Ethics for International Auditors


It is vital that auditors in the United States understand the minimum set of ethical rules required by The International Federation of Accountants (IFAC) and the differences between these ethical standards set forth by the International Ethics Standards Board of Accounting (IESBA) component of the IFAC—standards that set the minimum standards that member organizations are permitted to formulate and enforce upon their own members—and the ethical standards enforced on public company auditors in the United States by the Public Company Accounting Oversight Board (PCAOB). Auditors must always comply with the ethical standards of their licensing body (e.g., a state board of accountancy in the United States) even if they are performing an audit in a jurisdiction (say Great Britain) that follows ISA. It is impossible to explore all the various combinations of ethical standards and sets of auditing standards (e.g., ISA) that can be encountered in practice. Accordingly, here we make a simplifying assumption that auditors in the United States, on public company audits, must follow PCAOB ethical standards while auditors in Great Britain must follow IFAC’s IESBA ethical standards. In this chapter we:

  • define ethics and discuss the key components of ethics;
  • discuss relevant international ethical standards with special focus on standards that are
    • required to maintain an auditor’s independence; and
    • demonstrate key differences between international and U.S. standards on ethics.

Definition of Ethics

Hayes et al. (2005) define ethics as a set of moral principles, rules of conduct, or values. Ethics apply when an individual has to make a decision about various alternatives, with the alternatives having different moral consequences. The IFAC Code of Ethics for Professional Accountants states “The objectives of the accountancy profession are to work in the highest standards of professionalism, to attain the highest levels of performance and generally to meet the public interest” (p.16). The guidance is incorporated into the code (accessible at This code, which is specifically developed by the IESBA component of the IFAC, is intended to serve as a model on which to base national ethical guidance. It sets minimum standards for ethical codes of conduct that member organizations of the IFAC are permitted to use in setting standards for professional accountants who belong to those organizations. It seeks convergence between the IESBA’s standards and those of other national ethics-setting boards, with member organizations of the IFAC required to employ ethics standards at least as stringent as those contained in the IESBA’s code. Thus, an auditor who is licensed by a member organization of IFAC must comply with that member organization’s ethical standards. Given that standards of member organizations of IFAC must be at least as strict as those of IFAC’s IESBA itself, that auditor must comply with the stricter of the two sets of ethical standards. Similarly, an auditor who is both licensed by a state board of accountancy in the United States and is performing a PCAOB-related audit must follow the stricter of two sets of ethical rules, the state board’s ethics rules or the PCAOB’s ethics rules. As of June 1, 2014, 117 nations contained at least one accounting organization, which belonged to the IFAC. Some nations had more than one organization as a participating IFAC member. In the United States, both the American Institute of Certified Public Accountants (AICPA) and the Institute of Management Accountants were member organizations of the IFAC. Additional organizations, some in countries that had organizations that were members of the IFAC, were associated with the IFAC, and other countries contained organizations that were affiliated to the IFAC. As of June 1, 2014, the PCAOB was neither a member, associate, nor an affiliate of the IFAC.

IFAC member organizations are required to demonstrate that they are taking steps to remain in good standing, while associate member organizations are required to demonstrate that they are making progress towards membership (see The IFAC states that its “...member organizations are required to apply ethical standards at least as stringent as the Code. Convergence to a single set of standards can enhance the quality and consistency of services provided by professional accountants throughout the world and can improve the efficiency of global capital markets. The Code requires professional accountants to comply with five fundamental principles: integrity; objectivity; professional competence and due care; confidentiality; and professional behavior.” Each member organization is required to provide and regularly update evidence of the steps it is taking to remain in compliance with the code in order to remain in good standing. Assuming compliance with this requirement and the effectiveness of the compliance monitoring program, it would appear that all member organizations in each of the 117 nations have ethics codes at least as stringent as those of the IFAC. How well these codes are actually enforced in a membership that girdles the globe is a different matter, one beyond the limits of this book. IFAC itself notes that, with respect to business ethics, “application of business ethics differs depending on the country, culture, and traditions, as well as the level of maturity in terms of regulation and enforcement of organizations’ legal responsibility and the expectations and duties of directors.” While this IFAC statement specifically addresses business ethics as opposed to professional accounting ethics, it has clear applicability to the accounting field as well (e.g., Kleinman, Lin, and Palmon 2014).

Understanding how well or poorly even ethics codes that have been converged between IFAC member organizations function is one thing; understanding how uniformly and effectively these consistent ethics codes have been or are being enforced on the individuals who belong to the IFAC member organizations is another. That latter task is beyond what can be accomplished here. Kleinman, Lin, and Palmon (2014), for example, note the many ways that accounting regulation’s effectiveness may differ between countries due to national culture, religion, and other factors despite the overall similarity of regulatory structure. We take the approach that the IFAC standards are followed by the member organizations and that the member organizations enforce these standards on individuals who are their members. The PCAOB, though, is neither a member nor an associate of the IFAC and, therefore, is not required to have its ethics code converge with that of the IFAC’s code, as set forth by the IESBA. Accordingly, the rest of the chapter proceeds with a comparison between the IFAC’s own code and the ethics rules used by the PCAOB. Given that the PCAOB, with its Auditing Standard 1, adopted on April 16, 2003, adopted as its own the then extant AICPA ethics standards, there may be few differences between the IFAC standards and the PCAOB standards.

Familiarity with both IFAC’s IESBA Code of Ethics for Professional Accountants (IESBA Code), in addition to the AICPA Code of Professional Conduct (AICPA Code), is very important for auditors. According to Allen (2010) writing in the Journal of Accountancy, the IESBA and AICPA codes are quite similar. However, some differences are significant. It is important to briefly review these differences. Some key differences are:

  • Presentation of Code: The IESBA Code is divided into three parts: Part A applies to all professional accountants; Part B to persons in public accounting; and Part C to everyone who is not in public practice. The AICPA does not currently apportion its principles and rules in this manner. This is true in both the old AICPA Code of Ethics and the revised AICPA Code of Ethics issued on June 1, 2014, with an implementation date of December 15, 2014. The revised AICPA code notes that members in practice should consult other relevant sets of ethics rules in carrying out their responsibilities, whether as auditors or as accountants in business settings.

    Among the sets of ethics rules that the AICPA Code mentions are the ethics rules set forth by the PCAOB. Accordingly, we focus here on the PCAOB ethics rules for auditors, rules which are binding on all auditors on PCAOB audits, whether or not they are members of the AICPA. The AICPA notes, in the preamble to the new set of ethics rules issued on June 1, 2014, that “By accepting membership, a member assumes an obligation of self-discipline above and beyond the requirements of laws and regulations” (AICPA 2014). Thus, AICPA members consulting this book should be aware that they are responsible for adhering to the strictest of PCAOB or AICPA rules. This book, though, is geared to researchers, managers, and students. Accordingly, we focus on comparing ISA ethics rules with PCAOB ethics rules and do not dwell on whether or not the auditor is a member of the AICPA. The PCAOB has not, as yet, changed its own set of ethics rules to fit with those just released (6/1/14) by the AICPA.

  • Principles versus Rules: The IESBA Code is often referred to as a principles-based code. A principles-based code is used as a conceptual basis for accountants. A simple set of key objectives are set out. Common examples are provided as guidance to explain the objectives. In contrast, the PCAOB code is considered to be more rules based. Rules-based accounting is basically a list of detailed rules that must be followed. The bulk of the IESBA Code provides detailed descriptions on how a principles-based code applies in specific situations.

    It provides, for example, an illustration of how providing nonassurance services to an audit client may threaten an accounting firm’s independence. The code provides many other examples.

  • Differences in Approach: The IESBA uses a principles-based code to evaluate ethical conduct; the AICPA, on the other hand, only requires members to use this approach if the rules do not address their situation.
  • Topics Addressed: Both standards address the same topics. However, the IESBA code includes three areas not specifically addressed by AICPA in its ethics code. The first of these, ethical considerations related to the acceptance and continuance of client engagements, is addressed by the PCAOB in the PCAOB’s quality control standards, using the AICPA’s standards in place before April 16, 2003, that is, the so-called Interim Standards. The second of these, ethical considerations related to the provision of a second opinion on the application of auditing and reporting standards, is addressed in the PCAOB’s AU 625. Finally, the third of these, ethical considerations relating to holding client assets, is not addressed by the PCAOB.
  • Comparing Independence: The IESBA Code discusses certain potential independence matters that do not appear in the AICPA independence rules. Examples include long association of senior personnel with the client and size of audit fee (namely, how would these affect an auditor’s independence).
  • Split Level Independence: The IESBA splits independence requirements into two sections: Section 290, which provides strong prescriptions for audits and reviews of financial statements, and Section 291, which applies to all other assurance engagements. The AICPA code does not separate its independence standards. The PCAOB adopted the AICPA’s AU 220 as it existed as of April 16, 2003, as one of its interim standards.

Commonalities between IESBA and AICPA codes

There are fundamental principles of ethics in these codes that are applicable to all accountants. They are:

  • Integrity: Section 100.4 of the IESBA Code states that a professional accountant should be straightforward and honest in all professional and business relationships.
  • Objectivity: The same section of the IESBA Code noted above states that a professional accountant should not allow bias, conflict of interest or undue influence of others to override professional or business judgments.
  • Professional competence and due care: The same section of the IESBA Code notes that a professional accountant has a continuing duty to maintain professional knowledge and skill at the level required to ensure that a client or employer receives competent professional service based on current developments in practice, legislation, and techniques. The IESBA Code expects that a professional accountant should act diligently and in accordance with applicable technical and professional standards when providing professional services.
  • Confidentiality: The IESBA Code requires that a professional accountant should respect the confidentiality of information acquired as a result of professional and business relationships and should not disclose any such information to third parties without proper and specific authority unless there is a legal or professional right of duty to disclose. Confidential information acquired as a result of professional and business relationships should not be used for the personal advantage of the professional accountant or third parties.

When disclosure is authorized by the employer or client, the accountants should consider the interests of all the parties, including third parties who might be affected. Hayes et al. cite two examples that we reproduce here. One example is disclosure of client information required by law when the accountant has to produce documents or give evidence in legal proceedings. Another example is disclosure of infringements of the law to appropriate public authorities. In the United States, accountants may be required to give evidence in court, and in the Netherlands and UK, auditors may be required to disclose fraud to government appointed authorities. Confidentiality of information is part of statutory or common law and, therefore, requirements of confidentiality will depend on the law of the home country of the accountant.

  • Professional behavior: The IESBA Code notes that a professional accountant should comply with relevant laws and regulations and should avoid any action that discredits the profession.

IFAC notes that an accountant may perform services in a country other than his or her home country. If differences exist between ethical requirements of the two countries, IFAC states that the following provisions should be applied when:

  • the ethical requirements of the country in which the services are being performed are less strict than the IFAC Code of Ethics, then the ethical guidance of the IFAC should be applied;
  • the ethical requirements of the country in which the services are being performed are stricter than the IFAC ethical guidance, then the ethical requirements of the country where the services are being performed should be applied; and
  • the ethical requirements of the home country are mandatory for services performed outside that country and are stricter than set out in the preceding points, then the ethical requirements of the home country should be applied.

This is applicable to the AICPA Code as well. In this respect, the AICPA and the IFAC appear to have arrived at consistent judgments on this issue. This consistency reflects the AICPA’s objective of ensuring commonality with the international code.

Ethical Standards Required by IFAC

The independence of the auditor from the firm that is being audited is one of the basic requirements to ensure public confidence in the reliability of the audit report. Independence adds credibility to the audit report on which investors, creditors, employees, government, and other stakeholders depend to make decisions about a company. Accordingly, we focus on ethics and auditor independence here. As Hayes et al. note that, across the world, national rules on auditors’ independence differ in several respects. Differences cited by Hayes include:

  • the scope of persons to whom independence rules should apply;
  • the kind of financial, business, or other relationships that an auditor may have with the audit client;
  • the type of nonaudit services that can and cannot be provided to an audit client; and
  • the safeguards which should be used.

In the United States, the Sarbanes Oxley Act of 2002 provides limited independence requirements, requirements which are consistent with the preferences of the U.S. Securities Exchange Commission. The latter has the authority to approve or reject PCAOB independence-related requirements such as the PCAOB’s somewhat recently adopted rules 3502 and 3521 to 3525. The European Commission Council Directive 84/253/EEC (EU Eighth Company Law Directive 2006) gives discretionary power to member states to determine the conditions of independence for a statutory auditor. To provide each EU country with a common understanding of this independence requirement, the European Union Committee on Auditing developed a set of fundamental principles. These are set out in a Commission recommendation called Statutory Auditors’ Independence in the EU: A Set of Fundamental Principles. Most of the requirements are based on the rules set forth by IFAC which we now discus. We note that there are many commonalities There are many commonalities between ISA and PCAOB. However, we do not delve into this because addressing commonalities is not our focus. Rather, our focus is on focusing on divergences and implications thereon.

According to the IFAC Section 290.6, independence requires both (a) independence in mind and (b) independence in appearance.

Independence in Mind

According to Section 290.8, this refers to a state of mind that permits the expression of a conclusion without being affected by influences that compromise professional judgment, allowing an individual to act with integrity and exercise objectivity and professional skepticism.

Independence in Appearance

The avoidance of facts and circumstances that are so significant that a reasonable and informed third party, having knowledge of all relevant information, including safeguards applied, would reasonably conclude a firm’s or an assurance team member’s integrity, objectivity, or professional skepticism had been compromised.

Threats to Independence

Section 290 of ISA describes the threats to an auditor’s independence. The following are considered to be threats that the auditor should be wary of.

Financial Interest Threats

Financial interest threats occur when an auditor could benefit from a monetary interest in an assurance client. Section 290.104 states that a financial interest in an assurance client may create a self-interest threat. When evaluating the type of financial interest, consideration should be given to the fact that financial interests range from those where the individual has no control over the investment vehicle or the financial interest held (e.g., a mutual fund, unit trust, or similar intermediary vehicle) to those where the individual has control over the financial interest (e.g., as a trustee) or is able to influence investment decisions. In evaluating the significance of any threat to independence, it is important to consider the degree of control or influence that can be exercised over the intermediary, the financial interest held, or its investment strategy. When control exists, the financial interest should be considered to be direct. Conversely, when the holder of the financial interest has no ability to exercise such control, the financial interest should be considered to be indirect.

Section 290.106 clearly states that, if a member of the audit team providing assurance services or their immediate family member has a direct financial interest or a material indirect financial interest in the client, the threat created would be so significant that the only safeguards available to eliminate the threat or reduce it to an acceptable level would be to dispose of the direct financial interest prior to the individual becoming a member of the assurance team. If a member of the audit team or their immediate family member has an indirect financial interest, then they should dispose of the indirect financial interest in total or dispose of a sufficient amount of it so that the remaining interest is no longer material prior to the individual becoming a member of the assurance team. The AICPA’s Code of Ethics (2014) defines materiality as ownership of 5 percent or more of the outstanding shares of stock in a company or, say, a mutual fund (see, e.g., Section 1.240.010, entitled Overview of Financial Interests in the AICPA’s revised ethics code). The PCAOB’s Interim Standard AU 220 does not include this quantitative definition, leaving the notion of materiality to the auditor’s prudent discretion.

Section 290.107 also notes that during the period prior to disposal of the financial interest or the removal of the individual from the assurance team, consideration should be given to whether additional safeguards are necessary to reduce the threat to an acceptable level. The safeguards suggested by Section 290.107 are:

  • discussing the matter with those charged with governance such as the audit committee or
  • involving an additional professional accountant to review the work done.

Section 290.110 also notes that consideration should also be given to partners and their immediate family members who are not members of the assurance team. Whether the interests held by such individuals may create a self-interest threat will depend on such factors as:

  • the auditing firm’s organizational, operating, and reporting structure; and
  • the nature of the relationship between the individual who is an immediate family member and the member of the assurance team.

In order to prevent violation, and subsequent lawsuits, Section 290.11 in paragraph (a) recommends that:

  • the firm have established policies and procedures that require all professionals to report promptly to the firm any breaches resulting from the purchase, inheritance, or other acquisition of a financial interest in the assurance client.
  • the firm promptly notifies the professional that the financial interest should be disposed of; and
  • the disposal occurs at the earliest practical date after identification of the issue, or the professional is removed from the assurance team.

Section 290.127 notes that a loan, or guarantee of a loan, from an assurance client that is a bank or a similar institution to a member of the assurance team or their immediate family would not create a threat to independence provided the loan is made under normal lending procedures, terms, and requirements. Examples of such loans include home mortgages, bank overdrafts, or car loans and credit card balances.

Advocacy Threat

This threat occurs when a member of the assurance team promotes, or seems to promote, an assurance client’s opinion. Section 290.150 provides examples of such instances. In essence, the auditor seems to agree with the client’s stance in a situation that creates doubts as to why the auditor should agree with the stance of the client. That is, the auditor agrees with the client in a situation in which there seems to be insufficient reason to support the client’s stance as opposed to the available reasons to oppose the client’s stance.

Familiarity Threat

This occurs when an auditor becomes too sympathetic to the client’s interests because the auditor has a close relationship with an assurance client, its directors, officers, or employees. Examples of these threats are discussed in Section 290.135. This threat occurs when an immediate family member of a member of the assurance team is a director, an officer, or an employee of the assurance client and is in a position to exert direct and significant influence over the subject matter information of the assurance engagement. Threats can be removed by (reference provided in Section 290.138):

  • Removing the individual from the assurance team
  • Where possible, structuring the responsibilities of the assurance team so that the professional does not deal with matters that are within the responsibility of the close family member
  • Policies and procedures to empower staff to communicate to senior levels within the firm any issue of independence and objectivity that concerns them

It must also be noted that, in some countries, the range of problematic relationships may be wider than a spouse or dependent (e.g., the child or its spouse, the parent or grandparent, parent-in-law, brother, sister, or brother-in-law or sister-in-law of the client). This could happen if the same senior personnel on an assurance engagement have been used over a long period of time. This could also happen if a member of the assurance team has an immediate family member or close family member who is a director or an officer of the assurance client. Another example is if the member of the assurance team has a close family member who is an employee of the assurance client and, hence, is in a position to significantly influence the subject matter of the assurance engagement. Acceptance of gifts is another indicator of the familiarity threat (unless the value is clearly insignificant).

Auditor payouts due to litigation hopefully can be minimized if the auditor takes certain safeguards. According to Section 290.153, these safeguards are:

  • Rotating the senior personnel of the assurance team
  • Involving an additional professional accountant who is not a member of the assurance team to review the work done by the senior personnel or otherwise as necessary
  • Establishing independent internal quality reviews

In the case of a financial statement audit, Section 290.154 notes that using the same engagement partner or the same individual responsible for the engagement quality control review over a prolonged period may also create a familiarity threat. Accordingly, auditors may be better prepared to defend their work should litigation arise if the engagement partner and the individual responsible for the engagement quality control review are rotated after serving in either capacity or a combination thereof. Section 290.154 provides that the engagement partner and the individual responsible for the engagement quality control review should be rotated after having served for seven years and, upon rotation of the engagement, should not participate in any capacity in the audit until two years have elapsed. However, Section 290.156 provides some flexibility to auditors. If rotation has not occurred as required in Section 290.154, then the standard states that the auditor can still protect himself or herself if the auditor can prove the following:

  • There is a situation when the person’s continuity is especially important to the financial statement audit client
  • Situations when, because of the size of the firm, rotation is not possible or it can be proved that such rotation does not constitute an adequate safeguard

Recency Threat

This occurs when a former officer, director or employee of the assurance client serves as a member of the assurance team. In the case of a financial statement audit engagement, Section 290.149 notes that if a partner or employee of a network firm were to serve as an officer or as a director on the board of the audit client, the threats would be so significant that no safeguard would reduce the threats to an acceptable level. The only course is for the auditor to withdraw from the audit engagement.

Self-review Threats

This relates to the provision of non-assurance services. Audit firms have traditionally provided to their clients a range of non-assurance services consistent with their skills and expertise. As discussed in Section 290.167, assisting a financial statement audit client in matters such as preparing accounting records or financial statements may create a self-review threat when the financial statements are subsequently audited by the firm. A self-review threat exists when an auditor may be reluctant to report a problem that problem originates because of the auditor’s error. Self-review threats can also occur in the following situations as explained in Section 290.159:

  • Auditor has the authority to execute or consummate a transaction or otherwise exercise authority on behalf of the assurance client.
  • Auditor can determine which recommendation of the firm should be implemented.
  • Auditor reports, in a management role, to those charged with governance.
  • Auditor has custody of an assurance client’s assets.
  • Auditor has or can supervise assurance client employees in the performance of their normal recurring activities.
  • Auditor has or can prepare source documents or originating data in electronic or other form, evidencing the occurrence of a transaction (e.g., purchase orders, payroll time records, and customer orders).

All these are self-review threats because the auditor is subsequently auditing transactions over which the auditor had authority and checking assets over which the auditor had custody or checking the work of employees whom the auditor supervised in the performance of their duties.

While allowing the above mentioned activities by the auditor, section 290.167 notes that, while it is the responsibility of financial statement audit client management to ensure that accounting records are kept and financial statements are prepared, they can request the audit firm to provide assistance for clients whose shares are not listed on a stock exchange. However, the section notes, that while this is acceptable, the auditors must not be in a position where they can influence management decisions for these unlisted clients. Noted examples of management decisions include:

  • determining or changing journal entries and so the classification for accounts or transaction or other accounting records without obtaining the approval of the financial statement audit client;
  • authorizing or approving transactions; and
  • preparing source documents or originating data (including decisions on valuation assumptions) or making changes to such documents or data.

Section 290.169 notes that a self-review threat could also be created if the firm developed and prepared prospective financial information and subsequently provided assurance on this prospective financial information. Prospective financial information is material that gives management’s view as to what the firm’s financial information will look like in the future.

Nonaudit Services to Audit Clients Under the IFAC Ethics Code

Bookkeeping Services

If the client is not listed on a stock exchange, the audit firm may provide accounting and book keeping services including payroll services of a routine or mechanical nature. These include

  • recording transactions for which the audit client has determined or approved the appropriate account classification;
  • posting coded transactions to the audit client’s general ledger;
  • preparing financial statements based on information in the trial balance; and
  • posting the audit client-approved entries to the trial balance.

According to Section 290.170, the significance of any threat created should be evaluated, and if the threat is other than clearly insignificant, safeguards should be considered and applied as necessary to reduce the threat to an acceptable level. Safeguards noted in the standard include:

  • making arrangements so such services are not performed by a member of the assurance team;
  • implementing policies and procedures to prohibit the individual providing such services from making any managerial decisions on behalf of the audit client;
  • requiring the source data for the accounting errors to be originated by the audit client;
  • requiring the underlying assumptions to be originated and approved by the audit client; or
  • obtaining audit client approval for any proposed journal entries or other changes affecting the financial statements.

If the audit client is listed on a stock exchange, then bookkeeping services, including payroll services and the preparation of financial statements or financial information are prohibited.

Valuation Services

Valuation service is defined in Section 290.174 as comprising the making of assumptions with regard to future developments, the application of certain methodologies and techniques, and the combination of both in order to compute a certain value, or range of values, for an asset, liability, or a business as a whole. Section 290.176 notes that, if the valuation service involves the valuation of matters material to the financial statements and the valuation involves a significant degree of subjectivity, a self-review threat is created, and hence, such services are prohibited.

However, valuation services may be allowed under Section 290.177 if the services are neither separately nor in the aggregate material to the financial statements or do not involve a significant degree of subjectivity. This is because it is felt that this may create a self-review threat that could be reduced to an acceptable level by the application of safeguards. Noted safeguards could include:

  • involving an additional professional accountant who was not a member of the assurance team to review the work done or otherwise advise as necessary;
  • obtaining the audit client’s acknowledgment of responsibility for the results of the work performed by the firm; and
  • making arrangements so that personnel providing such services do not participate in the audit engagement.

Taxation Services

Taxation services according to Section 290.180 comprise a broad range of services, including compliance, planning, provision of formal taxation opinions, and assistance in the resolution of tax disputes. Such assignments are allowed because they are not seen to be threats to independence.

Provision of Internal Audit Services to Financial Statement Audit Clients

Section 290.182 defines internal audit services as services involving an extension of the procedures required to conduct a financial statement audit in accordance with international standards on auditing. This is not considered to impair auditor’s independence and is allowed. However, performing a significant portion of the financial statement audit client’s internal audit activities may create a self-review threat. While this is still allowed, Section 290.185 states that adequate safeguards should be applied in all circumstances to reduce the threats created to an acceptable level. Noted safeguards include the following:

  • The audit client, the audit committee, or the supervisory body approves the scope, risk, and frequency of internal audit work.
  • The audit client is responsible for evaluating and determining which recommendations of the firm should be implemented.
  • The findings and recommendations resulting from the internal audit activities are reported appropriately to the audit committee or supervisory body.

Provision of Litigation Support Services

Section 290.193 defines litigation support services as including activities such as acting as an expert witness, calculating estimated damages or other amounts that might become receivable or payable as the result of litigation or other legal dispute, and assistance with document management and retrieval in relation to a dispute or litigation. Conflicts of interest could arise if the auditor is engaged in both auditing and litigation services because the litigation function requires the auditor to be an advocate for the client. Acting as an advocate for the client is in conflict with the duty of the auditor to practice with professional skepticism.

According to Section 290.194, litigation support services will not be prohibited if the auditor evaluates the significance of threats to independence by examining:

  • the materiality of the amounts involved;
  • the degree of subjectivity inherent in the matter concerned; and
  • the nature of the engagement.

The audit firm is then required to reduce the threat to an acceptable level by including safeguards such as:

  • using professionals who are not members of the assurance team to perform the service;
  • involving independent experts to assist them.

Provision of Information Technology Systems Services to Financial Statement Audit Clients

Information Technology (IT) systems services are defined as services that involve the design and implementation of financial information technology systems that are used to generate information forming part of a client’s financial statements. While this is considered to impair auditor’s independence under self-review threats, Section 290.188 does allow the provision of such services by an auditor if safeguards are in place. These safeguards require the audit client to:

  • designate a competent employee, preferably within senior management, with the responsibility to make all management decisions with respect to the design and implementation of the hardware or software system;
  • make all management decisions with respect to the design and implementation process;
  • be responsible for the operation of the system (hardware and software) and the data used or generated by the system.

Temporary Staff Assignments to Financial Statement Audit Clients

The lending of staff by an audit firm to its client while potentially creating a self-review threat is allowed if the auditor is not allowed to do the following activities under Section 290.192:

  • Making management decisions
  • Approving or signing agreements or other similar documents

Further, it is required that:

  • the staff providing the assistance should not be given audit responsibility for any function or activity that they performed or supervised during their temporary staff assignment; and
  • the audit client should acknowledge its responsibility for directing and supervising the activities of the audit firm.

Provision of Legal Services to Financial Statement Audit Clients

Legal services encompass a wide and diversified range of areas including both corporate and commercial services to clients such as contract support, litigation, mergers and acquisition advice, and support and provision of assistance to clients’ internal legal departments. This is allowed provided safeguards are met. Section 290.201 stipulates the following safeguards:

  • Members of the assurance team are not involved in providing the service.
  • In relation to the advice provided, the audit client makes the ultimate decision, or in relation to the transactions, the service involves the execution of what has been decided by the audit client.

Recruiting Senior Management

The recruitment of senior management for an assurance client may create self-interest, familiarity, and intimidation threats. The severity of the threat may depend on factors such as (a) the role of the person to be recruited and (b) the nature of the assistance sought. Despite this, providing such services by an audit client are allowed under Section 290.203 if adequate safeguards are met. The definition of adequate safeguards is provided in Section 290.163. In summary these safeguards include:

  • policies and procedures to prohibit professional staff from making management decisions;
  • policies regarding the oversight responsibility with regard to the provision of non-assurance services;
  • discussing independence issues related to the provision of non-assurance services with those charged with governance;
  • disclosing to those charged with governance, such as the audit committee, the nature and extent of fee charged;
  • ensuring that personnel providing non-assurance services do not participate in the assurance engagement.

Corporate Finance and Similar Activities

Corporate finance and similar activities include activities such as promoting, dealing in, or underwriting of a client’s shares or consummating a transaction on behalf of the client. Section 290.204 notes that the provision of corporate finance services, advice, or assistance to an assurance client may create advocacy and self-review threats. It is held that the independence threats could be so significant that no safeguards could be applied to reduce the threats to an acceptable level. For example, promoting, dealing in, or underwriting of an assurance client’s shares is not compatible with providing assurance services. However, Section 290.205 does provide exceptions to the general rules for certain types of corporate finance activities. The general exceptions noted in the section include:

  • policies and procedures to prohibit individuals assisting the assurance client from making managerial decisions on behalf of the client; and
  • using professionals who are not members of the assurance team to provide the services.

Developments in the United States

Section 103(a) of the Sarbanes Oxley Act of 2002 directs the PCAOB to establish “ethics standards to be used by registered public accounting firms in the preparation and issuance of audit reports”. Moreover Section 103(b) of the Act directs the Board to establish rules on auditor independence “as may be necessary or appropriate in the public interest or for the protection of investors, to implement, or as authorized under Title II of the Act.”

In early 2003, the SEC adopted new independence rules in order to implement Title II of the Act. Neither the Act nor the SEC’s 2003 independence rules prohibit tax services as long as the services are preapproved by the company’s audit committee and do not fall into one of the categories of expressly prohibited services. This is similar to the IFAC rules, which were discussed earlier. However, the major difference between the IFAC Code of Ethics and the ethics standards proposed by the PCAOB relates to the tax services. Since the SEC issued its new rules, two types of tax services have raised serious questions in the United States. First, the IRS and the U.S. Department of Justice have brought a number of cases against accounting firms advising client firms on tax shelters for their products. Audit firms have also been criticized for advising senior executives of clients whom they are auditing regarding tax shelters. Although such advice is not considered illegal, it is considered highly unethical because companies and their executives are being advised on how to evade tax by abusing tax shelter laws. Some have questioned whether an auditor’s provision of such services could lead to self-interest threats to independence. If the auditor charges contingent fees for such services, this could impair independence. This issue, to date, has not been raised in Europe and by the IFAC.

In order to deal with this, the PCAOB has issued rules on this. (Initially the PCAOB, when it began its work in 2003, adopted all the then existing AICPA rules as interim rules before making changes and amendments (see PCAOB Rule 3500T.)) Relevant PCAOB rules are as follows:

Rule 3521

This treats registered public accounting firms as not independent of their audit clients if they enter into contingent fee arrangements with those clients.

Rule 3522(a)

Rule 3522(a) treats a registered public accounting firm as not independent of an audit client if the firm provides services related to planning or opining on the tax consequences of a transaction that is a listed or confidential transaction under Treasury regulations.

Rule 3522(b)

In addition, Rule 3522(b) included a provision that treats a registered public accounting firm as not independent if the firm provides services related to planning or giving an opinion on a transaction that is based on an aggressive interpretation of applicable tax laws and regulations.

Rule 3523

Rule 3523 sets a new requirement to treat a registered public accounting firm as not independent if the firm provided tax services to officers in a financial reporting oversight role of an audit client.

Rule 3524

Rule 3524 requires a registered public accounting firm to seek pre-approval for tax services and to supply the audit committee with detailed information about tax services provided and discuss with the audit committee the potential effects of the services on the firm’s independence and to document the substance of that discussion.

Rule 3502

Rule 3502 codifies the principle that persons associated with a registered public accounting firm should not cause the firm to violate relevant laws, rules, and professional standards due to an act or omission the person knew or should have known would contribute to such violation.


In this chapter, we discussed the ethical standards required by the IFAC. These standards are followed by all countries in the EU and most other industrialized and developing countries. We also discussed the key differences between the ethical standards in the United States, as set by the PCAOB, and in Europe. The main differences in standards relates to the provision of tax services and certain other consulting services. These are seen as more complex in the U.S. relative to other countries. Finally, we comment that the process of establishing ethical principles is complicated. In France and Japan, the ethical code is part of the law. In the United States, Singapore, Mexico and the UK, the standards are developed and regulated by professional bodies. As we noted in Chapter 2, violation of the ethical standards could subject the auditor to sanction by the court in certain instances by professional bodies and may also result in the suspension of the auditor’s right to practice before the SEC in the United States.

The key takeaway from this chapter is the general similarity between the ethical standards implemented in the United States and and those enforced by IFAC. However, similar does not mean identical, and therefore, the reader must be careful to relate the relevant ethical code to the geographic area or nation that they are interested in. Also, the reader must be aware that organizations that belong to IFAC must have ethical codes that are at least as strict as those set forth by IFAC. Different countries will have different specific restrictions that are relevant to proposed auditor behavior in those nations. They should also be aware of any differences in acceptable auditor behavior for listed as opposed to unlisted clients and adjust their expectations of appropriate auditor behavior accordingly. This overview will help readers to decide where further, if anywhere, they need to go for additional information.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.