By MIA Practice Review Department
The following are some of the key findings from practice review related to the audit firm’s implementation of one of the elements of quality control (ISQC 1), which is “client acceptance and continuance relationships”.
The review findings in the context of client acceptance and continuance procedures are related to the completeness of documentation, timeliness of performance of acceptance and continuance considerations and the audit team’s ability in performing the audit. The Practice Review Department (PRD) wishes to emphasise that the findings raised below merely serve as guidance to help members understand some of the well-developed client acceptance or continuance implementation within their firms, which shall be in compliance with relevant professional standards, applicable legal and regulatory requirements, as well as in achieving quality audit.
Key Findings and Reviewer’s Recommendations
Commitment to maintain appropriate quality control standards in accordance with ISQC 1, and having policies that comply with ISAs and in accordance with ISA 220 and ISA 600, is significant in addressing issues arising from client acceptance and continuance. The PRD also wishes to highlight that ISA 600 – Special considerations – audit of group financial statements (including work of component auditors) is included in this article as ISA 600 refers to group audits, which are equally important to client acceptance and continuance consideration at the firm level to ensure conformance to the overall quality control processes.
ISQC 1 (26) states:
26. The firm shall establish policies and procedures for the acceptance and continuance of client relationships and specific engagements, designed to provide the firm with reasonable assurance that it will only undertake or continue relationships and engagements where the firm:
(a) Is competent to perform the engagement and has the capabilities, including time and resources to do so;
(b) Can comply with relevant ethical requirements; and
(c) Has considered the integrity of the clients and does not have information that would lead it to conclude that the client lacks integrity.
The firm can also refer to ISQC 1(27) and (28) on the specific requirements on policies and procedures for acceptance, continuing engagement and client relationships.
It is also recommended for the audit firm to communicate with preceding auditors to ascertain whether there are circumstances that a firm should consider in deciding whether to accept the engagement. This recommendation is associated with the requirement under MIA’s By-Laws Section 210.10A of Part 1(b): Changes in a Professional Appointment, where, no member in public practice shall accept a nomination for the engagement without enquiring from the existing auditor as to whether there is any professional or other reason for the proposed change of which he should be aware before deciding whether or not to accept the appointment and, if there are such reasons, requesting the existing auditor to provide him with all the details necessary to enable him to come to a decision. (Note: The firm may refer to the By-Laws (On Professional Ethics, Conduct and Practice) of the Malaysian Institute of Accountants [Issued June 2019] Section R320.4 MY for the same requirement in future.)
It is a common finding from practice review that there are inadequacies in documentation with respect to client acceptance and continuance considerations. While all the necessary considerations may have taken place and a rationale determined in accepting and continuing with the client, all these “thought processes” were not documented in the audit files. As with documentation, an appropriate and timely assessment can create a stronger auditor-client relationship and reduce the risk of damage to the firm’s professional reputation and growth. Thus, formal (written) documentation shall be maintained for the procedures performed to evaluate the acceptance of prospective clients and the continuation of existing clients together with the conclusion as part of the firm’s risk management policy.
Also, partner/ partners must approve and sign off on the decision to accept or continue an engagement in accordance with the firm’s policies and procedures and this shall be completed before proposing or committing to accept the engagement and/or at the last audit. Failing to perform diligent and timely client and engagement acceptance assessment not only leads to the possibility of an unplanned relationship termination but also leads to significant professional liability disputes and concerns. Besides timely performance of the said procedures, the level and extent of involvement of firm’s personnel in the performance of client acceptance and continuance determination is equally important but might vary according to the risk associated with the overall engagements, as well as the scope of services engaged within the firm.
As regards client acceptance and continuance consideration for engagements with group audit, ISA 600 (12) and (13) states:
ISA 600 (12) states that: In applying ISA 220, the group engagement partner shall determine whether sufficient appropriate audit evidence can reasonably be expected to be obtained in relation to the consolidation process and the financial information of the components on which to base the group audit opinion. For this purpose, the group engagement team shall obtain an understanding of the group, its components, and their environment that is sufficient to identify components that are likely to be significant components. Where component auditors will perform work on the financial information of such components, the group engagement partner shall evaluate whether the group engagement team will be able to be involved in the work of those component auditors to the extent necessary to obtain sufficient appropriate audit evidence. (refer: Para A10 – A12)
ISA 600 (13) states – If the group engagement partner concludes that:
(a) it will not be possible for the group engagement team to obtain sufficient appropriate audit evidence due to restriction imposed by group management: and
(b) the possible effect of this inability will result in disclaimer of opinion on the group financial statement,
the group engagement partner shall either:
- In the case of a new engagement, not accept the engagement, or, in the case of a continuing engagement, withdraw from the engagement, where withdrawal is possible under applicable law and regulations; or
- where law or regulation prohibits an auditor from declining an engagement or where withdrawal from an engagement is not otherwise possible, having performed the audit of the group financial statements to the extent possible, disclaim an opinion on the group financial statements. (refer: Para A13-A19)
While this article focuses on findings for relevant client acceptance and continuance requirements, practitioners are advised to study all relevant professional standards and review available supporting implementation guidance in order to have full understanding of the entire text of all the relevant professional standards and regulations, including its application.
*Reminder for member firms: The firms are advised to look into ISQM 1 as the firms will be required to design and implement a system of quality management in compliance with ISQM 1 by 15 December 2022.