Commission adopted two proposals for a Regulation on the quality of audits of public-interest entities and for a Directive to enhance the single market for statutory audits.

    This was the beginning of a legislative debate – to which FEE significantly contributed – resulting in a provisional agreement on the Regulation and the Directive between the European Parliament, EU Member States, and the European Commission on 17 December 2013. On 21 January 2014, the Legal Affairs Committee (‘JURI’) of the European Parliament voted to adopt both the Regulation and Directive. The plenary European Parliament adopted the texts on 3 April 2014. The Council of Ministers (‘Council’), as co-legislator ratified the same text on 14 April 2014. Both texts were published in the Official Journal of the EU on 27 May 2014.

    FEE has informed the public policy making process and maintain a constructive dialogue with all stakeholders. All related FEE publications can be found here.

  • 2. What were the objectives of the European Commission when launching this project?

    As stated by the European Commission, the main objectives of this reform were to:

    • Clarify and define more precisely the role of the auditor;
    • Reinforce the independence and professional scepticism of the auditor;
    • Make the top end of the audit market more dynamic;
    • Improve the supervision of auditors;
    • Facilitate the cross-border provision of statutory audit services; and
    • Reduce unnecessary burdens for SMEs.
  • 3. Is the EU legislation on audit final?

    Yes, it is. Refer to FAQ n°1 for more details on the process.

  • 4. Where can the final texts be found?

    The final texts are accessible via the following links:

  • 5. What is the form of the approved legislation?

    The legislation is in the form of a Directive and a Regulation:

    • The Directive, which amends the text of the Statutory Audit Directive (2006/43/EC), contains a series of new and amended requirements governing every statutory audit in the European Union, as well as some requirements applicable to Public Interest Entities (PIEs) only regarding audit committees;
    • The Regulation contains a series of additional requirements that relate only to the statutory audits of PIEs in addition to the general ones stated in the Directive (refer to FAQ n°12  for more detail on PIEs).

    For a general explanation about the difference between a Directive and a Regulation, please refer to FAQ n°6.

  • 6. In general, what is the difference between a Directive and a Regulation?

    A Directive binds Member States as to the objectives to be achieved within a certain time-limit – usually 18 to 24 months – while leaving the national authorities the choice of form and means to be used. Directives have to be implemented in national legislation in accordance with the procedures of the individual Member States.

    Unlike a Directive, a Regulation binds everybody throughout the EU and is therefore directly applicable in all EU Member States without the need for any national implementing legislation. It is important to note that though a Regulation is directly binding, there are a number of options available in the Audit Regulation where Member States and Competent Authorities have a choice between options. Therefore, Member States may use additional implementing legislation that will be particularly needed where Member States will have to deal with the options available.

  • 7. When would this new legislation, once adopted, come into effect?

    To come into effect, the Directive will need to be transposed by the respective Member States into their national laws in order to become effective law. Member states have two years after entry into force to adopt and publish the provisions to comply with this Directive, i.e. by 17 June 2016. After this deadline, the European Commission may sue the Member States that would fail to transpose.

    Practical example for provisions with a two-year delay in the application of the Directive:
    Final adoption: 14 April 2014
    Publication: 27 May 2014
    Entry into force: 16 June 2014
    Transposition deadline for Member States: 17 June 2016

    As far as the Regulation is concerned, it technically comes into effect (“the date of entry into force”) 20 days after publication in the OJ.  Nevertheless, most provisions will be applicable as from 17 June 2016, which ties in with the implementation date of the Directive – as explained above.

    Namely:

    • Provisions have a two-year delay in the application, except the one regarding the appointment of the auditor (Article 16) that has a three year delay;
    Practical example for provisions with a two-year delay in the application of the Directive:
    Final adoption: 14 April 2014
    Publication: 27 May 2014
    Entry into force: 16 June 2014
    Binding effect: 17 June 2016
    • Provisions on mandatory audit firm rotation become directly effective. For transitional arrangements regarding mandatory audit firm rotation, refer to FAQ n°23 for more details.
  • 8. What are the main provisions amended in the Directive?

    The Directive amends the text of the Statutory Audit Directive (2006/43/EC) and contains a series of new and amended requirements governing every statutory audit in the European Union. Some articles of the current Statutory Audit Directive remain completely unchanged. The main amendments are related to:

    • Amendments to some definitions (Article 2) with for instance the definition of Public Interest Entity (PIE) that has been extended;
    • Amended provisions on independence and objectivity of the auditor and the overall organisation of the auditor and the audit work;
    • Quality assurance and a number of specifications and new requirements in connection to penalties and sanctions;
    • A new mechanism to adopt International Auditing Standards (ISAs) at European level; and
    • Public auditor reporting and additional internal reporting to audit committees of PIEs.
  • 9. What are the options available to Member States in the Directive?

    FEE has prepared a table summarising the options available in the Directive, tracking the ones that have been unmodified, the amended ones and the new ones in comparison to the Statutory Audit Directive of 2006. This table is accessible here.

  • 10. What are the main provisions included in the Regulation?

    The Regulation is a new piece of legislation that will apply to statutory audits of Public Interest Entities (PIEs) only. The main areas of focus relate to:

    • Restrictions on the provision of non-audit services to PIE audit clients, and especially the introduction of a list of prohibited non-audit services;
    • New requirements with regard to mandatory audit firm rotation for PIEs;
    • Auditor reporting on PIEs – external (to the public) and internal (to the audit committee) – which is now regulated in detail, including the requirement of certain disclosures;
    • The oversight of auditors and audit firms at EU level; and
    • The set-up of a new body, the Committee of European Audit Oversight Bodies (CEAOB) with extended competences.
  • 11. What are the options available to Member States and Competent Authorities in the Regulation?

    FEE has prepared a table summarising the options available in the Regulation. This table is accessible here.

10. SMALL AND MEDIUM SIZED ENTITIES (SMEs)

  • 66. What are the criteria for companies to be considered as SMEs?

    The definition of small and medium-sized undertakings, as well as their applicable auditing requirements, is included in the 2013 Accounting Directive. Reference is made to the FEE Factsheet on the June 2013 Accounting Directive.

    With respect to exemption from the selection procedure (refer to FAQ n°17 for detail), the Regulation refers to the criteria set out in Article 2 (1) of the prospectus Directive.

  • 67. Are there any specifications or exemptions related to SMEs?

    Yes. The new European legislation includes a number of proportionality measures for SMEs. FEE has summarized these in a specific factsheet accessible here.

  • 68. Are there any exceptions on the appointment of auditor for Public Interest Entities (PIEs) which are SMEs?

    Yes. Undertakings with reduced market capitalisation or small and medium-sized PIEs (refer to FAQ n°66 for detail) are relieved from the criteria of the auditor selection process laid down in Article 16 (3) of the Regulation.

  • 69. Do Public Interest Entities (PIEs) which are SMEs need to have an audit committee

    No. According to the option available in Article 39 (2) of the Directive, the functions of the audit committee in a PIE that is an SME may be performed by the administrative or supervisory body.

11. IMPLEMENTATION PHASE

  • 70. How do the legislative texts have to be implemented?

    All the provisions of the Directive need to be transposed into national law by each individual Member State by 17 June 2016. The options taken by the Member States would also have to be accommodated into the national legislation.

    The Regulation is already a binding piece of legislation on its own. However, the Regulation also includes a number of options and Member States have also to decide on their application.

  • 71. When will the implementation of the new EU audit policy start?

    The implementation has already started in some countries. Various stakeholders such as legislators, supervisors and professional bodies are getting engaged in the implementation discussions. The process and speed of implementation is different in each Member State, but the legal requirements in all of them must be compatible with the new audit policy by 17 June 2016.

  • 72. What assistance can legislators get during the implementation process?

    Support during the implementation phase is provided from various channels. The European Commission is committed to providing guidance through the process of Q&As published on the Commission’s website and also via transposition workshops.

    There are other good sources of information. For instance, FEE has already worked on a number of publications, which are intended to inform the debates held on Member State level. These can be found on the FEE website.

  • 73. Will it be possible to find out which options have been taken in all individual Member States?

    Normally yes. According to the legislative text, each Member State will have to communicate to the European Commission (EC) its decisions regarding the options. The EC will colligate this information and make it available to the public.

2. DEFINITIONS

  • 12. What is the definition of a Public Interest Entity (PIE)?

    The definition of Public Interest Entity (PIE) was already included in 2006 Statutory Audit Directive (SAD) and has not significantly changed, only the related options were amended (see FAQ n°14 for more information). According to Article 2 point 13 of the revised SAD, the revised definition is as follows:

    “13. ’public-interest entities’ means:

    1. Entities governed by the law of a Member State whose transferable securities are admitted to trading on a regulated market of any Member State within the meaning of point 14 of Article 4(1) of Directive 2004/39/EC;
    2. Credit institutions as defined in point 1 of Article 3(1) of Directive 2013/36/EU of the European Parliament and of the Council (1), other than those referred to in Article 2 of that Directive;
    3. Insurance undertakings within the meaning of Article 2(1) of Directive 91/674/EEC; or
    4. Entities designated by Member States as public-interest entities, for instance undertakings that are of significant public relevance because of the nature of their business, their size or the number of their employees.”

    The definition is the same as the one included in Article 2 of the 2013 Accounting Directive.

  • 13. Why is the definition of Public Interest Entity (PIE) important? 

    The definition itself has not significantly changed as compared to the 2006/43/EC Statutory Audit Directive or the 2013/34/EU Accounting Directive. However, the identification of PIEs and thus their definition is now crucial to determine the entities which are in the scope of the Audit Regulation.

  • 14. What are the Member States options connected to the definition of Public Interest Entities (PIEs) and their changes compared to the 2006 Statutory Audit Directive (SAD)?

    There were two options related to the definition of PIEs in the 2006 SAD. The option for Member States to designate other entities as PIEs remained unchanged in the new Audit Directive. The 2006 SAD also included a Member State option to limit the scope of the entities that have to comply with the requirements for PIEs to only those PIEs that are listed on EU regulated markets (Article 39). This option is no longer available in the amended text.

  • 15. Are the Public Interest Entities (PIEs) similarly defined in each Member State? 

    No. The definition of Public Interest Entities (PIEs) as included in the 2006 Statutory Audit Directive was transposed into the national laws differently in each Member State; some included only the minimum requirements from the Directive and some introduced broader definition.
    FEE conducted a survey on the definitions of PIEs currently applicable in Europe; the outcome of this survey is accessible here.

3. APPOINTMENT OF THE AUDITOR

  • 16. By whom has the auditor to be appointed?

    As it was already the case in the 2006 Statutory Audit Directive, the auditor has to be formally appointed by the shareholders. Member States may also allow alternative systems of appointment that ensure the independence of the appointment. In addition for Public Interest Entities (PIEs), this formal appointment should take place after the involvement of the audit committee that is in charge of overseeing the auditor selection process (Article 39 of the Directive). Refer to FAQ n°17 for more information.

  • 17. Are special requirements placed upon the procedure of selection of the auditor?

    There are specific requirements relevant for the selection of the auditor of Public Interest Entities (PIES) when the maximum duration of the engagement is expiring (i.e. ten years according to the general rule included in Article 17 of the Regulation).
    The selection procedure should be organised by the audited entity under the following conditions (Article 16 of the Regulation). This procedure should not be considered as a public tender (as referred to FAQ n°22):

    • Any statutory auditor or audit firm can be invited to submit a proposal for the provision of statutory audit as long as the conditions of maximum duration of the audit engagement are satisfied and the organisation of the tender process does not in any way preclude the participation of firms which received less than 15 % of the total audit fees from PIEs in the Member State concerned in the previous calendar year;
    • Invited auditors should be provided with tender documents that provide a basic understanding of the entity and clearly set the selection criteria;
    • The report on the conclusions of the selection procedure should be based on the criteria stated in the tender documents and has to be validated by the audit committee;
    • Any findings or conclusions of inspections of applicant-auditors should be taken into consideration;
    • The entity to be audited must be able to present documentation of the fair conduction of the selection procedure to the competent authority if required.
  • 18. Do all Public Interest Entities (PIES) have to comply with these specific criteria to select their auditor?

    In theory yes, but undertakings with reduced market capitalisation or small and medium-sized PIEs are relieved from the requirement to organise a selection procedure as per the criteria laid down in Article 16 of the Regulation. In practical terms, there might be different scenarios possible for the auditor selection of PIEs that are subsidiary undertakings, given the fact that this type of PIEs are exempted from the requirement to have an audit committee when an audit committee is established on the group level (refer to FAQ n°44 for more information).

  • 19. What kind of requirements are included in the Regulation with regard to mandatory audit firm rotation?

    As included in Article 17 of the Regulation, the general rule is that Public Interest Entities (PIEs) must rotate their auditor after a maximum period of ten years. Member States have the option to apply a shorter maximum period than ten years, which would allow Italy and the Netherlands to maintain their existing rotation requirements of nine years and eight years respectively.  Member States have also the option to extend the duration of the engagement. Refer to FAQ n°22.

  • 20. Is there also a minimum duration of the audit engagement?

    Yes. The minimum duration of an audit engagement is set at one year. Member States may use an option to set a longer minimum duration (Article 17 of the Regulation).

  • 21. Will companies be able to extend the duration of the engagement above ten years?

    It depends on the Member States and how the Member States will have implemented the options available in the Regulation that allows extension. Refer to FAQ n°22.

  • 22. How can the duration of an audit engagement be extended?

    The possibility to extend the duration of an audit engagement to more than ten years and the possibility to have rotation requirements that are shorter than ten years are Member State options.

    A ten-year audit engagement may be extended up to:

    • A total period of 20 years, but only if a public tender takes effect upon the expiry of the first ten year period (or a shorter period if decided by a Member State). Refer to FAQ n°28 and n°30.
    • A total period of 24 years, but only if two auditors – i.e. via a joint audit – are simultaneously appointed after the maximum duration period and present a joint report. Refer to FAQ n°29 and n°30.

    There are specific transitional rules. Please refer to FAQ n°23 for more details.

    A Public Interest Entity (PIE) may moreover request that the competent authority grant an extension to re-appoint the auditor for a maximum of two years after the expiry of the maximum duration of the engagement (Article 17 of the Regulation). However, this provision is to be used on a strictly exceptional basis.

  • 23. What are the transitional arrangements for the provision on mandatory audit firm rotation?

    Transitional arrangements will vary depending on the length of the audit appointment at the date the new legislation comes into force on 16 June 2014:

    • If the statutory auditor or audit firm of a Public Interest Entity (PIE) has been in place for 20 years or more (audit engagements that began prior to 17 June 1994), the PIE cannot enter into or renew the engagement after six years  of entry into force, namely:
    Adoption of the Regulation: 14 April 2014
    Publication in the Official Journal: 27 May 2014
    Entry into force: 16 June 2014
    Deadline preventing a PIE from entering into or renewing an audit engagement with an incumbent statutory auditor or audit firm: 17 June 2020
    • If the statutory auditor or audit firm of a PIE has been in place for between 11 and 20 years (audit engagements that began between 17 June 1994 and 16 June 2003), the PIE cannot enter into or renew the engagement after nine years of entry into force, namely:
    Adoption of the Regulation: 14 April 2014
    Publication in the Official Journal: 27 May 2014
    Entry into force: 16 June 2014
    Deadline preventing a PIE from entering into or renewing an audit engagement with an incumbent statutory auditor or audit firm: 17 June 2023
    • Otherwise, the new regime will apply on the engagements that were entered into before the date of entry into force of the legislation (after 16 June 2003 but before 16 June 2014) and that are still in place on the legislation implementation date (17 June 2016), namely:
    Adoption of the Regulation: 14 April 2014
    Publication in the Official Journal: 27 May 2014
    Entry into force: 16 June 2014
    Implementation date: 17 June 2016
    First rotation: 16 June 2026 at the latest, depending on when
    the engagement started and whether the length of the audit appointment is 10
    years or less, to reappoint the auditor or audit firm or to appoint a new
    auditor or audit firm.
    Audit engagements that began between 17 June 2003 and 17 June 2006 will
    therefore need to change their auditors in the financial year starting on or
    after 17 June 2016.

    This question has been discussed at length with the European Commission and Parliament. See the Q&A of the European Parliament.

  • 24. How does mandatory audit firm rotation apply when an entity meets the current Public Interest Entity (PIE) definition and keeps the same auditor?

     The period as auditor prior to the year in which the company meets the current  PIE definition criteria should not be included in determining when the relevant limits for mandatory firm rotation are reached.

  • 25. Do these new firm rotation requirements replace the provision included in the Statutory Audit Directive (2006/43/EC) to rotate audit partners every 7 years?

    No. Beside new mandatory audit firm rotation requirements, key audit partners will have to rotate after a maximum of seven years with a cooling-off period of three years. This rotation requirement is broadly in line with the current Statutory Audit Directive (2006/43/EC) and the IESBA Code of Ethics, except for the cooling-off period which is currently of two years under the current Statutory Audit Directive and IESBA Code.

  • 26. Are there any new requirements on the rotation inside the audit firm?

    Yes and No. The requirements to rotate the key audit partner remain the same (refer to FAQ n°25).

    In addition, the audit firm is now also required to establish an effective gradual rotation system for senior personnel (Article 17 of the Regulation). It comprises engagement team members with long term audit experience and at least all members of the audit team that are registered as auditors. The rotation should be executed individually.

  • 27. Are joint audits going to become mandatory throughout the EU?

    No. Joint audit is not required by either the Regulation or the Directive. It remains, as before, a possibility for any Member State. For statutory audits of Public Interest Entities, the Regulation leaves the Member States the option of granting an extension of the rotation period under certain conditions (refer to FAQ n°22).

  • 28. When must a tender be performed in order to extend the period?

    Based on the legislative text, the tender has to be performed “to take effect upon the expiry of the maximum duration period”. Refer to FAQ n°19 and n°21 for more information on the duration period.

  • 29. If the option to extend the duration of the audit engagement via joint audit is available, does joint audit necessarily needs to be applied during the whole period of 24 years?

    No. It is possible to have only one auditor until the maximum duration of the initial audit engagement expires. After that, more than one auditor, including the incumbent auditor, may be selected via tender and appointed for an additional period of maximum 14 years.
    Some interpretations also suggest that a tender is not necessary even when joint audit is only performed after the maximum duration of ten years and not before.

  • 30. If the option to extend the audit engagement via joint audit is applied, does it mean that there is no need to tender after the expiry of the maximum duration of the initial audit engagement?

    Yes. The engagement may be renewed without a tender if more than one auditor is appointed and a joint audit report is presented.
    Some interpretations also suggest that a tender is not necessary even when joint audit is only performed after the maximum duration of ten years and not before.

  • 31. Will the Member States that already have mandatory audit firm rotation requirements be able to keep their current regimes?

    Yes, to the extent that these requirements are compatible with the provisions of the Regulation. Refer to FAQ n°19.

  • 32. If a Member State sets the maximum duration of the initial audit engagement shorter than ten years, would it be possible to re-tender more than once to achieve the maximum of 20 years?

    No. The maximum length of an audit engagement without tender is ten years. The option to tender enables the audit engagement to continue for a maximum of another ten years.

    However, although it is not possible to ‘re-tender’ the auditor more than once, as illustrated below, it is possible to ‘re-new’ the auditor more than once. This will depend on the length of the (initial) audit engagement in a Member State.

    As shown in the illustration below (A and B), these ten years before and after tender can be split into engagements of various length. It is not possible to consider the total of 20 years as one period but only as two periods of ten years Example C illustrates that, even though the total duration of an initial and renewed engagement might be 20 years, it is not possible to exceed the ten-year limit without a tender.

    It is not necessary to organise a tender within the ten-year periods (for example after an initial engagement of 3 years in illustration A), unless decided otherwise by a Member State.

  • 33. Which Member States will exercise their option to extend to 20 or 24 years and which may choose periods shorter than ten years?

    This is not yet known. Via its members, FEE will monitor the use of options by Member States in order to get an insight into this as soon as available.

  • 34. If a Group (e.g. a banking group) has Public Interest Entity (PIE) subsidiaries in different EU territories which have different maximum rotation periods, how will the provisions of the Regulation apply?

    The Regulation does not provide specific provisions on rotation requirements applicable in group audit situations with multiple PIEs. Each PIE will have to comply with the rotation rules applicable to the country in which it is based.

4. PROVISION OF SERVICES

  • 35. What kind of non-audit services can be provided?

    Subject to general principles of independence, an auditor will be able to provide any non-audit service that is not explicitly prohibited. The exact wording of Article 5, which lists the prohibitions, is included below.

    1. tax services relating to:
      1. preparation of tax forms;
      2. payroll tax;
      3. customs duties;
      4. identification of public subsidies and tax incentives unless support from the statutory auditor or the audit firm in respect of such services is required by law;
      5. support regarding tax inspections by tax authorities unless support from the statutory auditor or the audit firm in respect of such inspections is required by law;
      6. calculation of direct and indirect tax and deferred tax; and
      7. provision of tax advice;
    2. services that involve playing any part in the management or decision-making of the audited entity;
    3. bookkeeping and preparing accounting records and financial statements;
    4. payroll services;
    5. designing and implementing internal control or risk management procedures related to the preparation and/or control of financial information or designing and implementing financial information technology systems;
    6. valuation services, including valuations performed in connection with actuarial services or litigation support services;
    7. legal services, with respect to:
      1. the provision of general counsel;
      2. negotiating on behalf of the audited entity; and
      3. acting in an advocacy role in the resolution of litigation;
    8. services related to the audited entity’s internal audit function;
    9. services linked to the financing, capital structure and allocation, and investment strategy of the audited entity, except providing assurance services in relation to the financial statements, such as the issuing of comfort letters in connection with prospectuses issued by the audited entity;
    10. promoting, dealing in, or underwriting shares in the audited entity;
    11. human resources services, with respect to:
      1. management in a position to exert significant influence over the preparation of the accounting records or financial statements which are the subject of the statutory audit, where such services involve:
        1.  searching for or seeking out candidates for such position; or
        2.  undertaking reference checks of candidates for such positions;
      2. structuring the organisation design; and
      3. cost control.

    The provision of ‘permissible’ services is subject to the approval of the audit committee following an assessment of the threats to independence and safeguards applied to mitigate or eliminate those threats.

  • 36. For what entities and periods does the prohibition of non-audit services apply?

    Statutory auditors or audit firms performing an audit of a Public Interest Entity (PIE) cannot provide prohibited non-audit services to this entity, its parent or undertaking in:

    • The period between the beginning of the period audited and the issuing of the audit report; and
    • The financial year immediately preceding the period referred to in the point above in relation to the provision of internal controls, risk management and financial information technology systems services.

    The latter is applicable for financial years starting on or after 17 June 2016.

  • 37. Is there any limitation on the non-audit services provided by an auditor to a former Public Interest Entity (PIE) audit client?

    No. Once the engagement is terminated (the audit report is issued), the former auditor may provide non-audit services.
    This has to be reconsidered if the former auditor would tender again for the provision of audit services after the cooling-off period (refer to FAQ n°36 for more information).

  • 38. Tax services – Are all tax services prohibited?

    It depends. The list of prohibited services included FAQ n°35 cover a wide range of tax services including tax compliance, the calculation of taxes and tax advisory.

    There is a Member State option to allow certain tax services which are:

     i.  preparation of tax forms;
     iv.  identification of public subsidies and tax incentives;
     v.  support for tax inspections;
     vi.  calculation of direct and indirect tax and deferred tax; and
     vii.  tax advice, provided that these services “have no direct or have immaterial effect separately or in the aggregate on the audited financial statements”.
  • 39. Is it possible for a Member State to allow certain prohibited non-audit services?

    Yes. The Regulation prohibits valuation services and almost all tax services, but Member States are provided with an option to allow:

    • (f) valuation services; and
    • certain tax services as detailed FAQ n°37.

    It should be noted that Member States may apply one or more of these options differently for each of the above services.

  • 40. Is it possible for a Member State to prohibit other non-audit services than the ones listed in Article 5 of the Regulation?

    Yes. Member States may prohibit services other than the ones listed in the Regulation.

  • 41. Are there any limitations for the provision of non-audit services which are not prohibited?

    Yes. ‘Permissible’ services, i.e. the non-audit services that can be provided according to the independence rules (Article 5 of the Regulation) and that are not included in the list of prohibited non-audit services, are limited to 70% of the average of statutory audit fees paid in the last three consecutive years.

    This ‘cap’ of 70% is calculated for the statutory auditor or audit firm (and not the network); it applies to the audited entity, its parent and controlled undertakings. Services imposed by national or EU legislation shall not be included in the calculation. Member States are given an option to apply stricter conditions and also to allow temporary exceptions from this cap (Article 4 of the Regulation).

  • 42. Are any non-audit services excluded from the cap?

    Yes. The cap does not apply to services required by EU or national law.

  • 43. Can the cap be set differently?

    Yes. Member States have the option to establish stricter rules for setting the cap.

  • 47. What are the tasks of the audit committee?

    According to Article 39 of the Directive, the audit committee should be assigned functions such as:

    • Informing the administrative or supervisory body of the audited entity of the outcome of the statutory audit and explain the role of the audit committee in that process;
    • Monitoring the financial reporting process and submit recommendations to ensure its integrity;
    • Monitoring the effectiveness of the internal quality control and risk management systems;
    • Monitoring the process of the audit of statutory or consolidated financial statements;
    • Reviewing and monitoring the independence of the statutory auditor or audit firm, in particular the appropriateness of the provision of non-audit services (see question FAQ n°35 for more information); and
    • Being responsible for the procedure for the selection of the statutory auditor or audit firm (see question FAQ n°17 for more information).

5. AUDIT COMMITTEE

  • 44. Which companies have to have an audit committee?

    Every Public Interest Entity (PIE) has to have an audit committee (Article 39 of the Directive brought forward from the 2006 Statutory Audit Directive), but exemptions from this requirement may be granted to audited entities that are for instance:

    • Small or medium-sized undertakings where the functions of the audit committee are performed by an administrative or supervisory body;
    • PIEs, which are subsidiary undertakings, when the audit committee is established on the group level; or
    • PIEs with a body performing equivalent functions to an audit committee in accordance with legal provisions in the Member State in which the entity is registered.
  • 45. Who can be a member of an audit committee?

    The audit committee should be composed of non-executive members of the administrative and/or supervisory body and/or members appointed by the general meeting of shareholders of the audited entity.

    At least one member of the audit committee should have competences in accounting and/or auditing. The committee members as a whole should have competence in the sector in which the entity operates and a majority of them has to be independent of the audited entity, including the chairman. Where all members of the audit committee are members of administrative or supervisory body of the audited entity, they may be exempted from the independence requirements (Article 39 of the Directive).

  • 46. Are there any significant changes to the role of the audit committee?

    The requirements on audit committees laid down in the 2014 Directive are based on the ones from the 2006 Statutory Audit Directive. Most of the newly introduced specifications for audit committees in the Directive and Regulation constitute ‘best practice’ in some Member States, they have now a legislative ground. Refer to FAQ n°47 for more details.

6. AUDITOR INDEPENDENCE

  • 48. Are there any changes to the independence requirements placed upon the statutory auditor?

    The fundamental independence requirements remained the same as the ones stated in the 2006 Statutory Audit Directive but are now more specific. They are described in more detail as included in Articles 22, 22a and 22b of the Directive. See question FAQ n°49 and n°50 for further information.

    In connection to auditor independence, new requirements are imposed on the provision of certain non audit services. See questions FAQ n°35 FAQ n° 41 for further information.

  • 49. On whom are the independence requirements placed?

    The requirement of independence from the audited entity is put not only on the statutory auditor or audit firm, but now also on “any natural person in a position to directly or indirectly influence the outcome of the statutory audit” (Article 22 of the Directive).

  • 50. When does the auditor have to meet the independence requirements?

    The conditions of independence have to be met at least for the period of annual or consolidated accounts audited and the period in which the audit is performed. It is the responsibility of every statutory auditor or audit firm to implement all reasonable measures to maintain independence from the audited entity during such periods. Member States shall ensure that these measures are properly taken. Refer to FAQ n°36 for specifications for the provision of non-audit services.

7. AUDITOR REPORTING

  • 51. Are there any significant changes connected to the reporting of the auditor?

    The reporting of the auditor is divided into:

    • The reporting to the public (refer to FAQ n°52 for more information); and
    • The internal reporting represented by the additional report to the audit committee, which was already required by the 2006 Statutory Audit Directive for Public Interest Entity (PIE) audits. In this report, the statutory auditor or audit firm reports to the audit committee on key matters arising from the statutory audit, and in particular on material weaknesses in internal controls with regard to the financial reporting process (refer to FAQ n°53 for more information).
  • 52. What are the key new requirements for auditor reporting to the public?

    The key new requirements relate to:

    • The audit report for ‘all’ statutory audits in the EU (not just statutory audit of Public Interest Entities (PIEs)) will need to “[…] provide a statement on any material uncertainty relating to events or conditions that may cast significant doubt about the entity’s ability to continue as a going concern” (Article 28 of the Directive).
    • In addition and for PIEs only, the audit report will need to “[…] provide, in support of the audit opinion, a description of the most significant assessed risks of material misstatement, including assessed risks of material misstatement due to fraud, a summary of the auditor’s response to those risks, and where relevant, key observations arising with respect to those risks” (Article 10 of the Regulation).
    • Other new requirements applicable to PIE audits include:
      • A declaration that prohibited non-audit services have not been provided and that the statutory auditor or audit firm is independent of the entity;
      • A disclosure in the public report of the list of non-audit services provided to the audited entity and its controlled undertakings that have not been disclosed in the management report or financial statements.
  • 53. What has to be included in the additional report to the audit committee?

    The additional report to the audit committee was already required by the 2006 Statutory Audit Directive for Public Interest Entity audits where the statutory auditor or audit firm should report to the audit committee on:

    • Key matters arising from the statutory audit, and in particular on
    • Material weaknesses in internal controls with regard to the financial reporting process.

    The 2014 Regulation expands the content of this report with the following main additional requirements (Article 11 of the Regulation):

    • A description of the frequency and nature of communication between the statutory auditor or audit firm and the audit committee, management and/or supervisory board, including dates of meetings;
    • A description of the audit methodology used, including which categories of the balance sheet have been directly verified and which have been based on system and compliance testing;
    • A disclosure of the quantitative level of materiality applied to perform the statutory audit for the financial statements as a whole and, if applicable, the materiality level or levels for particular classes of transactions, account balances or disclosures;
    • An explanation on the judgments about events or conditions identified during the course of the audit that may cast significant doubt on the entity’s ability to continue as a going concern and whether they constitute a material uncertainty;
    • A report on any significant deficiencies in the internal financial control system, as well as in the accounting system. For each significant deficiency, the additional report shall state whether or not the deficiency in question has been resolved by the management;
    • A report on any significant matters involving actual or suspected non-compliance with laws and regulations or articles of association, which were identified during the course of the audit, in so far as they are considered to be relevant in order to enable the audit committee to fulfil its tasks;
    • An assessment of the valuation methods applied to the various items in the annual or consolidated financial statements, including any impact of changes of such methods;
    • A report on any significant difficulties encountered during the audit, any significant matters arising from the audit that were discussed, or subject to correspondence with management or any other matters arising from the statutory audit that in the auditor’s professional judgement are significant to the oversight of the financial reporting process.

8. OVERSIGHT

  • 54. Who will be responsible for auditor oversight?

    National oversight bodies still remain responsible for oversight at Member State level.
    However, a new body is to be established, a Committee of European Audit Oversight Bodies (CEAOB), which will take over the existing role of the European Group of Auditor Oversight Bodies (EGAOB). The CEAOB will be chaired by one of the Member States and not by the European Commission. The CEAOB will comprise the national authorities responsible for auditor oversight (as does the existing EGAOB).

  • 55. What kind of oversight tasks are under the ultimate responsibility of competent authorities?

    The competent authority shall have the ultimate responsibility for the oversight of:

    • The approval and registration of statutory auditors and audit firms;
    • The adoption of standards (professional ethics, internal quality control of audit firms and auditing) – except when these are in the competence of other Member States’ authorities; and
    • The continuing education, quality assurance system, investigative and administrative disciplinary systems.
  • 56. Would it be possible to delegate oversight to professional bodies?

    Yes, it is possible. A Member State option is available in the Directive for this purpose. Member States may delegate or allow competent authorities to delegate any of their tasks to other bodies and authorities. Specific criteria need to be met for this purpose (Article 32 of the Directive):

    • Conditions for delegation and tasks to be delegated should be specified;
    • The issue of conflict of interest is to be addressed prior to the delegation;
    • The competent authority is able to reclaim its competences on a case by case basis when necessary.

    The delegation of tasks from the competent authority to professional bodies is possible related to the audit of all companies (Public Interest Entity (PIE) and non-PIE). However, there are some additional restrictions with regards to PIE audits (Article 24 of the Regulation). Reference is made to the table below:

    OVERSIGHT OF non PIEs PIEs
    Approval and registration of statutory auditors and audit firms may be delegated may be delegated
    Adoption of relevant standards may be delegated may be delegated
    Continuing education may be delegated may be delegated
    Quality assurance system may be delegated may NOT be delegated
    Investigative and administrative disciplinary system may be delegated may NOT be delegated*

    * Member States are provided with an option to delegate the tasks related to sanctions and measures, but only to a body independent from the profession. 

  • 57. What will be the composition of the CEAOB?

    The competent authority of each Member State will appoint one representative as a Committee member. One Member will also be nominated by the European Securities and Market Authority (ESMA), the latter having no voting rights. While the EGAOB used to be chaired by the European Commission, the CEAOB will be chaired by an elected representative of a Member State and vice chaired by a member appointed by the European Commission.

  • 58. What will be the tasks of the CEAOB?

    The Committee ought to assume the existing role of the European Group of Auditor Oversight Bodies (EGAOB) and be responsible for coordinating the activities of the national regulators. In broader terms, this new committee should be involved in the following coordinating activities (Article 30 of the Regulation):

    • Facilitating the exchange of information, expertise and best practice for the implementation of the 2014 Directive and 2014 Regulation;
    • Providing expert advice to the Commission as well as to the competent authorities, at their request, on issues related to the implementation of the 2014 Directive and 2014 Regulation;
    • Contributing to the technical assessment of public oversight systems of third countries and to the international cooperation between Member States and third countries in that area;
    • Contributing to the improvement of cooperation mechanisms for the oversight of Public Interest Entities’ (PIEs’) audit firms or the networks they belong to via the creation of colleges of competent authorities (refer to FAQ n°59 and n°60 for more information);
    • Contributing to the technical examination of international auditing standards, including the processes for their elaboration, with a view to their adoption at Union level.
  • 59. What will be the colleges of competent authorities?

    The colleges of competent authorities will be a special form of cooperation across Member States, which will be supported by the CEAOB (refer to FAQ n°58 for more details). A college can be described as a coalition of competent authorities from more than one Member State with regard to a specific statutory auditor, audit firm, network or branches which are part of audit firms (Article 32 of the Regulation). Refer to FAQ n°60 FAQ n°61  for more information.

  • 60. How will the colleges of competent authorities be created?

    The colleges will be created upon request of the competent authority of the Members States where the given statutory auditor, audit firm, network or branch operates. The request will be submitted to the CEAOB.

  • 61. How is the college of competent authorities governed?

    A facilitator of the college is to be selected by its members within three weeks of its establishment and coordination agreements have to be specified within the next two weeks in respect of the following:

    • Information to be exchanged between competent authorities;
    • Cases in which the competent authorities must consult each other;
    • Cases in which the competent authorities may delegate their oversight tasks.

9. QUALITY ASSURANCE AND SANCTIONS

  • 62. Who will be responsible for quality assurance?

    Designated competent authorities will bear the ultimate responsibility for quality assurance reviews. With regard to quality assurance of audits of non-Public Interest Entities (PIE), this task can still be delegated to professional bodies (refer to FAQ n°56 for more details on delegation).

  • 63. Are there any changes in the frequency of quality assurance reviews?

    The quality assurance review of every statutory auditor or audit firms has to be performed at least every six years and at least every three years for auditors of Public Interest Entities (PIE). However, both the Directive (Article 29) and Regulation (Article 26) require that quality assurance reviews are performed more often if evaluated as necessary by a ‘risk analysis’.

  • 64. What type of sanctions may be imposed by competent authorities?

    Competent authorities should be provided with at least the following sanctioning powers (Article 30a of the Directive):

    • A notice requiring the natural or legal person responsible for the breach to cease such conduct and to abstain from any repetition of that conduct;
    • A public statement, which indicates the person responsible and the nature of the breach, published on the website of competent authorities (see question FAQ n°65 for more detail).
    • A temporary prohibition of up to three years banning:
      • The statutory auditor, the audit firm or the key audit partner from carrying out statutory audits and/or signing audit reports;
      • A member of an audit firm or a member of an administrative or management body of a Public Interest Entity (PIE) from exercising functions in audit firms or PIEs;
    • A declaration that the audit report does not meet the EU requirements;
    • Administrative pecuniary sanctions on natural and legal persons.

    Member states have the option to add other sanctioning powers to the list above.

  • 65. Are there any specifications for the publication of sanctions?

    The information about the person responsible for the breach and the nature of the breach should be published on the competent authority’s website as soon as possible and should remain available for the public for at least five years. Sanctions, which are still subject to appeal, may be published only based on permission from the Member State.

    The competent authority should ensure that the publication of sanctions does not violate the right for respect of private and family life and the right for protection of personal data. The information may be disclosed anonymously by application of a Member State option not to include personal data, or for example if the inclusion of personal data would lead to disproportionate damage to the person or institution involved.

Sign up for our newsletter

* indicates required
Would you like to subscribe to our newsletter?
On which topics would you like to receive news?