Explanatory Memorandum to COM(2004)177 - Statutory audit of annual accounts and consolidated accounts

Please note

This page contains a limited version of this dossier in the EU Monitor.



1.1. Grounds and objectives

The recent spate of scandals in the US and the EU have emphasised that statutory audit is an important element in ensuring the credibility and reliability of companies' financial statements. Significant economic damage to the capital markets and the economy has resulted.

Recent scandals also confirm the urgency and the need for the envisaged EU initiatives on statutory audit outlined in the May 2003 Commission Communication 'Reinforcing the statutory audit in the EU'. This proposal is one of the most important initiatives of this Communication. It considerably broadens the scope of the former Eighth Council Directive by clarifying the duties of statutory auditors, their independence and ethics, by introducing a requirement for external quality assurance, by ensuring robust public oversight over the audit profession and by improving co-operation between oversight bodies in the EU.

The proposal also provides a basis for effective and balanced international regulatory co-operation with oversight bodies of third countries such as the US Public Company Accounting Oversight Board (PCAOB). This is crucial because capital markets today are globally interconnected.

This proposal is not a knee-jerk reaction to recent corporate scandals. It is the logical consequence of a reorientation of the EU policy on statutory audit started back in 1996. However, the initial thinking has been adapted to take account of the most recent scandals. For example, the proposal now states that the group auditor bears full responsibility for the audit report on the consolidated accounts of a group of companies and it requires an independent audit committee in all public interest entities.


1.2. General context and history

The Fourth Council Directive 78/660/EEC of 25 July 1978 i on the annual accounts of certain types of companies, the Seventh Council Directive 83/349/EEC of 13 June 1983 on consolidated accounts i, Council Directive 86/635/EEC of 8 December 1986 on the annual accounts and consolidated accounts of banks and other financial institutions i and Council Directive 91/674/EEC of 19 December 1991 on the annual accounts and consolidated accounts of insurance undertakings i require that the annual accounts or consolidated accounts are audited by one or more persons entitled to carry out such audits.

The Eighth Council Directive 84/253/EEC of 10 April 1984 i on the approval of persons responsible for carrying out the statutory audits of accounting documents deals primarily with the approval of statutory auditors in Member States. Although the Directive contains some requirements on registration and professional integrity, it does not include requirements on how a statutory audit should be conducted and the degree of public oversight or external quality assurance which is needed to ensure a high audit quality.

The lack of a harmonised approach to statutory auditing in the EU was the main reason behind the Commission's organisation in 1996 of a wide-ranging reflection on the scope and need for further action at EU level on statutory audit. This reflection was initiated by the Commission's 1996 Green Paper i on 'The Role, Position and Liability of the Statutory Auditor in the EU'. Responses to the Green Paper suggested a need for action at EU level beyond that laid down in the Eighth Council Directive. The policy conclusions which the Commission drew from these reflections were included in the 1998 Commission Communication 'The Statutory Audit in the European Union, the way forward' i.

The 1998 Communication proposed the creation of an EU Committee on Auditing, which would develop further action in close co-operation between the accounting profession and Member States. The objective of the Committee was to discuss ways and means to improve audit quality, where possible by agreeing on non-binding measures. Key subjects on its agenda have been external quality assurance, auditing standards and auditor independence.

On the basis of the preparatory work by the EU Committee on Auditing, the Commission issued a Recommendation on 'Quality Assurance for the Statutory Auditor in the EU' i in November 2000 and a Recommendation on Statutory Auditors' Independence in the EU in May 2002 i. Preparatory work on the use of international standards on auditing (ISAs) has also been carried out.

This proposal maintains the basic conditions on education and training from the existing Directive. This means that the conditions for approval of statutory auditors and audit firms are not fundamentally changed. However, the proposal broadens the scope of application of EU legislation by introducing new requirements concerning the manner in which an audit should be carried out and the structures needed to ensure audit quality as well as ensure trust in the audit function.

Whilst statutory audit is of major importance in ensuring proper financial reporting, it is of course not the only factor under scrutiny following recent financial reporting scandals. Audit is an element of a larger system of actors and regulators involved in transparent financial reporting for the EU capital market such as the management of the reporting entity, securities markets supervisors and other sector specific supervisors. The proposed Directive on statutory audit should therefore be seen in the wider context of EU actions included in the Financial Services Action Plan. Particularly important in this respect are the Commission Communication of 21 May 2003 on Modernising Company Law and Enhancing Corporate Governance in the EU - A plan to Move forward i; the move to international accounting standards from 2005 onwards; and the market abuse (2003/6/EC on insider dealing and market manipulation) and prospectus (2003/71/EC on the prospectus to be published when securities are offered to the public or admitted to trading) Directives agreed recently in codecision.



Chapter I Subject matter and Definitions (Articles 1 and 2)

In accordance with Article 1, this Directive only deals with statutory audit in so far as such audit is required by Community law (for instance by the Fourth and Seventh Council Directives).

Statutory auditor and audit firm are separately defined. This provides more clarity in the precise scope of regulation and takes account of the fact that a number of provisions deal specifically with audit firms. This reflects the fact that since the adoption of the Eighth Council Directive in 1984 audit firms have grown in size and importance.

Statutory audit is defined as the audit of annual or consolidated accounts of entities covered by Community law Directives. Member States may also require statutory audits in other situations and where they do so make them subject to the same requirements.

Public interest entities is a concept that was discussed and developed during the preparation of the Recommendations on quality assurance and auditor independence in the EU Committee on Auditing. Criteria used to define public relevance are having securities listed, the nature of the business (for example banks and insurance companies) or the size of the business (number of people employed). Recent scandals show the importance of further strengthening requirements concerning audits in public interest entities. However, it would be overly burdensome and disproportionate to extend these enhanced requirements to the large majority of other statutory audits. Chapter XI contains the specific requirements for statutory audits in public interest entities. For example, public interest entities shall have an independent audit committee; the audit firms of public interest entities shall be subject to more stringent independence requirements; and their auditors should publish an annual transparency report.

All listed companies whose securities are admitted to trading on a regulated market, all banks and insurance undertakings are by definition considered to be public interest entities. Member States may want to enlarge the scope by including for instance hospitals or pension funds into the definition.


Chapter II Approval, Continuous Education and Mutual Recognition (Articles 3 to 14)

This section basically repeats the present requirements of the Eighth Directive. For the approval of audit firms, Article 3 i (b) and (c) no longer allows a Member State to require that the majority of the voting rights and the majority of the administrative or management body should be only in the hands of statutory auditors or audit firms that are approved in that specific Member State. The proposal removes restrictions on ownership and management that are currently possible under the Eighth Council Directive. The proposal states very clearly that the majority ownership of an audit firm should be held by statutory auditors or audit firms approved in any Member State. This change enhances compatibility with internal market rules and will also allow for the creation of more fully integrated EU audit firms.

In this chapter, an aptitude test is prescribed for the approval of statutory auditors from other Member States. This departure from the recent proposal for a Directive on Services in the internal market (COM(2004)2 final.13.1.2004) is justified because of the need for statutory auditors to be fully aware of the specific legislation of Member States (such as company law, fiscal law and social security law) that is relevant for statutory audit. The theoretical training now specifically covers international standards in the fields of accounting (IAS) and auditing (ISA).


Chapter III Registration (Articles 15 to 20)

Interested parties need to be able to determine rapidly whether a statutory auditor or an audit firm has been approved, where it is officially located and how (in the case of firms) they are organised. This will be facilitated through registration in a public electronic register. The information to be included in the register is limited to what is essential and access to such information is facilitated through the requirement that it must be accessible electronically.

The public register must also contain the name and address of the competent authorities in charge of oversight, quality assurance and investigations and sanctions in order to allow interested parties to contact these authorities if necessary.

Individual statutory auditors may be employed by an audit firm, they may be self-employed or otherwise associated with an audit firm, for example as a partner. The register must indicate the status of the statutory auditor in this respect.

For audit firms, the register must also show the size of the audit firm by indicating the number of all statutory auditors employed by or associated as partners or otherwise with the audit firm. Furthermore, the listing of individual statutory auditors clarifies who is related to the audit firm and via the registration number additional information is available. The register must contain information on the owners and members of the management of the audit firm. Furthermore, the register must also comprise information on the membership of a network. Information on the network indicates with which other audit firms/affiliates the audit firm cooperates and, by doing so, makes these networks more transparent to interested parties.

The registration information must be updated without undue delay and must be drawn up in the language permitted by the language rules in the Member State where the statutory auditor or audit firm has its seat. The registration information may also voluntarily be submitted in any other official language of the Community.


Chapter IV Professional ethics and professional secrecy (Articles 21 to 22)

Statutory auditors and audit firms must be subject to robust professional ethics. The starting point will be the code of ethics adopted by the Ethics Committee of the International Federation of Accountants (IFAC). However, further specific rules may be necessary to elaborate the principles established in Article 21.

Rules on confidentiality and professional secrecy must not stand in the way of enforcement of financial reporting requirements or the exchange of relevant information between competent authorities of Member States.


Chapter V Independence (Articles 23 to 25)

The basic principle of auditor independence included in the Commission Recommendation on Auditor Independence is incorporated into Article 23. The Directive establishes the principle that a statutory auditor or an audit firm must be independent from the audited entity and shall in no way be involved in management decisions of the audited entity. This means that the auditor must not be able to accept any audit engagement which would endanger his independence. An auditor must also refuse any non-audit engagement which might compromise his independence as an auditor. The auditor must document all significant threats to his independence as well as the safeguards applied to mitigate those treats. The ultimate safeguard is of course to resign from the audit or to not accept a non-audit service. As announced in its 2003 Communication, the Commission intends to organise a study in order to examine whether further measures are necessary that might lead to the total prohibition for an auditor to offer non-audited services to his audit client.

Following from the 2003 Commission Recommendation on Statutory Auditors' Independence in the EU, it is made clear that the fee for a statutory audit should be adequate to allow proper audit quality, that the fee cannot be based on any form of contingency and that the fee cannot be influenced by the provision of additional services to the audited entity. The respect of these principles, together with that of independence will be the subject of audit quality assurance reviews.


Chapter VI Auditing Standards and Audit Reporting (Articles 26 to 28)

As stated in the 2003 Communication, the Commission proposes that all statutory audits prescribed by Community law should be carried out in accordance with International Standards on Auditing (ISA). At present, ISAs (International Standards on Auditing) are established by the International Auditing and Assurance Standards Board (IAASB), a private organisation. In order to be able to endorse international standards on auditing, the Commission needs to examine whether the standards are accepted internationally and whether they have been developed with proper due process, public oversight and transparency. Furthermore, the standards must be of high quality and contribute to the annual accounts and the consolidated accounts showing a true and fair view. Finally, the standards must be conducive to the European public good. The Commission is reflecting on a final decision whether and to what extent to endorse ISAs. This will largely depend on satisfactory governance arrangements relating to the operation of the IAASB being established.

In order to avoid Member States from introducing new requirements or from imposing further audit requirements that go beyond the procedures provided under ISA's, Article 26 i indicates that Member States may only impose additional audit procedures if these follow from specific requirements relating to the scope of the statutory audit. In accordance with Article 28 i, the Commission may adopt a common standard audit report for annual or consolidated accounts which have been prepared in accordance with adopted international accounting standards.

Article 27 introduces the principle that the group auditor bears full responsibility for the audit report in relation with the consolidated accounts. This principle implies that the group auditor needs to ensure that he maintains sufficient documentation of the review performed by another auditor or audit firm which audits part of the group and that he obtains copies of the audit documentation if that auditor or audit firm has not been approved in a Member State.


Chapter VII Quality Assurance (Article 29)

Article 29 introduces the requirement for all statutory auditors and audit firms to be subject to a system of quality assurance. The criteria to be applied for such a quality assurance system are those identified in the Commission's Recommendation of November 2000 on Quality Assurance for the Statutory Auditor in the EU. A review of the implementation of this Recommendation in late 2003 has shown that all Member States have introduced systems on quality assurance, or are in the process of doing so. A legal underpinning of the principles of the Recommendation will ensure that Member States apply these principles. Article 29 strengthens the aspect of public oversight and independent funding and the follow up of the recommendations from quality reviews.


Chapter VIII Investigations and sanctions (Article 30)

Member States' systems of investigations and sanctioning still vary to a large extent. Article 30 sets up the general principle that Member States shall organise effective systems of investigation and effective and dissuasive sanctions, which may be civil, administrative or criminal. Member States' shall provide for appropriate disclosure to the public. Sanctions must include the withdrawal of approval of statutory auditors or audit firms.


Chapter IX Public oversight and regulatory arrangements between Member States (Articles 31 to 34)

Effective public oversight over the audit profession is a vital element in the maintenance and enhancement of confidence in the audit function. The current lack of confidence is partly based on a public perception that a self-regulating profession runs a serious risk of conflicts of interests in dealing with its shortcomings. Therefore, a credible element of public oversight over the audit profession is crucial.

Article 31 sets out principles of public oversight. The public oversight requirement will ensure that oversight has sufficient public integrity and independence. However, there is no blueprint on how to set up an effective public oversight mechanism. The common EU principles proposed on public oversight represent a minimum requirement for an adequate public oversight at Member State level.

Credible supervision of the audit profession requires a clear majority of non-practitioners to oversee the audit profession. For public interest entities, the oversight of auditors should be carried out exclusively by non-practitioners. Nonetheless, those who govern the public oversight system should be sufficiently knowledgeable about accounting and auditing. Recent corporate scandals have proven that swift and effective investigations by public oversight systems are needed to ensure the efficient functioning of the capital markets. Nonetheless basic requirements on adequate and transparent due process must be respected.

In the light of the emerging EU capital market there is a need for an EU co-ordination mechanism to bring together the national systems into a cohesive, efficient pan-European network. This should serve to encourage convergence of principles and practice. Article 33 establishes the principle that Member States shall recognise each other's oversight and regulatory systems. For the audit of consolidated accounts and for the purpose of listings in another Member States no further requirements beyond those in the home country may be imposed.

Article 34 sets out the rules for effective cooperation between Member States in investigations of audit firms.


Chapter X Appointment, dismissal and communication (Articles 35 to 37)

The procedures for appointment of the statutory auditor or audit firm shall ensure that the statutory auditor or audit firm is independent from those who prepare the financial statements of the audited entity. Some Member States require the involvement of the supervisory authorities, courts or other organisations designated by law (e.g. for cooperatives) in the appointment of the statutory auditor or audit firm. The Directive takes does not prejudice this.

With regard to the dismissal and resignation of auditors, the Directive introduces the principle that the statutory auditor or audit firm can only be dismissed if there is a significant reason why the statutory auditor cannot finalise the audit. The reasons for dismissal and resignation shall be disclosed to the responsible oversight authorities.

Effective communication between the statutory auditor/audit firm and the audited entity is of significant importance for high quality audits. It should lead to the audited entity drawing the necessary conclusions. Due to the different corporate governance structures, it is the responsibility of Member States to establish effective detailed rules in this regard. As a minimum, communication shall be recorded by the audited entity in order to allow independent directors of the entity to get an overview of the relationship with the statutory auditor/audit firm.


Chapter XI Special provisions for the statutory audit of public interest entities (Articles 38 to 43)

It is appropriate that more stringent requirement should govern the statutory audit of public interest entities. Article 38 requires the audit firms that carry out statutory audit(s) of public interest entities to provide a detailed report to the public that gives an insight into the audit firm and the network to which it belongs. The audit firm shall provide a governance statement, a description of the Internal Quality Control System and a statement on the effectiveness of its functioning by the administrative or management body. The report shall include the date of the last quality assurance review, policies on continuous education requirements and a break-down of fees.

The requirement to set up an audit committee in Article 39 will strengthen monitoring the financial reporting process and the statutory audit and help to prevent any possible undue influence of the executive management on the financial reporting of the audited entity. In order to fulfil its tasks effectively, the audit committee shall have at least one independent member who is competent in accounting and/or auditing.

An effective internal control system minimises financial, operational and compliance risks, and enhances the quality of financial reporting. Such a system requires the maintenance of appropriate policies and processes that ensure a prompt dissemination of reliable information and compliance with applicable laws and regulations, and safeguard the proper use of the company's assets. The function of the audit committee is to monitor that control activities are performed and communication and reporting processes are in place for breaches of internal control policies and applicable laws and regulations. This should by no means undermine the fact that the responsibility for the operation, review and disclosure of the internal control system lies with the board of directors collectively.

In order to enhance the quality of financial reporting, the statutory auditor or audit firm and the audit committee should cooperate in the fields of audit and of the financial reporting process. To this extent, the statutory auditor or audit firm should communicate on a timely basis with the audit committee on those matters of governance interest that arose from the audit of the financial statements. Such key matters may include information about the audit, significant changes in accounting policies, significant risks and exposures facing the company, material audit adjustments and uncertainties, disagreements with management, going concern issues, expected modifications to the auditor's report, fraud involving management, and material weaknesses in internal control in relation to the financial reporting process. Because internal control is fundamental to the quality of the external financial reporting, the communication towards the audit committee should be emphasised through the requirement of a report on these material weaknesses in the Directive.

Article 40 gives the audit committee a central role in guarding auditor independence. Article 43 foresees that the audit committee shall assist in the nomination process for the statutory auditor or audit firm by selecting the statutory auditor or audit firm for the proposal for appointment to the general meeting of the audited entity.

Article 41 shortens quality review cycles to every three years.

Article 42 sets stricter requirements for public oversight by excluding any practitioner from the governance of public oversight systems.


Chapter XII International Aspects (Articles 44 to 47)

The measures proposed in this Directive will help to ensure high quality audits within the EU and hence underpin the confidence in the functioning of the EU capital market. This should not be undermined by possible poor audit quality from third country auditors who issue audit reports in relation to securities traded in the EU. Auditors and/or audit firms from third countries that issue audit reports in relation to securities traded in the EU, need to be registered in the EU on the basis of Article 45 and be subject to Member State systems of oversight, quality assurance and investigations and sanctions. The requirements of Article 45 warrant that only auditors or audit firms that meet quality criteria equivalent to this Directive can be registered.

In order to prevent unnecessary international regulatory overlap Article 46 allows for exemption from registration, oversight, quality assurance and investigations and sanctions if audit firms from third countries are subject to equivalent systems of registration and oversight. Exemption from the registration and oversight requirement is only possible if the third country audit firm is subject to an equivalent system of oversight as defined by articles 29, 30 and 31. Another important obligation is reciprocal treatment of Member States by the third country. To have a common EU assessment and, thus, secure equal treatment of third countries throughout the EU, the Commission will perform this assessment at EU level in cooperation with Member States.

The European capital market is strongly interrelated with other capital markets. As recent scandals have shown, the loss of confidence in the functioning in one market affects the trust in the functioning of the other market. It is therefore important that international regulators and supervisors co-operate on the basis of a true partnership and confidence. Several Articles of this Directive include appropriate requirements for registration, public oversight, quality assurance, investigations and sanctions on audit firms and could underpin reciprocal co-operative arrangements with third country regulators and supervisors.

These activities will include the need for access to audit working papers which, under a cooperative approach, will be possible if they are transferred by national competent authorities. Such a transfer requires reciprocal cooperation by the third country. Again, to have a common EU assessment and, thus, secure equal treatment of third countries throughout the EU, the Commission will perform this assessment at EU level in cooperation with Member States. As the exchange of audit working papers remains a sensitive matter for all parties involved, Article 47 imposes some additional requirements in comparison to the intra-EU cooperation in investigations as defined in Article 34. Namely, the purpose of the exchange shall be justified. The request shall respect professional secrecy requirements and the working papers shall only be used for the oversight on auditors. In general, such requests shall not challenge the sovereignty, security and public policy of Member States or their judicial proceedings and shall conform with Community law.


Chapter XIII Transitional and final provisions (Articles 48 to 55)

Article 49 introduces a new audit regulatory committee composed of representatives of Member States and chaired by a representative of the Commission which will assist the Commission in establishing the implementing measures under the comitology procedures foreseen in this article. Without doubt, the technical expertise of the audit profession is needed to ensure high quality audit regulation. The new audit regulatory committee will have to consider how the audit profession can continue to provide its technical expertise in an effective and efficient manner in order to support the EU's regulatory activities.

Furthermore, Article 50 introduces changes to the 4th and 7th Council Directives by requiring audited companies to disclose fees paid to the statutory auditor or audit firm broken down by fees for audit services, other assurance services, tax services and other non-audit services.

Due to the repeal of the present 8th Council Directive in Article 51, Article 52 secures the approval of statutory auditors and audit firms approved under the repealed Directive.