FEE is pleased to share these Frequently Asked Questions (FAQ) on the European Directive on Statutory Audits of Annual and Consolidated Accounts and the Regulation on Statutory Audits of Public Interest Entities adopted by the European Parliament on 2 April 2014 and published in the Official Journal of the European Union on 27 May 2014.
These questions and answers are provided with the intention of informing all stakeholders at European and national level, in regulatory institutions, in professional bodies and in practice seeking clarification on the many questions raised by this legislation with a view to facilitating implementation, helping resolve practical issues and preserving and enhancing audit quality.
The legislation dealt with in these FAQs is complex and voluminous. The proposed answers in these FAQs are work in progress; they will continue evolving: new FAQs will be added and the answers proposed may be further adapted and refined.
The answers in these FAQs do not express a position of FEE or a legal opinion. They are provided on a best endeavours basis and they do not bind FEE or any of its Members. FEE will therefore not accept any liability whatsoever in any jurisdiction with respect to any aspect of these FAQs.
Readers have the possibility to provide feedback to FEE in relation to these FAQs by sending an email to [email protected]. Comments or suggested additional questions are welcome. This should however not be seen as an on-line help function and FEE makes no commitment whatsoever as to the treatment of the feedback provided.
In his time as Commissioner, Michel Barnier wanted to put the European Union (EU) on a path of triple reform aimed at making the financial sector more resilient and proposed:
Regarding the latter, on 13 October 2010, Commissioner Barnier published a Green Paper entitled “Audit Policy: Lessons from the Crisis”. He opened a consultation inviting stakeholders to respond to 38 detailed questions on the implementation of statutory audit within the EU.
After this consultation process, in November 2011, the Commission adopted two proposals for a Regulation on the quality of audits of public-interest entities and for a Directive to enhance the single market for statutory audits.
This was the beginning of a legislative debate – to which FEE significantly contributed – resulting in a provisional agreement on the Regulation and the Directive between the European Parliament, EU Member States, and the European Commission on 17 December 2013. On 21 January 2014, the Legal Affairs Committee (‘JURI’) of the European Parliament voted to adopt both the Regulation and Directive. The plenary European Parliament adopted the texts on 3 April 2014. The Council of Ministers (‘Council’), as co-legislator ratified the same text on 14 April 2014. Both texts were published in the Official Journal of the EU on 27 May 2014.
FEE has informed the public policy making process and maintain a constructive dialogue with all stakeholders. All related FEE publications can be found here.
As stated by the European Commission, the main objectives of this reform were to:
Yes, it is. Refer to FAQ n°1 for more details on the process.
The final texts are accessible via the following links:
The legislation is in the form of a Directive and a Regulation:
For a general explanation about the difference between a Directive and a Regulation, please refer to FAQ n°6.
A Directive binds Member States as to the objectives to be achieved within a certain time-limit – usually 18 to 24 months – while leaving the national authorities the choice of form and means to be used. Directives have to be implemented in national legislation in accordance with the procedures of the individual Member States.
Unlike a Directive, a Regulation binds everybody throughout the EU and is therefore directly applicable in all EU Member States without the need for any national implementing legislation. It is important to note that though a Regulation is directly binding, there are a number of options available in the Audit Regulation where Member States and Competent Authorities have a choice between options. Therefore, Member States may use additional implementing legislation that will be particularly needed where Member States will have to deal with the options available.
To come into effect, the Directive will need to be transposed by the respective Member States into their national laws in order to become effective law. Member states have two years after entry into force to adopt and publish the provisions to comply with this Directive, i.e. by 17 June 2016. After this deadline, the European Commission may sue the Member States that would fail to transpose.
Practical example for provisions with a two-year delay in the application of the Directive: Final adoption: 14 April 2014 Publication: 27 May 2014 Entry into force: 16 June 2014 Transposition deadline for Member States: 17 June 2016 |
As far as the Regulation is concerned, it technically comes into effect (“the date of entry into force”) 20 days after publication in the OJ. Nevertheless, most provisions will be applicable as from 17 June 2016, which ties in with the implementation date of the Directive – as explained above.
Namely:
Practical example for provisions with a two-year delay in the application of the Directive: Final adoption: 14 April 2014 Publication: 27 May 2014 Entry into force: 16 June 2014 Binding effect: 17 June 2016 |
The Directive amends the text of the Statutory Audit Directive (2006/43/EC) and contains a series of new and amended requirements governing every statutory audit in the European Union. Some articles of the current Statutory Audit Directive remain completely unchanged. The main amendments are related to:
FEE has prepared a table summarising the options available in the Directive, tracking the ones that have been unmodified, the amended ones and the new ones in comparison to the Statutory Audit Directive of 2006. This table is accessible here.
The Regulation is a new piece of legislation that will apply to statutory audits of Public Interest Entities (PIEs) only. The main areas of focus relate to:
FEE has prepared a table summarising the options available in the Regulation. This table is accessible here.
The definition of small and medium-sized undertakings, as well as their applicable auditing requirements, is included in the 2013 Accounting Directive. Reference is made to the FEE Factsheet on the June 2013 Accounting Directive.
With respect to exemption from the selection procedure (refer to FAQ n°17 for detail), the Regulation refers to the criteria set out in Article 2 (1) of the prospectus Directive.
Yes. The new European legislation includes a number of proportionality measures for SMEs. FEE has summarized these in a specific factsheet accessible here.
Yes. Undertakings with reduced market capitalisation or small and medium-sized PIEs (refer to FAQ n°66 for detail) are relieved from the criteria of the auditor selection process laid down in Article 16 (3) of the Regulation.
No. According to the option available in Article 39 (2) of the Directive, the functions of the audit committee in a PIE that is an SME may be performed by the administrative or supervisory body.
All the provisions of the Directive need to be transposed into national law by each individual Member State by 17 June 2016. The options taken by the Member States would also have to be accommodated into the national legislation.
The Regulation is already a binding piece of legislation on its own. However, the Regulation also includes a number of options and Member States have also to decide on their application.
The implementation has already started in some countries. Various stakeholders such as legislators, supervisors and professional bodies are getting engaged in the implementation discussions. The process and speed of implementation is different in each Member State, but the legal requirements in all of them must be compatible with the new audit policy by 17 June 2016.
Support during the implementation phase is provided from various channels. The European Commission is committed to providing guidance through the process of Q&As published on the Commission’s website and also via transposition workshops.
There are other good sources of information. For instance, FEE has already worked on a number of publications, which are intended to inform the debates held on Member State level. These can be found on the FEE website.
Normally yes. According to the legislative text, each Member State will have to communicate to the European Commission (EC) its decisions regarding the options. The EC will colligate this information and make it available to the public.
The definition of Public Interest Entity (PIE) was already included in 2006 Statutory Audit Directive (SAD) and has not significantly changed, only the related options were amended (see FAQ n°14 for more information). According to Article 2 point 13 of the revised SAD, the revised definition is as follows:
“13. ’public-interest entities’ means:
The definition is the same as the one included in Article 2 of the 2013 Accounting Directive.
The definition itself has not significantly changed as compared to the 2006/43/EC Statutory Audit Directive or the 2013/34/EU Accounting Directive. However, the identification of PIEs and thus their definition is now crucial to determine the entities which are in the scope of the Audit Regulation.
There were two options related to the definition of PIEs in the 2006 SAD. The option for Member States to designate other entities as PIEs remained unchanged in the new Audit Directive. The 2006 SAD also included a Member State option to limit the scope of the entities that have to comply with the requirements for PIEs to only those PIEs that are listed on EU regulated markets (Article 39). This option is no longer available in the amended text.
No. The definition of Public Interest Entities (PIEs) as included in the 2006 Statutory Audit Directive was transposed into the national laws differently in each Member State; some included only the minimum requirements from the Directive and some introduced broader definition.
FEE conducted a survey on the definitions of PIEs currently applicable in Europe; the outcome of this survey is accessible here.
As it was already the case in the 2006 Statutory Audit Directive, the auditor has to be formally appointed by the shareholders. Member States may also allow alternative systems of appointment that ensure the independence of the appointment. In addition for Public Interest Entities (PIEs), this formal appointment should take place after the involvement of the audit committee that is in charge of overseeing the auditor selection process (Article 39 of the Directive). Refer to FAQ n°17 for more information.
There are specific requirements relevant for the selection of the auditor of Public Interest Entities (PIES) when the maximum duration of the engagement is expiring (i.e. ten years according to the general rule included in Article 17 of the Regulation).
The selection procedure should be organised by the audited entity under the following conditions (Article 16 of the Regulation). This procedure should not be considered as a public tender (as referred to FAQ n°22):
In theory yes, but undertakings with reduced market capitalisation or small and medium-sized PIEs are relieved from the requirement to organise a selection procedure as per the criteria laid down in Article 16 of the Regulation. In practical terms, there might be different scenarios possible for the auditor selection of PIEs that are subsidiary undertakings, given the fact that this type of PIEs are exempted from the requirement to have an audit committee when an audit committee is established on the group level (refer to FAQ n°44 for more information).
As included in Article 17 of the Regulation, the general rule is that Public Interest Entities (PIEs) must rotate their auditor after a maximum period of ten years. Member States have the option to apply a shorter maximum period than ten years, which would allow Italy and the Netherlands to maintain their existing rotation requirements of nine years and eight years respectively. Member States have also the option to extend the duration of the engagement. Refer to FAQ n°22.
Yes. The minimum duration of an audit engagement is set at one year. Member States may use an option to set a longer minimum duration (Article 17 of the Regulation).
It depends on the Member States and how the Member States will have implemented the options available in the Regulation that allows extension. Refer to FAQ n°22.
The possibility to extend the duration of an audit engagement to more than ten years and the possibility to have rotation requirements that are shorter than ten years are Member State options.
A ten-year audit engagement may be extended up to:
There are specific transitional rules. Please refer to FAQ n°23 for more details.
A Public Interest Entity (PIE) may moreover request that the competent authority grant an extension to re-appoint the auditor for a maximum of two years after the expiry of the maximum duration of the engagement (Article 17 of the Regulation). However, this provision is to be used on a strictly exceptional basis.
Transitional arrangements will vary depending on the length of the audit appointment at the date the new legislation comes into force on 16 June 2014:
Adoption of the Regulation: 14 April 2014 Publication in the Official Journal: 27 May 2014 Entry into force: 16 June 2014 Deadline preventing a PIE from entering into or renewing an audit engagement with an incumbent statutory auditor or audit firm: 17 June 2020 |
Adoption of the Regulation: 14 April 2014 Publication in the Official Journal: 27 May 2014 Entry into force: 16 June 2014 Deadline preventing a PIE from entering into or renewing an audit engagement with an incumbent statutory auditor or audit firm: 17 June 2023 |
Adoption of the Regulation: 14 April 2014 Publication in the Official Journal: 27 May 2014 Entry into force: 16 June 2014 Implementation date: 17 June 2016 First rotation: 16 June 2026 at the latest, depending on when the engagement started and whether the length of the audit appointment is 10 years or less, to reappoint the auditor or audit firm or to appoint a new auditor or audit firm. Audit engagements that began between 17 June 2003 and 17 June 2006 will therefore need to change their auditors in the financial year starting on or after 17 June 2016. |
This question has been discussed at length with the European Commission and Parliament. See the Q&A of the European Parliament.
The period as auditor prior to the year in which the company meets the current PIE definition criteria should not be included in determining when the relevant limits for mandatory firm rotation are reached.
No. Beside new mandatory audit firm rotation requirements, key audit partners will have to rotate after a maximum of seven years with a cooling-off period of three years. This rotation requirement is broadly in line with the current Statutory Audit Directive (2006/43/EC) and the IESBA Code of Ethics, except for the cooling-off period which is currently of two years under the current Statutory Audit Directive and IESBA Code.
Yes and No. The requirements to rotate the key audit partner remain the same (refer to FAQ n°25).
In addition, the audit firm is now also required to establish an effective gradual rotation system for senior personnel (Article 17 of the Regulation). It comprises engagement team members with long term audit experience and at least all members of the audit team that are registered as auditors. The rotation should be executed individually.
No. Joint audit is not required by either the Regulation or the Directive. It remains, as before, a possibility for any Member State. For statutory audits of Public Interest Entities, the Regulation leaves the Member States the option of granting an extension of the rotation period under certain conditions (refer to FAQ n°22).
No. It is possible to have only one auditor until the maximum duration of the initial audit engagement expires. After that, more than one auditor, including the incumbent auditor, may be selected via tender and appointed for an additional period of maximum 14 years.
Some interpretations also suggest that a tender is not necessary even when joint audit is only performed after the maximum duration of ten years and not before.
Yes. The engagement may be renewed without a tender if more than one auditor is appointed and a joint audit report is presented.
Some interpretations also suggest that a tender is not necessary even when joint audit is only performed after the maximum duration of ten years and not before.
Yes, to the extent that these requirements are compatible with the provisions of the Regulation. Refer to FAQ n°19.
No. The maximum length of an audit engagement without tender is ten years. The option to tender enables the audit engagement to continue for a maximum of another ten years.
However, although it is not possible to ‘re-tender’ the auditor more than once, as illustrated below, it is possible to ‘re-new’ the auditor more than once. This will depend on the length of the (initial) audit engagement in a Member State.
As shown in the illustration below (A and B), these ten years before and after tender can be split into engagements of various length. It is not possible to consider the total of 20 years as one period but only as two periods of ten years Example C illustrates that, even though the total duration of an initial and renewed engagement might be 20 years, it is not possible to exceed the ten-year limit without a tender.
It is not necessary to organise a tender within the ten-year periods (for example after an initial engagement of 3 years in illustration A), unless decided otherwise by a Member State.
This is not yet known. Via its members, FEE will monitor the use of options by Member States in order to get an insight into this as soon as available.
The Regulation does not provide specific provisions on rotation requirements applicable in group audit situations with multiple PIEs. Each PIE will have to comply with the rotation rules applicable to the country in which it is based.
Subject to general principles of independence, an auditor will be able to provide any non-audit service that is not explicitly prohibited. The exact wording of Article 5, which lists the prohibitions, is included below.
The provision of ‘permissible’ services is subject to the approval of the audit committee following an assessment of the threats to independence and safeguards applied to mitigate or eliminate those threats.
Statutory auditors or audit firms performing an audit of a Public Interest Entity (PIE) cannot provide prohibited non-audit services to this entity, its parent or undertaking in:
The latter is applicable for financial years starting on or after 17 June 2016.
No. Once the engagement is terminated (the audit report is issued), the former auditor may provide non-audit services.
This has to be reconsidered if the former auditor would tender again for the provision of audit services after the cooling-off period (refer to FAQ n°36 for more information).
It depends. The list of prohibited services included FAQ n°35 cover a wide range of tax services including tax compliance, the calculation of taxes and tax advisory.
There is a Member State option to allow certain tax services which are:
i. | preparation of tax forms; |
iv. | identification of public subsidies and tax incentives; |
v. | support for tax inspections; |
vi. | calculation of direct and indirect tax and deferred tax; and |
vii. | tax advice, provided that these services “have no direct or have immaterial effect separately or in the aggregate on the audited financial statements”. |
Yes. The Regulation prohibits valuation services and almost all tax services, but Member States are provided with an option to allow:
It should be noted that Member States may apply one or more of these options differently for each of the above services.
Yes. Member States may prohibit services other than the ones listed in the Regulation.
Yes. ‘Permissible’ services, i.e. the non-audit services that can be provided according to the independence rules (Article 5 of the Regulation) and that are not included in the list of prohibited non-audit services, are limited to 70% of the average of statutory audit fees paid in the last three consecutive years.
This ‘cap’ of 70% is calculated for the statutory auditor or audit firm (and not the network); it applies to the audited entity, its parent and controlled undertakings. Services imposed by national or EU legislation shall not be included in the calculation. Member States are given an option to apply stricter conditions and also to allow temporary exceptions from this cap (Article 4 of the Regulation).
Yes. The cap does not apply to services required by EU or national law.
Yes. Member States have the option to establish stricter rules for setting the cap.
According to Article 39 of the Directive, the audit committee should be assigned functions such as:
Every Public Interest Entity (PIE) has to have an audit committee (Article 39 of the Directive brought forward from the 2006 Statutory Audit Directive), but exemptions from this requirement may be granted to audited entities that are for instance:
The audit committee should be composed of non-executive members of the administrative and/or supervisory body and/or members appointed by the general meeting of shareholders of the audited entity.
At least one member of the audit committee should have competences in accounting and/or auditing. The committee members as a whole should have competence in the sector in which the entity operates and a majority of them has to be independent of the audited entity, including the chairman. Where all members of the audit committee are members of administrative or supervisory body of the audited entity, they may be exempted from the independence requirements (Article 39 of the Directive).
The requirements on audit committees laid down in the 2014 Directive are based on the ones from the 2006 Statutory Audit Directive. Most of the newly introduced specifications for audit committees in the Directive and Regulation constitute ‘best practice’ in some Member States, they have now a legislative ground. Refer to FAQ n°47 for more details.
The fundamental independence requirements remained the same as the ones stated in the 2006 Statutory Audit Directive but are now more specific. They are described in more detail as included in Articles 22, 22a and 22b of the Directive. See question FAQ n°49 and n°50 for further information.
In connection to auditor independence, new requirements are imposed on the provision of certain non audit services. See questions FAQ n°35 FAQ n° 41 for further information.
The requirement of independence from the audited entity is put not only on the statutory auditor or audit firm, but now also on “any natural person in a position to directly or indirectly influence the outcome of the statutory audit” (Article 22 of the Directive).
The conditions of independence have to be met at least for the period of annual or consolidated accounts audited and the period in which the audit is performed. It is the responsibility of every statutory auditor or audit firm to implement all reasonable measures to maintain independence from the audited entity during such periods. Member States shall ensure that these measures are properly taken. Refer to FAQ n°36 for specifications for the provision of non-audit services.
The reporting of the auditor is divided into:
The key new requirements relate to:
The additional report to the audit committee was already required by the 2006 Statutory Audit Directive for Public Interest Entity audits where the statutory auditor or audit firm should report to the audit committee on:
The 2014 Regulation expands the content of this report with the following main additional requirements (Article 11 of the Regulation):
National oversight bodies still remain responsible for oversight at Member State level.
However, a new body is to be established, a Committee of European Audit Oversight Bodies (CEAOB), which will take over the existing role of the European Group of Auditor Oversight Bodies (EGAOB). The CEAOB will be chaired by one of the Member States and not by the European Commission. The CEAOB will comprise the national authorities responsible for auditor oversight (as does the existing EGAOB).
The competent authority shall have the ultimate responsibility for the oversight of:
Yes, it is possible. A Member State option is available in the Directive for this purpose. Member States may delegate or allow competent authorities to delegate any of their tasks to other bodies and authorities. Specific criteria need to be met for this purpose (Article 32 of the Directive):
The delegation of tasks from the competent authority to professional bodies is possible related to the audit of all companies (Public Interest Entity (PIE) and non-PIE). However, there are some additional restrictions with regards to PIE audits (Article 24 of the Regulation). Reference is made to the table below:
OVERSIGHT OF | non PIEs | PIEs |
Approval and registration of statutory auditors and audit firms | may be delegated | may be delegated |
Adoption of relevant standards | may be delegated | may be delegated |
Continuing education | may be delegated | may be delegated |
Quality assurance system | may be delegated | may NOT be delegated |
Investigative and administrative disciplinary system | may be delegated | may NOT be delegated* |
* Member States are provided with an option to delegate the tasks related to sanctions and measures, but only to a body independent from the profession.
The competent authority of each Member State will appoint one representative as a Committee member. One Member will also be nominated by the European Securities and Market Authority (ESMA), the latter having no voting rights. While the EGAOB used to be chaired by the European Commission, the CEAOB will be chaired by an elected representative of a Member State and vice chaired by a member appointed by the European Commission.
The Committee ought to assume the existing role of the European Group of Auditor Oversight Bodies (EGAOB) and be responsible for coordinating the activities of the national regulators. In broader terms, this new committee should be involved in the following coordinating activities (Article 30 of the Regulation):
The colleges of competent authorities will be a special form of cooperation across Member States, which will be supported by the CEAOB (refer to FAQ n°58 for more details). A college can be described as a coalition of competent authorities from more than one Member State with regard to a specific statutory auditor, audit firm, network or branches which are part of audit firms (Article 32 of the Regulation). Refer to FAQ n°60 FAQ n°61 for more information.
The colleges will be created upon request of the competent authority of the Members States where the given statutory auditor, audit firm, network or branch operates. The request will be submitted to the CEAOB.
A facilitator of the college is to be selected by its members within three weeks of its establishment and coordination agreements have to be specified within the next two weeks in respect of the following:
Designated competent authorities will bear the ultimate responsibility for quality assurance reviews. With regard to quality assurance of audits of non-Public Interest Entities (PIE), this task can still be delegated to professional bodies (refer to FAQ n°56 for more details on delegation).
The quality assurance review of every statutory auditor or audit firms has to be performed at least every six years and at least every three years for auditors of Public Interest Entities (PIE). However, both the Directive (Article 29) and Regulation (Article 26) require that quality assurance reviews are performed more often if evaluated as necessary by a ‘risk analysis’.
Competent authorities should be provided with at least the following sanctioning powers (Article 30a of the Directive):
Member states have the option to add other sanctioning powers to the list above.
The information about the person responsible for the breach and the nature of the breach should be published on the competent authority’s website as soon as possible and should remain available for the public for at least five years. Sanctions, which are still subject to appeal, may be published only based on permission from the Member State.
The competent authority should ensure that the publication of sanctions does not violate the right for respect of private and family life and the right for protection of personal data. The information may be disclosed anonymously by application of a Member State option not to include personal data, or for example if the inclusion of personal data would lead to disproportionate damage to the person or institution involved.