Introduction (600.1 to 600.3)
  • Bookmark
600.1

Firms are required to comply with the fundamental principles, be independent, and apply the conceptual framework set out in Section 120 to identify, evaluate and address threats to independence.

  • Bookmark
600.2

Firms and network firms might provide a range of non-assurance services to their audit clients, consistent with their skills and expertise. Providing non-assurance services to audit clients might create threats to compliance with the fundamental principles and threats to independence.

  • Bookmark
600.3

This section sets out requirements and application material relevant to applying the conceptual framework to identify, evaluate and address threats to independence when providing non-assurance services to audit clients. The subsections that follow set out specific requirements and application material relevant when a firm or network firm provides certain non-assurance services to audit clients and indicate the types of threats that might be created as a result. Some of the subsections include requirements that expressly prohibit a firm or network firm from providing certain services to an audit client in certain circumstances because the threats created cannot be addressed by applying safeguards.

Requirements and Application Material

General (R600.4 to R600.10)
  • Bookmark
R600.4

Before a firm or a network firm accepts an engagement to provide a non-assurance service to an audit client, the firm shall determine whether providing such a service might create a threat to independence.

  • Bookmark
600.4 A1

The requirements and application material in this section assist the firm in analyzing certain types of non-assurance services and the related threats that might be created if a firm or network firm provides non-assurance services to an audit client.

  • Bookmark
600.4 A2

New business practices, the evolution of financial markets and changes in information technology, are among the developments that make it impossible to draw up an all-inclusive list of non-assurance services that might be provided to an audit client. As a result, the Code does not include an exhaustive list of all non-assurance services that might be provided to an audit client.

  • Bookmark
600.5 A1

Factors that are relevant in evaluating the level of threats created by providing a non-assurance service to an audit client include:

  • The nature, scope and purpose of the service.

  • The degree of reliance that will be placed on the outcome of the service as part of the audit.

  • The legal and regulatory environment in which the service is provided.

  • Whether the outcome of the service will affect matters reflected in the financial statements on which the firm will express an opinion, and, if so:

    • The extent to which the outcome of the service will have a material effect on the financial statements.

    • The degree of subjectivity involved in determining the appropriate amounts or treatment for those matters reflected in the financial statements.

  • The level of expertise of the client's management and employees with respect to the type of service provided.

  • The extent of the client's involvement in determining significant matters of judgment.

  • The nature and extent of the impact of the service, if any, on the systems that generate information that forms a significant part of the client's:

    • Accounting records or financial statements on which the firm will express an opinion.

    • Internal controls over financial reporting.

  • Whether the client is a public interest entity. For example, providing a non-assurance service to an audit client that is a public interest entity might be perceived to result in a higher level of a threat.

  • Bookmark
600.5 A2

Subsections 601 to 610 include examples of additional factors that are relevant in evaluating the level of threats created by providing the non-assurance services set out in those subsections.

  • Bookmark
600.5 A3

Subsections 601 to 610 refer to materiality in relation to an audit client's financial statements. The concept of materiality in relation to an audit is addressed in ISA 320, Materiality in Planning and Performing an Audit, and in relation to a review in ISRE 2400 (Revised), Engagements to Review Historical Financial Statements. The determination of materiality involves the exercise of professional judgment and is impacted by both quantitative and qualitative factors. It is also affected by perceptions of the financial information needs of users.

  • Bookmark
600.5 A4

A firm or network firm might provide multiple non-assurance services to an audit client. In these circumstances the consideration of the combined effect of threats created by providing those services is relevant to the firm's evaluation of threats.

  • Non-Authoritative Guidance
  • Bookmark
600.6 A1

Subsections 601 to 610 include examples of actions, including safeguards, that might address threats to independence created by providing those non-assurance services when threats are not at an acceptable level. Those examples are not exhaustive.

  • Bookmark
600.6 A2

Some of the subsections include requirements that expressly prohibit a firm or network firm from providing certain services to an audit client in certain circumstances because the threats created cannot be addressed by applying safeguards.

  • Bookmark
600.6 A3

Paragraph 120.10 A2 includes a description of safeguards. In relation to providing non-assurance services to audit clients, safeguards are actions, individually or in combination, that the firm takes that effectively reduce threats to independence to an acceptable level. In some situations, when a threat is created by providing a non-assurance service to an audit client, safeguards might not be available. In such situations, the application of the conceptual framework set out in Section 120 requires the firm to decline or end the non-assurance service or the audit engagement.

  • Bookmark
R600.7

A firm or a network firm shall not assume a management responsibility for an audit client.

  • Bookmark
600.7 A1

Management responsibilities involve controlling, leading and directing an entity, including making decisions regarding the acquisition, deployment and control of human, financial, technological, physical and intangible resources.

  • Non-Authoritative Guidance
  • Bookmark
600.7 A2

Providing a non-assurance service to an audit client creates self-review and self-interest threats if the firm or network firm assumes a management responsibility when performing the service. Assuming a management responsibility also creates a familiarity threat and might create an advocacy threat because the firm or network firm becomes too closely aligned with the views and interests of management.

  • Bookmark
600.7 A3

Determining whether an activity is a management responsibility depends on the circumstances and requires the exercise of professional judgment. Examples of activities that would be considered a management responsibility include:

  • Setting policies and strategic direction.

  • Hiring or dismissing employees.

  • Directing and taking responsibility for the actions of employees in relation to the employees' work for the entity.

  • Authorizing transactions.

  • Controlling or managing bank accounts or investments.

  • Deciding which recommendations of the firm or network firm or other third parties to implement.

  • Reporting to those charged with governance on behalf of management.

  • Taking responsibility for:

    • The preparation and fair presentation of the financial statements in accordance with the applicable financial reporting framework.

    • Designing, implementing, monitoring or maintaining internal control.

  • Bookmark
600.7 A4

Providing advice and recommendations to assist the management of an audit client in discharging its responsibilities is not assuming a management responsibility. (Ref: Para. R600.7 to 600.7 A3).

  • Bookmark
R600.8

To avoid assuming a management responsibility when providing any non-assurance service to an audit client, the firm shall be satisfied that client management makes all judgments and decisions that are the proper responsibility of management. This includes ensuring that the client's management:

  • Designates an individual who possesses suitable skill, knowledge and experience to be responsible at all times for the client's decisions and to oversee the services. Such an individual, preferably within senior management, would understand:

    • The objectives, nature and results of the services; and

    • The respective client and firm or network firm responsibilities.

    • However, the individual is not required to possess the expertise to perform or re-perform the services.

  • Provides oversight of the services and evaluates the adequacy of the results of the service performed for the client's purpose.

  • Accepts responsibility for the actions, if any, to be taken arising from the results of the services.

  • Bookmark
R600.9

A non-assurance service provided, either currently or previously, by a firm or a network firm to an audit client compromises the firm's independence when the client becomes a public interest entity unless:

  • The previous non-assurance service complies with the provisions of this section that relate to audit clients that are not public interest entities;

  • Non-assurance services currently in progress that are not permitted under this section for audit clients that are public interest entities are ended before, or as soon as practicable after, the client becomes a public interest entity; and

  • The firm addresses threats that are created that are not at an acceptable level.

  • Bookmark
R600.10

This section includes requirements that prohibit firms and network firms from assuming management responsibilities or providing certain non-assurance services to audit clients. As an exception to those requirements, a firm or network firm may assume management responsibilities or provide certain non-assurance services that would otherwise be prohibited to the following related entities of the client on whose financial statements the firm will express an opinion:

  • An entity that has direct or indirect control over the client;

  • An entity with a direct financial interest in the client if that entity has significant influence over the client and the interest in the client is material to such entity; or

  • An entity which is under common control with the client,

provided that all of the following conditions are met:

  • The firm or a network firm does not express an opinion on the financial statements of the related entity;

  • The firm or a network firm does not assume a management responsibility, directly or indirectly, for the entity on whose financial statements the firm will express an opinion;

  • The services do not create a self-review threat because the results of the services will not be subject to audit procedures; and

  • The firm addresses other threats created by providing such services that are not at an acceptable level.

SUBSECTION 601 ACCOUNTING AND BOOKKEEPING SERVICES

Introduction (601.1 to 601.2)
  • Bookmark
601.1

Providing accounting and bookkeeping services to an audit client might create a self-review threat.

  • Bookmark
601.2

In addition to the specific requirements and application material in this subsection, the requirements and application material in paragraphs 600.1 to R600.10 are relevant to applying the conceptual framework when providing an audit client with accounting and bookkeeping services. This subsection includes requirements that prohibit firms and network firms from providing certain accounting and bookkeeping services to audit clients in some circumstances because the threats created cannot be addressed by applying safeguards.

Requirements and Application Material

All Audit Clients (601.3 A1 to R601.7)
  • Bookmark
601.3 A1

Accounting and bookkeeping services comprise a broad range of services including:

  • Preparing accounting records and financial statements.

  • Recording transactions.

  • Payroll services.

  • Bookmark
601.3 A2

Management is responsible for the preparation and fair presentation of the financial statements in accordance with the applicable financial reporting framework. These responsibilities include:

  • Determining accounting policies and the accounting treatment in accordance with those policies.

  • Preparing or changing source documents or originating data, in electronic or other form, evidencing the occurrence of a transaction. Examples include:

    • Purchase orders.

    • Payroll time records.

    • Customer orders.

  • Originating or changing journal entries.

  • Determining or approving the account classifications of transactions.

  • Bookmark
601.3 A3

The audit process necessitates dialogue between the firm and the management of the audit client, which might involve:

  • Applying accounting standards or policies and financial statement disclosure requirements.

  • Assessing the appropriateness of financial and accounting control and the methods used in determining the stated amounts of assets and liabilities.

  • Proposing adjusting journal entries.

These activities are considered to be a normal part of the audit process and do not usually create threats as long as the client is responsible for making decisions in the preparation of accounting records and financial statements.

  • Bookmark
601.3 A4

Similarly, the client might request technical assistance on matters such as resolving account reconciliation problems or analyzing and accumulating information for regulatory reporting. In addition, the client might request technical advice on accounting issues such as the conversion of existing financial statements from one financial reporting framework to another. Examples include:

  • Complying with group accounting policies.

  • Transitioning to a different financial reporting framework such as International Financial Reporting Standards.

Such services do not usually create threats provided neither the firm nor network firm assumes a management responsibility for the client.

  • Bookmark
601.4 A1

Accounting and bookkeeping services that are routine or mechanical in nature require little or no professional judgment. Some examples of these services are:

  • Preparing payroll calculations or reports based on client-originated data for approval and payment by the client.

  • Recording recurring transactions for which amounts are easily determinable from source documents or originating data, such as a utility bill where the client has determined or approved the appropriate account classification.

  • Calculating depreciation on fixed assets when the client determines the accounting policy and estimates of useful life and residual values.

  • Posting transactions coded by the client to the general ledger.

  • Posting client-approved entries to the trial balance.

  • Preparing financial statements based on information in the client-approved trial balance and preparing related notes based on client-approved records.

  • Bookmark
R601.5

A firm or a network firm shall not provide to an audit client that is not a public interest entity accounting and bookkeeping services including preparing financial statements on which the firm will express an opinion or financial information which forms the basis of such financial statements, unless:

  • The services are of a routine or mechanical nature; and

  • The firm addresses any threats that are created by providing such services that are not at an acceptable level.

  • Bookmark
601.5 A1

Examples of actions that might be safeguards to address a self-review threat created when providing accounting and bookkeeping services of a routine and mechanical nature to an audit client include:

  • Using professionals who are not audit team members to perform the service.

  • Having an appropriate reviewer who was not involved in providing the service review the audit work or service performed.

PIE

  • Bookmark
R601.6

Subject to paragraph R601.7, a firm or a network firm shall not provide to an audit client that is a public interest entity accounting and bookkeeping services including preparing financial statements on which the firm will express an opinion or financial information which forms the basis of such financial statements.

  • Bookmark
R601.7

As an exception to paragraph R601.6, a firm or network firm may provide accounting and bookkeeping services of a routine or mechanical nature for divisions or related entities of an audit client that is a public interest entity if the personnel providing the services are not audit team members and:

  • The divisions or related entities for which the service is provided are collectively immaterial to the financial statements on which the firm will express an opinion; or

  • The service relates to matters that are collectively immaterial to the financial statements of the division or related entity.

SUBSECTION 602 ADMINISTRATIVE SERVICES

Introduction (602.1 to 602.2)
  • Bookmark
602.1

Providing administrative services to an audit client does not usually create a threat.

  • Bookmark
602.2

In addition to the specific application material in this subsection, the requirements and application material in paragraphs 600.1 to R600.10 are relevant to applying the conceptual framework when providing administrative services.

Application Material

All Audit Clients (602.3 A1 to 602.3 A2)
  • Bookmark
602.3 A1

Administrative services involve assisting clients with their routine or mechanical tasks within the normal course of operations. Such services require little to no professional judgment and are clerical in nature.

  • Bookmark
602.3 A2

Examples of administrative services include:

  • Word processing services.

  • Preparing administrative or statutory forms for client approval.

  • Submitting such forms as instructed by the client.

  • Monitoring statutory filing dates, and advising an audit client of those dates.

SUBSECTION 603 VALUATION SERVICES

Introduction (603.1 to 603.2)
  • Bookmark
603.1

Providing valuation services to an audit client might create a self-review or advocacy threat.

  • Bookmark
603.2

In addition to the specific requirements and application material in this subsection, the requirements and application material in paragraphs 600.1 to R600.10 are relevant to applying the conceptual framework when providing valuation services to an audit client. This subsection includes requirements that prohibit firms and network firms from providing certain valuation services to audit clients in some circumstances because the threats created cannot be addressed by applying safeguards.

Requirements and Application Material

All Audit Clients (603.3 A1 to R603.5)
  • Bookmark
603.3 A1

A valuation comprises the making of assumptions with regard to future developments, the application of appropriate methodologies and techniques, and the combination of both to compute a certain value, or range of values, for an asset, a liability or for a business as a whole.

  • Bookmark
603.3 A2

If a firm or network firm is requested to perform a valuation to assist an audit client with its tax reporting obligations or for tax planning purposes and the results of the valuation will not have a direct effect on the financial statements, the application material set out in paragraphs 604.9 A1 to 604.9 A5, relating to such services, applies.

  • Bookmark
603.3 A3

Factors that are relevant in evaluating the level of self-review or advocacy threats created by providing valuation services to an audit client include:

  • The use and purpose of the valuation report.

  • Whether the valuation report will be made public.

  • The extent of the client's involvement in determining and approving the valuation methodology and other significant matters of judgment.

  • The degree of subjectivity inherent in the item for valuations involving standard or established methodologies.

  • Whether the valuation will have a material effect on the financial statements.

  • The extent and clarity of the disclosures related to the valuation in the financial statements.

  • The degree of dependence on future events of a nature that might create significant volatility inherent in the amounts involved.

  • Bookmark
603.3 A4

Examples of actions that might be safeguards to address threats include:

  • Using professionals who are not audit team members to perform the service might address self-review or advocacy threats.

  • Having an appropriate reviewer who was not involved in providing the service review the audit work or service performed might address a self-review threat.

  • Bookmark
R603.4

A firm or a network firm shall not provide a valuation service to an audit client that is not a public interest entity if:

  • The valuation involves a significant degree of subjectivity; and

  • The valuation will have a material effect on the financial statements on which the firm will express an opinion.

  • Bookmark
603.4 A1

Certain valuations do not involve a significant degree of subjectivity. This is likely to be the case when the underlying assumptions are either established by law or regulation, or are widely accepted and when the techniques and methodologies to be used are based on generally accepted standards or prescribed by law or regulation. In such circumstances, the results of a valuation performed by two or more parties are not likely to be materially different.

  • Bookmark
R603.5

A firm or a network firm shall not provide a valuation service to an audit client that is a public interest entity if the valuation service would have a material effect, individually or in the aggregate, on the financial statements on which the firm will express an opinion.

SUBSECTION 604 TAX SERVICES

Introduction (604.1 to 604.2)
  • Bookmark
604.1

Providing tax services to an audit client might create a self-review or advocacy threat.

  • Bookmark
604.2

In addition to the specific requirements and application material in this subsection, the requirements and application material in paragraphs 600.1 to R600.10 are relevant to applying the conceptual framework when providing a tax service to an audit client. This subsection includes requirements that prohibit firms and network firms from providing certain tax services to audit clients in some circumstances because the threats created cannot be addressed by applying safeguards.

Requirements and Application Material

All Audit Clients (604.3 A1 to 604.3 A2)
  • Bookmark
604.3 A1

Tax services comprise a broad range of services, including activities such as:

  • Tax return preparation.

  • Tax calculations for the purpose of preparing the accounting entries.

  • Tax planning and other tax advisory services.

  • Tax services involving valuations.

  • Assistance in the resolution of tax disputes.

While this subsection deals with each type of tax service listed above under separate headings, in practice, the activities involved in providing tax services are often inter-related.

  • Bookmark
604.3 A2

Factors that are relevant in evaluating the level of threats created by providing any tax service to an audit client include:

  • The particular characteristics of the engagement.

  • The level of tax expertise of the client's employees.

  • The system by which the tax authorities assess and administer the tax in question and the role of the firm or network firm in that process.

  • The complexity of the relevant tax regime and the degree of judgment necessary in applying it.

Tax Return Preparation (604.4 A1 to 604.4 A3)
  • Bookmark
604.4 A1

Providing tax return preparation services does not usually create a threat.

  • Bookmark
604.4 A2

Tax return preparation services involve:

  • Assisting clients with their tax reporting obligations by drafting and compiling information, including the amount of tax due (usually on standardized forms) required to be submitted to the applicable tax authorities.

  • Advising on the tax return treatment of past transactions and responding on behalf of the audit client to the tax authorities' requests for additional information and analysis (for example, providing explanations of and technical support for the approach being taken).

  • Bookmark
604.4 A3

Tax return preparation services are usually based on historical information and principally involve analysis and presentation of such historical information under existing tax law, including precedents and established practice. Further, the tax returns are subject to whatever review or approval process the tax authority considers appropriate.

Tax Calculations for the Purpose of Preparing Accounting Entries (604.5 A1 to 604.6 A1)
  • Bookmark
604.5 A1

Preparing calculations of current and deferred tax liabilities (or assets) for an audit client for the purpose of preparing accounting entries that will be subsequently audited by the firm creates a self-review threat.

  • Bookmark
604.5 A2

In addition to the factors in paragraph 604.3 A2, a factor that is relevant in evaluating the level of the threat created when preparing such calculations for an audit client is whether the calculation might have a material effect on the financial statements on which the firm will express an opinion.

  • Bookmark
604.5 A3

Examples of actions that might be safeguards to address such a self-review threat when the audit client is not a public interest entity include:

  • Using professionals who are not audit team members to perform the service.

  • Having an appropriate reviewer who was not involved in providing the service review the audit work or service performed.

  • Bookmark
R604.6

A firm or a network firm shall not prepare tax calculations of current and deferred tax liabilities (or assets) for an audit client that is a public interest entity for the purpose of preparing accounting entries that are material to the financial statements on which the firm will express an opinion.

  • Bookmark
604.6 A1

The examples of actions that might be safeguards in paragraph 604.5 A3 to address self-review threats are also applicable when preparing tax calculations of current and deferred tax liabilities (or assets) to an audit client that is a public interest entity that are immaterial to the financial statements on which the firm will express an opinion.

Tax Planning and Other Tax Advisory Services (604.7 A1 to R604.8)
  • Bookmark
604.7 A1

Providing tax planning and other tax advisory services might create a self-review or advocacy threat.

  • Bookmark
604.7 A2

Tax planning or other tax advisory services comprise a broad range of services, such as advising the client how to structure its affairs in a tax efficient manner or advising on the application of a new tax law or regulation.

  • Bookmark
604.7 A3

In addition to paragraph 604.3 A2, factors that are relevant in evaluating the level of self-review or advocacy threats created by providing tax planning and other tax advisory services to audit clients include:

  • The degree of subjectivity involved in determining the appropriate treatment for the tax advice in the financial statements.

  • Whether the tax treatment is supported by a private ruling or has otherwise been cleared by the tax authority before the preparation of the financial statements. For example, whether the advice provided as a result of the tax planning and other tax advisory services:

    • Is clearly supported by a tax authority or other precedent.

    • Is an established practice.

    • Has a basis in tax law that is likely to prevail.

  • The extent to which the outcome of the tax advice will have a material effect on the financial statements.

  • Whether the effectiveness of the tax advice depends on the accounting treatment or presentation in the financial statements and there is doubt as to the appropriateness of the accounting treatment or presentation under the relevant financial reporting framework.

  • Bookmark
604.7 A4

Examples of actions that might be safeguards to address such threats include:

  • Using professionals who are not audit team members to perform the service might address self-review or advocacy threats.

  • Having an appropriate reviewer, who was not involved in providing the service review the audit work or service performed might address a self-review threat.

  • Obtaining pre-clearance from the tax authorities might address self-review or advocacy threats.

  • Bookmark
R604.8

A firm or a network firm shall not provide tax planning and other tax advisory services to an audit client when the effectiveness of the tax advice depends on a particular accounting treatment or presentation in the financial statements and:

  • The audit team has reasonable doubt as to the appropriateness of the related accounting treatment or presentation under the relevant financial reporting framework; and

  • The outcome or consequences of the tax advice will have a material effect on the financial statements on which the firm will express an opinion.

Tax Services Involving Valuations (604.9 A1 to 604.9 A5)
  • Bookmark
604.9 A1

Providing tax valuation services to an audit client might create a self-review or advocacy threat.

  • Bookmark
604.9 A2

A firm or a network firm might perform a valuation for tax purposes only, where the result of the valuation will not have a direct effect on the financial statements (that is, the financial statements are only affected through accounting entries related to tax). This would not usually create threats if the effect on the financial statements is immaterial or the valuation is subject to external review by a tax authority or similar regulatory authority.

  • Bookmark
604.9 A3

If the valuation that is performed for tax purposes is not subject to an external review and the effect is material to the financial statements, in addition to paragraph 604.3 A2, the following factors are relevant in evaluating the level of self-review or advocacy threats created by providing those services to an audit client:

  • The extent to which the valuation methodology is supported by tax law or regulation, other precedent or established practice.

  • The degree of subjectivity inherent in the valuation.

  • The reliability and extent of the underlying data.

  • Bookmark
604.9 A4

Examples of actions that might be safeguards to address threats include:

  • Using professionals who are not audit team members to perform the service might address self-review or advocacy threats.

  • Having an appropriate reviewer who was not involved in providing the service review the audit work or service performed might address a self-review threat.

  • Obtaining pre-clearance from the tax authorities might address self-review or advocacy threats.

  • Bookmark
604.9 A5

A firm or network firm might also perform a tax valuation to assist an audit client with its tax reporting obligations or for tax planning purposes where the result of the valuation will have a direct effect on the financial statements. In such situations, the requirements and application material set out in Subsection 603 relating to valuation services apply.

Assistance in the Resolution of Tax Disputes (604.10 A1 to 604.11 A2)
  • Bookmark
604.10 A1

Providing assistance in the resolution of tax disputes to an audit client might create a self-review or advocacy threat.

  • Bookmark
604.10 A2

A tax dispute might reach a point when the tax authorities have notified an audit client that arguments on a particular issue have been rejected and either the tax authority or the client refers the matter for determination in a formal proceeding, for example, before a public tribunal or court.

  • Bookmark
604.10 A3

In addition to paragraph 604.3 A2, factors that are relevant in evaluating the level of self-review or advocacy threats created by assisting an audit client in the resolution of tax disputes include:

  • The role management plays in the resolution of the dispute.

  • The extent to which the outcome of the dispute will have a material effect on the financial statements on which the firm will express an opinion.

  • Whether the advice that was provided is the subject of the tax dispute.

  • The extent to which the matter is supported by tax law or regulation, other precedent, or established practice.

  • Whether the proceedings are conducted in public.

  • Bookmark
604.10 A4

Examples of actions that might be safeguards to address threats include:

  • Using professionals who are not audit team members to perform the service might address self-review or advocacy threats.

  • Having an appropriate reviewer who was not involved in providing the service review the audit work or the service performed might address a self-review threat.

  • Bookmark
R604.11

A firm or a network firm shall not provide tax services that involve assisting in the resolution of tax disputes to an audit client if:

  • The services involve acting as an advocate for the audit client before a public tribunal or court in the resolution of a tax matter; and

  • The amounts involved are material to the financial statements on which the firm will express an opinion.

  • Bookmark
604.11 A1

Paragraph R604.11 does not preclude a firm or network firm from having a continuing advisory role in relation to the matter that is being heard before a public tribunal or court, for example:

  • Responding to specific requests for information.

  • Providing factual accounts or testimony about the work performed.

  • Assisting the client in analyzing the tax issues related to the matter.

  • Bookmark
604.11 A2

What constitutes a "public tribunal or court" depends on how tax proceedings are heard in the particular jurisdiction.

SUBSECTION 605 INTERNAL AUDIT SERVICES

Introduction (605.1 to 605.2)
  • Bookmark
605.1

Providing internal audit services to an audit client might create a self-review threat.

  • Bookmark
605.2

In addition to the specific requirements and application material in this subsection, the requirements and application material in paragraphs 600.1 to R600.10 are relevant to applying the conceptual framework when providing an internal audit service to an audit client. This subsection includes requirements that prohibit firms and network firms from providing certain internal audit services to audit clients in some circumstances because the threats created cannot be addressed by applying safeguards.

Requirements and Application Material

All Audit Clients (605.3 A1 to R605.5)
  • Bookmark
605.3 A1

Internal audit services involve assisting the audit client in the performance of its internal audit activities. Internal audit activities might include:

  • Monitoring of internal control - reviewing controls, monitoring their operation and recommending improvements to them.

  • Examining financial and operating information by:

    • Reviewing the means used to identify, measure, classify and report financial and operating information.

    • Inquiring specifically into individual items including detailed testing of transactions, balances and procedures.

  • Reviewing the economy, efficiency and effectiveness of operating activities including non-financial activities of an entity.

  • Reviewing compliance with:

    • Laws, regulations and other external requirements.

    • Management policies, directives and other internal requirements.

  • Bookmark
605.3 A2

The scope and objectives of internal audit activities vary widely and depend on the size and structure of the entity and the requirements of management and those charged with governance.

  • Bookmark
R605.4

When providing an internal audit service to an audit client, the firm shall be satisfied that:

  • The client designates an appropriate and competent resource, preferably within senior management, to:

    • Be responsible at all times for internal audit activities; and

    • Acknowledge responsibility for designing, implementing, monitoring and maintaining internal control.

  • The client's management or those charged with governance reviews, assesses and approves the scope, risk and frequency of the internal audit services;

  • The client's management evaluates the adequacy of the internal audit services and the findings resulting from their performance;

  • The client's management evaluates and determines which recommendations resulting from internal audit services to implement and manages the implementation process; and

  • The client's management reports to those charged with governance the significant findings and recommendations resulting from the internal audit services.

  • Bookmark
605.4 A1

Paragraph R600.7 precludes a firm or a network firm from assuming a management responsibility. Performing a significant part of the client's internal audit activities increases the possibility that firm or network firm personnel providing internal audit services will assume a management responsibility.

  • Bookmark
605.4 A2

Examples of internal audit services that involve assuming management responsibilities include:

  • Setting internal audit policies or the strategic direction of internal audit activities.

  • Directing and taking responsibility for the actions of the entity's internal audit employees.

  • Deciding which recommendations resulting from internal audit activities to implement.

  • Reporting the results of the internal audit activities to those charged with governance on behalf of management.

  • Performing procedures that form part of the internal control, such as reviewing and approving changes to employee data access privileges.

  • Taking responsibility for designing, implementing, monitoring and maintaining internal control.

  • Performing outsourced internal audit services, comprising all or a substantial portion of the internal audit function, where the firm or network firm is responsible for determining the scope of the internal audit work; and might have responsibility for one or more of the matters noted above.

  • Bookmark
605.4 A3

When a firm uses the work of an internal audit function in an audit engagement, ISAs require the performance of procedures to evaluate the adequacy of that work. Similarly, when a firm or network firm accepts an engagement to provide internal audit services to an audit client, the results of those services might be used in conducting the external audit. This creates a self-review threat because it is possible that the audit team will use the results of the internal audit service for purposes of the audit engagement without:

  • Appropriately evaluating those results; or

  • Exercising the same level of professional skepticism as would be exercised when the internal audit work is performed by individuals who are not members of the firm.

  • Bookmark
605.4 A4

Factors that are relevant in evaluating the level of such a self-review threat include:

  • The materiality of the related financial statement amounts.

  • The risk of misstatement of the assertions related to those financial statement amounts.

  • The degree of reliance that the audit team will place on the work of the internal audit service, including in the course of an external audit.

  • Bookmark
605.4 A5

An example of an action that might be a safeguard to address such a self-review threat is using professionals who are not audit team members to perform the service.

  • Bookmark
R605.5

A firm or a network firm shall not provide internal audit services to an audit client that is a public interest entity, if the services relate to:

  • A significant part of the internal controls over financial reporting;

  • Financial accounting systems that generate information that is, individually or in the aggregate, material to the client's accounting records or financial statements on which the firm will express an opinion; or

  • Amounts or disclosures that are, individually or in the aggregate, material to the financial statements on which the firm will express an opinion.

SUBSECTION 606 INFORMATION TECHNOLOGY SYSTEMS SERVICES

Introduction (606.1 to 606.2)
  • Bookmark
606.1

Providing information technology (IT) systems services to an audit client might create a self-review threat.

  • Bookmark
606.2

In addition to the specific requirements and application material in this subsection, the requirements and application material in paragraphs 600.1 to R600.10 are relevant to applying the conceptual framework when providing an IT systems service to an audit client. This subsection includes requirements that prohibit firms and network firms from providing certain IT systems services to audit clients in some circumstances because the threats created cannot be addressed by applying safeguards.

Requirements and Application Material

All Audit Clients (606.3 A1 to R606.5)
  • Bookmark
606.3 A1

Services related to IT systems include the design or implementation of hardware or software systems. The IT systems might:

  • Aggregate source data;

  • Form part of the internal control over financial reporting; or

  • Generate information that affects the accounting records or financial statements, including related disclosures.

However, the IT systems might also involve matters that are unrelated to the audit client's accounting records or the internal control over financial reporting or financial statements.

  • Bookmark
606.3 A2

Paragraph R600.7 precludes a firm or a network firm from assuming a management responsibility. Providing the following IT systems services to an audit client does not usually create a threat as long as personnel of the firm or network firm do not assume a management responsibility:

  • Designing or implementing IT systems that are unrelated to internal control over financial reporting;

  • Designing or implementing IT systems that do not generate information forming a significant part of the accounting records or financial statements;

  • Implementing "off-the-shelf" accounting or financial information reporting software that was not developed by the firm or network firm, if the customization required to meet the client's needs is not significant; and

  • Evaluating and making recommendations with respect to an IT system designed, implemented or operated by another service provider or the client.

  • Bookmark
R606.4

When providing IT systems services to an audit client, the firm or network firm shall be satisfied that:

  • The client acknowledges its responsibility for establishing and monitoring a system of internal controls;

  • The client assigns the responsibility to make all management decisions with respect to the design and implementation of the hardware or software system to a competent employee, preferably within senior management;

  • The client makes all management decisions with respect to the design and implementation process;

  • The client evaluates the adequacy and results of the design and implementation of the system; and

  • The client is responsible for operating the system (hardware or software) and for the data it uses or generates.

  • Bookmark
606.4 A1

Factors that are relevant in evaluating the level of a self-review threat created by providing IT systems services to an audit client include:

  • The nature of the service.

  • The nature of IT systems and the extent to which they impact or interact with the client's accounting records or financial statements.

  • The degree of reliance that will be placed on the particular IT systems as part of the audit.

  • Bookmark
606.4 A2

An example of an action that might be a safeguard to address such a self-review threat is using professionals who are not audit team members to perform the service.

  • Bookmark
R606.5

A firm or a network firm shall not provide IT systems services to an audit client that is a public interest entity if the services involve designing or implementing IT systems that:

  • Form a significant part of the internal control over financial reporting; or

  • Generate information that is significant to the client's accounting records or financial statements on which the firm will express an opinion.

SUBSECTION 607 LITIGATION SUPPORT SERVICES

Introduction (607.1 to 607.2)
  • Bookmark
607.1

Providing certain litigation support services to an audit client might create a self-review or advocacy threat.

  • Bookmark
607.2

In addition to the specific application material in this subsection, the requirements and application material in paragraphs 600.1 to R600.10 are relevant to applying the conceptual framework when providing a litigation support service to an audit client.

Application Material

All Audit Clients (607.3 A1 to 607.3 A4)
  • Bookmark
607.3 A1

Litigation support services might include activities such as:

  • Assisting with document management and retrieval.

  • Acting as a witness, including an expert witness.

  • Calculating estimated damages or other amounts that might become receivable or payable as the result of litigation or other legal dispute.

  • Bookmark
607.3 A2

Factors that are relevant in evaluating the level of self-review or advocacy threats created by providing litigation support services to an audit client include:

  • The legal and regulatory environment in which the service is provided, for example, whether an expert witness is chosen and appointed by a court.

  • The nature and characteristics of the service.

  • The extent to which the outcome of the litigation support service will have a material effect on the financial statements on which the firm will express an opinion.

  • Bookmark
607.3 A3

An example of an action that might be a safeguard to address such a self-review or advocacy threat is using a professional who was not an audit team member to perform the service.

  • Bookmark
607.3 A4

If a firm or a network firm provides a litigation support service to an audit client and the service involves estimating damages or other amounts that affect the financial statements on which the firm will express an opinion, the requirements and application material set out in Subsection 603 related to valuation services apply.

SUBSECTION 608 LEGAL SERVICES

Introduction (608.1 to 608.2)
  • Bookmark
608.1

Providing legal services to an audit client might create a self-review or advocacy threat.

  • Bookmark
608.2

In addition to the specific requirements and application material in this subsection, the requirements and application material in paragraphs 600.1 to R600.10 are relevant to applying the conceptual framework when providing a legal service to an audit client. This subsection includes requirements that prohibit firms and network firms from providing certain legal services to audit clients in some circumstances because the threats cannot be addressed by applying safeguards.

Requirements and Application Material

All Audit Clients (608.3 A1 to 608.6 A1)
  • Bookmark
608.3 A1

Legal services are defined as any services for which the individual providing the services must either:

  • Have the required legal training to practice law; or

  • Be admitted to practice law before the courts of the jurisdiction in which such services are to be provided.

  • Bookmark
608.4 A1

Depending on the jurisdiction, legal advisory services might include a wide and diversified range of service areas including both corporate and commercial services to audit clients, such as:

  • Contract support.

  • Supporting an audit client in executing a transaction.

  • Mergers and acquisitions.

  • Supporting and assisting an audit client's internal legal department.

  • Legal due diligence and restructuring.

  • Bookmark
608.4 A2

Factors that are relevant in evaluating the level of self-review or advocacy threats created by providing legal advisory services to an audit client include:

  • The materiality of the specific matter in relation to the client's financial statements.

  • The complexity of the legal matter and the degree of judgment necessary to provide the service.

  • Bookmark
608.4 A3

Examples of actions that might be safeguards to address threats include:

  • Using professionals who are not audit team members to perform the service might address a self-review or advocacy threat.

  • Having an appropriate reviewer who was not involved in providing the service review the audit work or the service performed might address a self-review threat.

  • Bookmark
R608.5

A partner or employee of the firm or the network firm shall not serve as General Counsel for legal affairs of an audit client.

  • Bookmark
608.5 A1

The position of General Counsel is usually a senior management position with broad responsibility for the legal affairs of a company.

  • Bookmark
R608.6

A firm or a network firm shall not act in an advocacy role for an audit client in resolving a dispute or litigation when the amounts involved are material to the financial statements on which the firm will express an opinion.

  • Bookmark
608.6 A1

Examples of actions that might be safeguards to address a self-review threat created when acting in an advocacy role for an audit client when the amounts involved are not material to the financial statements on which the firm will express an opinion include:

  • Using professionals who are not audit team members to perform the service.

  • Having an appropriate reviewer who was not involved in providing the service review the audit work or the service performed.

SUBSECTION 609 RECRUITING SERVICES

Introduction (609.1 to 609.2)
  • Bookmark
609.1

Providing recruiting services to an audit client might create a self-interest, familiarity or intimidation threat.

  • Bookmark
609.2

In addition to the specific requirements and application material in this subsection, the requirements and application material in paragraphs 600.1 to R600.10 are relevant to applying the conceptual framework when providing a recruiting service to an audit client. This subsection includes requirements that prohibit firms and network firms from providing certain types of recruiting services to audit clients in some circumstances because the threats created cannot be addressed by applying safeguards.

Requirements and Application Material

All Audit Clients (609.3 A1 to R609.7)
  • Non-Authoritative Guidance
  • Bookmark
609.3 A1

Recruiting services might include activities such as:

  • Developing a job description.

  • Developing a process for identifying and selecting potential candidates.

  • Searching for or seeking out candidates.

  • Screening potential candidates for the role by:

    • Reviewing the professional qualifications or competence of applicants and determining their suitability for the position.

    • Undertaking reference checks of prospective candidates.

    • Interviewing and selecting suitable candidates and advising on candidates' competence.

  • Determining employment terms and negotiating details, such as salary, hours and other compensation.

  • Bookmark
609.3 A2

Paragraph R600.7 precludes a firm or a network firm from assuming a management responsibility. Providing the following services does not usually create a threat as long as personnel of the firm or network firm does not assume a management responsibility:

  • Reviewing the professional qualifications of a number of applicants and providing advice on their suitability for the position.

  • Interviewing candidates and advising on a candidate's competence for financial accounting, administrative or control positions.

  • Bookmark
R609.4

When a firm or network firm provides recruiting services to an audit client, the firm shall be satisfied that:

  • The client assigns the responsibility to make all management decisions with respect to hiring the candidate for the position to a competent employee, preferably within senior management; and

  • The client makes all management decisions with respect to the hiring process, including:

    • Determining the suitability of prospective candidates and selecting suitable candidates for the position.

    • Determining employment terms and negotiating details, such as salary, hours and other compensation.

  • Bookmark
609.5 A1

Factors that are relevant in evaluating the level of self-interest, familiarity or intimidation threats created by providing recruiting services to an audit client include:

  • The nature of the requested assistance.

  • The role of the individual to be recruited.

  • Any conflicts of interest or relationships that might exist between the candidates and the firm providing the advice or service.

  • Bookmark
609.5 A2

An example of an action that might be a safeguard to address such a self-interest, familiarity or intimidation threat is using professionals who are not audit team members to perform the service.

  • Bookmark
R609.6

When providing recruiting services to an audit client, the firm or the network firm shall not act as a negotiator on the client's behalf.

  • Non-Authoritative Guidance
  • Bookmark
R609.7

A firm or a network firm shall not provide a recruiting service to an audit client if the service relates to:

  • Searching for or seeking out candidates; or

  • Undertaking reference checks of prospective candidates,

with respect to the following positions:

  • A director or officer of the entity; or

  • A member of senior management in a position to exert significant influence over the preparation of the client's accounting records or the financial statements on which the firm will express an opinion.

SUBSECTION 610 CORPORATE FINANCE SERVICES

Introduction (610.1 to 610.2)
  • Bookmark
610.1

Providing corporate finance services to an audit client might create a self-review or advocacy threat.

  • Bookmark
610.2

In addition to the specific requirements and application material in this subsection, the requirements and application material in paragraphs 600.1 to R600.10 are relevant to applying the conceptual framework when providing a corporate finance service to an audit client. This subsection includes requirements that prohibit firms and network firms from providing certain corporate finance services in some circumstances to audit clients because the threats created cannot be addressed by applying safeguards.

Requirements and Application Material

All Audit Clients (610.3 A1 to R610.5)
  • Bookmark
610.3 A1

Examples of corporate finance services that might create a self-review or advocacy threat include:

  • Assisting an audit client in developing corporate strategies.

  • Identifying possible targets for the audit client to acquire.

  • Advising on disposal transactions.

  • Assisting in finance raising transactions.

  • Providing structuring advice.

  • Providing advice on the structuring of a corporate finance transaction or on financing arrangements that will directly affect amounts that will be reported in the financial statements on which the firm will express an opinion.

  • Bookmark
610.3 A2

Factors that are relevant in evaluating the level of such threats created by providing corporate finance services to an audit client include:

  • The degree of subjectivity involved in determining the appropriate treatment for the outcome or consequences of the corporate finance advice in the financial statements.

  • The extent to which:

    • The outcome of the corporate finance advice will directly affect amounts recorded in the financial statements.

    • The amounts are material to the financial statements.

  • Whether the effectiveness of the corporate finance advice depends on a particular accounting treatment or presentation in the financial statements and there is doubt as to the appropriateness of the related accounting treatment or presentation under the relevant financial reporting framework.

  • Bookmark
610.3 A3

Examples of actions that might be safeguards to address threats include:

  • Using professionals who are not audit team members to perform the service might address self-review or advocacy threats.

  • Having an appropriate reviewer who was not involved in providing the service review the audit work or service performed might address a self-review threat.

  • Bookmark
R610.4

A firm or a network firm shall not provide corporate finance services to an audit client that involve promoting, dealing in, or underwriting the audit client's shares.

  • Bookmark
R610.5

A firm or a network firm shall not provide corporate finance advice to an audit client where the effectiveness of such advice depends on a particular accounting treatment or presentation in the financial statements on which the firm will express an opinion and:

  • The audit team has reasonable doubt as to the appropriateness of the related accounting treatment or presentation under the relevant financial reporting framework; and

  • The outcome or consequences of the corporate finance advice will have a material effect on the financial statements on which the firm will express an opinion.