Blog : BOARD TALK
|Posted on December 2, 2014 at 2:20 AM|
The UK's lead regulator on audit and standards of corporate governance, the Financial Reporting Council (FRC), has just issued a thematic report on the pace of improvements in the quality of audits in the banking sector compared to the market as a whole.
A great deal has been done, it seems, to strengthen oversight and assurance since the financial crisis. It notes improvements as being "most noticeable at firms where the FRC has in recent years identified significant issues." But, it says that " Improvements were not consistent across all audits and the report identifies areas where further improvement is necessary."
The FRC reviewed 13 audits of banks and building societies for its thematic review. Ten were classified as either good or requiring limited improvements, one required improvements and two required "significant improvements."
It is not naming the two at the moment- although we can expect this to happen when it publishes its annual audit quality inspections report in May.
The FRC is keen to get across the message that auditors need to be proactive in ensuring their procedures are fit for purpose rather than responding to regulatory findings. It is calling on audit firms to ensure they have the right banking expertise and up to date specialist IT knowledge to be able to audit loan loss provisioning and IT controls, the critical aspects of bank audits identified by the FRC as needing attention.
In the majority of audits reviewed the FRC raised issues about consistency in the quality of audit testing, encompassing controls, substantive and IT testing. "In most cases the impact was not significant to the audit overall, but these issues demonstrate that auditors are not consistently applying a sufficient degree of challenge, and that such improvements are not being identified by internal quality control procedures" it says.
Its report summarises a number of key messages for firms performing an audit of loan loss provisioning and related IT controls that it believes should contribute to an overall increase in audit quality:
- Be proactive in monitoring and enhancing bank audit quality, as well as being reactive to regulatory concerns and ensure that bank audit initiatives and procedures remain fit for purpose
- Revisit procedures to ensure that all regulatory and market risks are captured by risk assessment methodology and sector training, and consider or enhance the use of benchmarking and data analytics as effective audit tools in the audit of loan loss provisions
- Ensure audit teams apply an appropriate degree of challenge and professional scepticism in the audit of loan loss provisions, rather than seeking to corroborate management’s viewsMake sector training mandatory for partners and staff engaged in bank audits where this is not already the case and monitor attendance at, and effectiveness of, those training courses
- Fast track the integration of non-IT specialists into the audit team using lessons learned in integrating IT specialists into audit teams
- Perform root cause analysis to understand why current quality control processes did not identify weaknesses highlighted by our reviews
Banking sector beware: this level of scrutiny from the FRC is clearly not about to go away.
In time its audit quality reviews will be more transparent and companies will be able to disclose to their shareholders the grade the FRC gives to their audit. But it stresses the FRC grade is not intended as a comment on the company’s financial results.
"The banking sector will remain a priority area for the FRC’s routine audit inspection work. The FRC will also undertake follow-up work on audits where significant improvements are required as part of next year’s inspection cycle to ensure appropriate actions have been taken" it says.
The report also offers advice to audit committees to ensure the quality of financial reporting.