“In a rapidly changing world, audit does have a future.” That is how the report from Grant Thornton and ACCA sets the tone.
The title of this conference does not have a question mark at the end. Rightly so. I was attracted to this profession in 1971 by a Dutch report, called The auditor, Tomorrow? Yes, with a question mark—but one full of hope and perspectives. And earlier this year the Fédération des Experts Comptables Européens (Federation of European Accountants, or FEE) published a report with this promising quote: “The challenges that lie ahead for the profession go along with plenty of opportunities to further evolve and better serve new markets’ needs.”
To me, challenges and opportunities are two sides of the same future-of-audit coin. I would like to put four coins on the table today—each with its own sets of challenges and opportunities.
1. Understanding the business of the auditee, its corporate defense, and value preservation is a cornerstone of a robust audit.
The importance of the auditor’s understanding of the business was emphasized by many who commented on the IAASB’s Invitation to Comment (ITC), Enhancing Audit Quality in the Public Interest. It sounds like an open door. But it was mentioned so often with a twofold background. First, the rapidly changing world that all businesses are part of. Several panelists in the next discussion will elaborate on that. Second, a concern that audits have become a “check-the-box” exercise. Standards and rules can be good guides—but the real journey cannot be predicted. You have to find out yourselves. That is the essence of auditing—your professionalism and independence.
This understanding of the business includes how the auditee has organized its value preservation, and its corporate defense around that. I quote these concepts from a recent book by Sean Lyons that fascinated me. I don’t have the time to elaborate on this, but if I just mention the eight components of the “corporate defense umbrella,” the importance is clear: governance, risk, compliance, intelligence, security, resilience, controls, and assurance. Just one quote to illustrate: “Each organization is required to focus on bringing the dollar in through the front door (offense) while also focusing on preventing the dollar from leaving through the back door (defense).”
This certainly is a great challenge as well as an equal opportunity for assurance providers. This brings me to the next coin.
2. Professional skepticism and professional judgment are key inputs to audit quality. Professional skepticism, as a state of mind and attitude, should govern the performance of auditors (see ITC p. 12).
Professional skepticism is a fundamental concept and core to a high quality audit. The IAASB received many comments on this topic of the ITC (all comments are publicly available on the IAASB website). Let me quote a few from one of our agenda papers—they illustrate both challenges and opportunities:
- Professional skepticism is about the appropriate mindset of the auditor. It is relevant throughout the entire audit.
- A sufficient knowledge of the business enables the auditor to ask probing questions, more effectively challenge management, and identify when evidence is contradictory.
- Professional skepticism is about behavior—how can auditors be encouraged to act as critical challengers? And how can quality control at the engagement level stimulate this, such as putting together a team with the right skills, expertise, and experience?
- Training and education is important to infuse a professionally skeptical attitude into the DNA of auditors.
- There is a strong link between professional skepticism and the role of the “tone at the top” and the “tone at the middle.”
Each of us can, and should, stimulate this professional behavior. It is difficult enough!
3. “Audits are not dying yet, but they do need to adapt to the digital age.”
And now the third coin. This quote from the Grant Thornton-ACCA report says it all. And let me add another one from a book by Rob Nixon: “Industries all over the world are being disrupted by technological advancements, social change and innovative thinking.” So the scene is set. The impact of new technologies including data analytics on both businesses and audits can only be underestimated. The IAASB recently published a paper, Exploring the Growing Use of Technology in the Audit with a Focus on Data Analytics. The link between these new innovative technologies and understanding the business with all its ongoing changes is obvious. But equally important is the impact on new audit practices and methodologies. Obviously our standards were not, and could not be, written with tomorrow’s technological challenges and opportunities in mind. But the use of data analytics in the audit can lead to 1) better informed risk assessments, through understanding the business of the auditee and 2) more available evidence to support professionally skeptical behavior.
It is important that we pursue this area with great intensity and an open mind. A constructive dialogue between businesses, auditors, regulators, and standard setters is a must to make effective and efficient progress. So please send us your comments on this paper and advise us about the best way forward.
4. The new auditor reporting with key audit matters cannot be encouraged enough. It innovates the audit by clearly speaking out to users. And it provides a link to wider forms of assurance on emerging external reporting, including integrated reporting.
This brings us to the fourth and final coin and so let me conclude with my favorite topic: the innovation in auditor reporting. For many decades external users of financial statements and the attached independent auditor’s report received only one sentence from the auditor, the audit opinion. A binary pass or fail. That is now changing completely. Auditors will now provide a number of observations on key matters in the audit that are most relevant to users, in a very readable way. We know from surveys in early adoption countries, notably the United Kingdom, how much this is valued by these users. There are even investor awards for the most innovative and most insightful auditor’s reports. This new more informative and relevant reporting by the auditor helps clarify the public’s perception of what an audit is. It also stimulates professional dialogues between the company, its investors, auditors, and regulators.
It is vital that we continue to stimulate highly relevant auditor reporting. At the IAASB we have a special auditor reporting implementation support group. But all of us have a role to play here.
The new auditor’s report will also have an impact on other forms of assurance reporting. There are many interesting developments in external reporting and providing assurance thereon. Integrated reporting is a well-known example. The IAASB published a discussion paper in September 2016 on this subject, and we have recently extended the deadline for comments to February 3, 2017 so we invite you to please send us your feedback.
This is my last example of challenges and opportunities. Let’s now move to the panel!
