Independent Review of the
Financial Reporting Council
December 2018
© Crown copyright 2018
This publication is licensed under the terms of the Open Government Licence v3.0 except
where otherwise stated. To view this licence, visit nationalarchives.gov.uk/doc/open-
government-licence/version/3
Where we have identied any third party copyright information you will need to obtain
permission from the copyright holders concerned.
Any enquiries regarding this publication should be sent to us at enquiries@beis.gov.uk
Printed on paper containing 75% recycled bre content minimum
Printed in the UK by the APS Group on behalf of the Controller of Her Majesty’s
StationeryOfce
1
Independent Review of the Financial Reporting Council
The Rt Hon Greg Clark MP
Secretary of State for Business, Energy and Industrial Strategy
Department for Business, Energy and Industrial Strategy
1 Victoria Street
London, SW1H 0ET
Dear Secretary of State,
In April, you asked me to undertake an independent review of the Financial Reporting Council,
to report by the end of 2018. You asked for a root and branch review that would put forward
proposals to make the regulator a beacon for the best in governance, transparency, and
independence.
This report sets out my conclusions. It makes detailed proposals for a new organisation with a
new mandate, a new clarity of mission and purpose, new leadership and new powers.
It will be possible to achieve part, but only part, of what needs to be done without legislation,
as I set out in Chapter 7. But I emphasise that to achieve anything like the vision you set out
in commissioning the Review, primary legislation will be essential. Only this can give the new
organisation the tools it needs to do its job.
I should like to thank:
• First, all those stakeholders who have engaged with the Review and responded to the
Review’s call for evidence;
• Second, the excellent team which has supported the Review’s work: CharlotteDaly;
SanudeLima; Amy Ellison; Paula Lovitt; Robin Mueller; Samantha Oakley;
BenRobertson; Hitesh Shivam Tank; Peter Stevenson; Chris Thresh; Peter Wade– and
in particular Claire Hardgrave who was with the Review from the beginning and bore the
brunt of writing this report; and
• Third, all the members of the Review’s advisory group– Lucinda Bell; Mark Burgess;
John Cridland; Amelia Fletcher; Simon Fraser; Sir Peter Gershon; Nikhil Rathi; and
AnneRichards– and especially Dame Mary Keegan and Teresa Graham, who were
exceptionally generous with their time, especially in assisting on technical accounting
and audit issues. This formidable group provided much wise guidance and counsel, as
well as lively challenge and debate. I am hugely grateful. Responsibility for the Review’s
conclusions and recommendations, however, is mine alone.
Yours sincerely,
John Kingman
2 Independent Review of the Financial Reporting Council
3
Contents
Summary 5
Corporate failure 12
Structural questions 13
Other issues: actuarial oversight 13
Other issues: local audit 14
Other issues: oversight of the NAO 15
Interim steps 16
Chapter 1– FRC: structure and purpose 18
Background 18
Statutory base 19
A new regulator 19
Role of the board 21
Board appointments 23
Sub-board structures 24
Board involvement in enforcement decisions 26
Chapter 2 – FRC: effectiveness of corefunctions 28
Audit regulation 28
Audit quality 31
Corporate reporting 33
Enforcement 39
Enforcement: directors 43
Accountancy oversight 44
Stewardship 45
Chapter 3 – Corporate failure 47
The role of the regulator 47
New powers 48
Other relevant issues 50
Chapter 4 – The new regulator: oversight andaccountability 53
Oversight by Government and Parliament 53
Conicts of interest 54
Complaints 55
Freedom of Information 56
Leaks 57
4 Independent Review of the Financial Reporting Council
Chapter 5 – Stafng and resources 59
Funding 59
Stafng 61
Chapter 6 – Other matters 63
Competition issues 63
Actuarialoversight 66
Local audit 68
National Audit Ofce 71
Chapter 7 – Interim steps 74
Annex 1: List of all recommendations 77
Annex 2: Glossary of acronyms 87
Annex 3: List of respondents to the CallforEvidence 89
Annex 4: Review terms of reference 91
Summary 5
Summary
1. The quality, accuracy and reliability of corporate reporting, governance and audit are
fundamental to the trust shareholders, investors and the wider public place in companies.
They are the lifeblood of nancial markets, contributing to the UK’s standing as a pre-eminent
international nancial centre, nancing business investment, and contributing to wider growth.
2. The importance of the Financial Reporting Council’s (FRC) role in this context is clear.
The FRC sets the governance standards the UK’s biggest companies are expected to live up
to. It inspects the gures companies produce, and it oversees the quality of the audit work
that is supposed to keep those gures honest. It therefore makes, or should make, a critical
contribution to trust in business.
3. Yet, having spent most of its institutional life largely in obscurity, the FRC now nds itself
subject to tough and persistent criticism. Two major Select Committees have accused it, in
the strongest terms, of timidity, a lack of pace and excessive closeness to those it regulates.
These criticisms have put the FRC under an unprecedented spotlight.
4. What this spotlight has revealed is an institution constructed in a different era – a rather
ramshackle house, cobbled together with all sorts of extensions over time. The house is–
just– serviceable, up to a point, but it leaks and creaks, sometimes badly. The inhabitants
of the house have sought to patch and mend. But in the end, the house is built on weak
foundations.
5. It is time to build a new house.
6. The Review believes that the FRC should be replaced with a new body which:
• Has a clear and precise sense of purpose and mission;
• Is rmly focused on the interests of consumers of nancial information, not
producers;
• Is respected by those who depend on its work, and where necessary feared by
those whom it regulates;
• Has the right powers and resources it needs to do its job; and
• Is able to attract the highest-quality people.
7. These are not unrealistic aspirations for a regulator. Broadly speaking, all these things
are now, after a decade of post-crisis reconstruction, true for both of the UK’s two main
nancial regulators. At the FRC, by contrast, none of these things is consistently true.
6 Independent Review of the Financial Reporting Council
8. In fact, the nancial crisis as much reected failings in accounting and nancial reporting
as anything else. Yet at the time of the crisis, the FRC went through nothing like the same
radical soul-searching and reform as its fellow nancial regulators.
The FRC: strengths
9. Before addressing the FRC’s weaknesses and the need for change, it is important to
acknowledge some clear strengths:
• The UK is reasonably respected amongst the international regulatory and standard-
setting community.
• The FRC has been an effective custodian of the UK Corporate Governance Code,
which is still rightly regarded as world-leading.
• The FRC has been willing to act even beyond its limited statutory powers, for
instance putting in place arrangements to enhance monitoring of the Big 6
audit rms on a voluntary basis, including on the suitability of signicant senior
appointments, notwithstanding the absence of any formal power to do so.
• Some of the FRC’s innovations, for instance the creation of the Financial Reporting
Lab, have been notably successful.
10. The Review has also been struck by the thoughtful and constructive way in which FRC
staff at all levels have engaged with this Review, and embraced the opportunity to make
positive suggestions for change. The FRC has some excellent people.
The FRC: current constraints on its effectiveness
11. An objective account of the FRC’s strengths and weaknesses must also acknowledge–
as this Review acknowledges – that many of the FRC’s deciencies are to some extent the
product of its history and the limited hand it has been dealt by successive governments.
Forinstance:
On the FRC’s status:
• It is only slowly that the FRC has become to be seen as a regulator at all. It did not
start life as one, and expectations have shifted substantially over time.
• Uniquely amongst major UK regulators, it has no meaningful statutory base.
• For much of its history, the FRC was not a public institution at all, but – oddly – a
private one.
• Its board is largely self-perpetuating, with government involvement only in relation to
the appointments of the Chair and Deputy Chair (and that based only on an informal
agreement).
• It is still titled a ‘Council’, not an ‘Authority’ or ‘Regulator’. At one level this is a
minor presentational point. But it does reect the FRC’s origins in a different, more
corporatist and self-regulatory era, and traces of this mindset remain.
• It has acquiesced in numerous extensions of its role over the years, not all of which
have helped enhance its organisational coherence.
Summary 7
On its powers:
• The FRC
1
still operates under a clear Direction from government, dating from
2016, requiring it to rely on delegation to industry bodies “to the maximum extent
possible”.
• This means, for instance, that the FRC has no direct regulatory purchase on the
major audit rms. It means that some of the biggest and most important economic
actors in the UK are still regulated not by an independent body but, in effect, by their
trade association.
• In a number of important areas, notably oversight of regulation of the actuarial
profession and local authority audit, the FRC’s powers are limited or even non-
existent, leaving it in the unfortunate situation of having been given responsibility
without power.
And in relation to its resources:
• The FRC is still partly funded through a voluntary levy. This voluntary aspect of
a regulator’s funding, depending each year on the willingness of companies and
others to contribute, is seriously inappropriate. It creates a clear danger of blunting
the FRC’s incentive to bite the hand that feeds.
• Following the FRC’s reclassication as a public body, the Government is currently
in the process of imposing a series of new operational controls on the FRC. The
Department for Business, Energy and Industrial Strategy (BEIS) and HM Treasury
are asking the FRC to apply Public Sector Pay Guidance structures even to highly
specialist roles; and any appointment over £100,000 currently requires approval
by a BEIS committee. The Review is clear that this approach will, if continued,
be very damaging and will make the FRC signicantly less effective than it is
today. It is inappropriate for a body that receives no taxpayer funding. Other
market-facing regulators, such as the Prudential Regulation Authority (PRA), Financial
Conduct Authority (FCA), and Ofce of Communications (Ofcom), do not operate
onthisbasis.
The FRC: other weaknesses
12. The Review has also identied a number of further signicant concerns:
• Whilst the FRC’s powers are clearly decient, the FRC has failed to make the case
for change, or has failed to make its case persuasively.
• More generally, the Review does not believe that the FRC has been as effective as it
might have been in shaping the debate on major issues related to its work, such as
the so-called audit “expectations gap”, or on competition in audit, or auditor rotation,
or on the relationship between audit and non-audit work.
• The FRC’s work on audit quality does not command the same credibility as that
of, for instance, the Public Companies Accounting Oversight Board (PCAOB) in the
United States.
• The FRC’s Corporate Reporting Review (CRR) work is limited in its scale and scope.
It excludes key areas of reporting, including companies’ reporting against the
principles and provisions set out in the UK Corporate Governance Code, and their
remuneration reports.
1
As the Competent Authority in respect of statutory audit.
8 Independent Review of the Financial Reporting Council
• The FRC has not, to date, been a particularly effective champion of the need for
annual reports and accounts to be comprehensible and of genuine value for their
readers, rather than simply to provide ever greater volumes of information.
• The Review is not convinced that the FRC’s relationships with the investment
community are as deep as they should be. To be fair, it is equally true that
investors are not as engaged, particularly in audit and accounting issues, as they
could or should be. Nevertheless, it is only very recently that the FRC created
a forum to engage with investors, and that committee is heavily focused on
Environmental, Social and Governance (ESG) specialists as opposed to investment
decision-makers.
• The Stewardship Code, whilst a major and well-intentioned intervention, is not
effective in practice.
• Co-ordination with other regulators – especially the Insolvency Service which
operates powers to act against directors of companies – appears limited and
decient.
• The FRC’s approach to the recruitment of board and council members appears
surprisingly, and inappropriately, informal, often not employing open advertising
or using headhunters, and sometimes even relying on the alumni networks of the
largest audit rms. Of the 21 vacancies in relevant positions between 2016 and
2018 only one role was advertised in the national press, and just 6 involved external
search consultancies.
• The organisation’s stafng and culture is not as open and attractive to the best
talent as it could be. The FRC needs to become, in the words of a distinguished
international stakeholder, “a place where you go to enhance your career, not a place
where you end your career”.
• The FRC has previously applied an inconsistent and incomplete approach to
managing conicts of interest, only very recently publishing its hospitality register
and adopting a standardised approach to recording declarations of interests for
staff. Ithas chosen not to adopt an open and competitive approach to procurement,
and there is no uniform approach to record the deployment of staff to work on
matters relating to former employers nor the steps taken to mitigate any risks that
couldbring.
• Freedom of Information (FOI) provisions do not apply to all of the FRC’s statutory
functions, and there is limited transparency around signicant areas of the
FRC’swork.
• There has also been a persistent tendency for important FRC decisions to leak in
advance (a full list is set out in Chapter 4). These leaks are very damaging to the
FRC’s standing and credibility. This occurs only rarely with other major regulators.
Itneeds to stop.
13. All in all, the Review considers that some of the FRC’s critics overstate their case.
Nevertheless, the Review does have sympathy with the view that the FRC has tended,
overall, to take an excessively consensual approach to its work. The FRC’s approach to its
own governance has also not been consistent with either its public importance, or its role in
championing governance in the corporate world.
Summary 9
Summary of main recommendations
The FRC should be replaced as soon as possible with a new independent regulator
with clear statutory powers and objectives. It should be named the Audit, Reporting and
Governance Authority.
The new body should be accountable to Parliament, with the Chair and Chief Executive
subject to a pre-approval hearing with the BEIS Select Committee, and appearing
annually in front of the Select Committee. The Government should issue a remit letter to
the regulator, at least once each Parliament, as it does for the FCA and PRA.
The regulator should have an overarching duty to promote the interests of consumers of
nancial information, not producers. It should also have a duty to promote competition; a
duty to promote innovation; and a duty to apply proportionality to all its work.
A new board should be appointed. This should have some, but limited, continuity with the
existing board. It should be signicantly smaller than the FRC’s. It should not seek to be
“representative” of stakeholder interests.
The board should cease to be self-perpetuating. All appointments to the new board
should be public appointments. All appointments to both the board and committees of
the new regulator should be advertised, and headhunters should be used. The regulator’s
sub-board structure should be simplied.
The board of the new regulator should exercise signicantly stronger ownership and
oversight of the regulator’s investigation and enforcement functions.
The regulator should be better equipped to ensure that its work and decision-making is
informed by market analysis, particularly the dynamics of the audit market. It should have
a view on the economics of audit and whether audit work is being properly resourced
and priced.
The current self-regulatory model for the largest audit rms should end.
The Government should review the UK’s denition of a Public Interest Entity (PIE).
The new regulator should work towards a position where individual audit quality
inspection reports, including gradings, are published in full upon completion of Audit
Quality Reviews (AQRs). This will, however, be a major step, requiring a high level of
condence in the AQR process. For the present, as a rst and interim step, the Review
recommends publication of AQR reports on an anonymised basis.
The regulator’s corporate reporting work should be extended from its current limited
scope to cover the entire annual report. It should be given stronger powers to require
documents and other relevant information in order to conduct that review work. The
regulator should be given the power to require restatements promptly (rather than
requiring a Court Order).
The Government, working with the FCA and the new regulator, should consider whether
there is a case for strengthening qualitative regulation around a wider range of investor
information than is covered by the FRC’s existing corporate reporting work, to ensure
that disciplines to drive up the quality of companies’ disclosures in the UK are at least as
demanding as best practice internationally.
10 Independent Review of the Financial Reporting Council
The Government, working with the new regulator, should develop detailed proposals for
an effective enforcement regime in relation to PIEs that holds all relevant directors, not just
members of professional bodies, to account for their duties to prepare and approve true
and fair corporate reports and to deal openly and honestly with auditors.
The regulator should ensure that a consistent approach is taken in enforcement action
against auditors, accountants, and responsible non-member directors by putting in place
schemes that are equivalent to the Audit Enforcement Procedure (AEP).
The Review recommends that CRR ndings are reported publicly by the regulator.
The regulator should publish full correspondence following all CRR reviews, and the
ndings should be published in a set timeframe following closure of a review. The new
regulator should develop a new capability to offer pre-clearance on interpretation of
relevantstandards.
BEIS should monitor closely the speed and effectiveness of the regulator’s performance
on enforcement to ensure that previous long delays do not recur. The regulator should
report annually to Parliament on its enforcement performance.
In relation to the regulator’s oversight of professional accountancy bodies, the
Government should put a backstop statutory power in place, that would require action to
be taken by a professional body if there was a need in the public interest.
The regulator should be required to promote brevity and comprehensibility in accounts
and annual reports, to engage meaningfully with investors and asset owners about their
information needs, and to ensure the proportionality and value of reports. At least once in
every Parliament, the regulator should report on its assessment of the extent to which the
statutory reporting framework is serving the interests of users of company reports.
The new regulator should be more sparing and disciplined than the FRC in promulgating
guidance and discussion documents. These documents should only be issued if they
are genuinely useful, and their utility clearly exceeds the considerable costs they impose
through users having to read and check them.
A fundamental shift in approach is needed to ensure that the revised Stewardship Code
more clearly differentiates excellence in stewardship. It should focus on outcomes and
effectiveness, not on policy statements. If this cannot be achieved, and the Code remains
simply a driver of boilerplate reporting, serious consideration should be given to its
abolition.
The regulator needs to engage at more senior level in a much wider and deeper dialogue
with UK investors, both fund managers and representatives of end-investors.
The regulator should not be funded on a voluntary basis. BEIS should put in place a
statutory levy.
The regulator must be able to recruit staff of the calibre, expertise and seniority necessary
to hold those regulated to account. It should recruit more partner-equivalent staff, adding
weight and commanding more substantial respect in conversations with rms. The
regulator should also develop a pool of ‘grey panthers’ whose expertise could be drawn
on when needed.
Summary 11
The regulator is a market-facing body which, like other nancial regulators, is funded by
those it regulates, not the taxpayer. Accordingly, the control arrangements on pay for
the new regulator should mirror those of other nancial regulators such as the FCA, PRA
and Ofcom which are not funded by the taxpayer. The regulator’s budget should be
set by Ministers, as should the CEO’s pay, but other pay decisions should be made by
the regulator subject, of course, to proper transparency, and within the overall nancial
budget set by Ministers.
For the foreseeable future, the new regulator should not allow staff, or board or
committee members ever to work on any regulatory functions relating to a past employer,
removing themselves and/or delegating to others as necessary.
The regulator should engage closely with the proposed work on the future of audit
and help ensure that its conclusions are put into effect. This work should be rmly
driven by the interests of consumers and users of audited gures, not producers or the
auditprofession.
A new regulator
TheAudit,Reporting and Governance Authorityshould be an independent regulator,
accountable to Parliament and to the Department for Business, Energy and Industrial
Strategy (BEIS). It should have the following strategic objective and operational duties:
Strategic objective
Toprotectthe interests ofinvestors andthewiderpublic interestbysettinghigh
standards ofcorporategovernance, corporate reporting andstatutoryaudit,and by
holdingto accountthe companies and professional advisersresponsible for meeting
those standards.
Operationalduties
Inpursuingitsstrategic objective,it mustact in a way that:
• is forward looking, seeking to anticipateand where possible act
onemergingcorporate governance, reporting or auditrisks, both in the short and the
longer term;
• promotes competition in the market for statutory audit services;
• advancesinnovation andcontinuous quality improvements;
• promotes brevity, comprehensibility and usefulness in corporate reporting;
• is proportionate, having regard tothesize and resources of those being regulatedand
balancing the costs and benets of regulatory action;
• is collaborative, workingcloselywith other regulatorsboth in the UK and
internationally;and
• prioritises regulatory activityon the basis of risk, having regard to the
Regulators’Code.
12 Independent Review of the Financial Reporting Council
Corporate failure
14. Part of the genesis of this Review was a concern in some quarters that a more effective
FRC could do more to avert major corporate collapses, such as that of Carillion plc.
15. The Review was not asked to conduct, and has not conducted, any post-mortem into
the Carillion collapse. Nevertheless, it has very carefully considered the wider question.
16. The Review believes, rst, that a degree of realism is necessary. Companies will
sometimes fail. To some degree, despite the very painful dislocation this can cause, this is
inevitable in a vibrant and competitive economy.
17. Nor does the Review believe it would be feasible or desirable to charge a new regulator
with a general responsibility to oversee the workings of all companies, their management,
strategy and operations. No country in the world has attempted such a regulatory regime.
18. The Review does, however, consider that there is more that could and should be done
by the regulator, where feasible, to act on intelligence and to identify problems earlier. The
FRC’s current practice, which is focused on the promotion of good corporate governance,
and on work which is important but inherently backward-looking on corporate reporting and
audit quality, could and should be supplemented by new forward-looking powers.
Recommendations
The Review believes that a number of measures could be put in place, which could be
workable and make a meaningful difference:
• First, the regulator should develop a robust market intelligence function to identify
emerging risks by better informing itself about sectoral, thematic and individual
company trends, drawing together market and internal intelligence, and conducting
economic and risk analysis.
• Second, the Review proposes that the new regulator should be given a new power
to look into concerns relevant to the regulator’s strategic objective. Such concerns
might stem from the regulator’s work on corporate reporting and governance; they
might result from whistleblowing from members of staff or an auditor; or they might
stem from evidence of investor disquiet. The regulator should be empowered to issue
a public report if appropriate.
• Third, the regulator should be able to deploy a range of responses, appropriate to the
circumstances. The Review suggests that those could include modest steps such
as notifying the company of its views of the risks and requiring the company to make
a rapid formal response; requiring additional assurance on the viability statement or
any other aspect of the company’s reports or accounts; requiring an independent
board evaluation, or examination of the audit committee; repeating AQR or CRR
inspections more quickly than usual; or ensuring that problematic issues are raised
with other regulators or standard setters. But stronger measures should also be
available where serious concerns about governance or nancial viability come to light.
The regulator should be given new powers to order the removal of the auditor or an
immediate retendering. It should be able to require the production of a recovery plan;
and the prompt restatement of accounts, or other disclosure to the market. In the
most serious cases, the regulator should also be able to recommend to shareholders
that they consider a change of CEO, CFO, chair or audit committee chair, or that they
reconsider the payment of dividends.
Summary 13
• Fourth, the Government should introduce a duty of alert for auditors to report viability
or other concerns relating to audit.
• Fifth, viability statements should be reviewed and reformed with a view to making
them more effective. If they cannot be made more effective, serious consideration
should be given to abolishing them.
• Sixth, a number of stakeholders have suggested to the Review that there is a case
for considering introducing in the UK something more closely similar to, though not
the same as, the Sarbanes-Oxley (SOX) regime in the US specically relating to
internal controls, and assurance by directors around internal controls. The Review
is particularly struck by the support for this amongst senior audit committee chairs
with experience of operating this regime in US-listed companies. This would
however clearly be a very major step. It could impose signicant costs, particularly
on medium-sized companies. BEIS should give serious consideration to the case
for a strengthened framework around internal controls in the UK, learning any
relevant lessons from operation of the Sarbanes-Oxley regime in the US. The pros
and cons of such a change should be analysed and consulted upon, giving special
consideration to the importance of proportionality in relation to the size of company.
• The Review also recommends that the regulator considers requiring further
enhancement to the Independent Auditor’s Report to include “graduated” audit
ndings.
19. These measures cannot eliminate the risk of corporate collapse. But they will better and
more explicitly equip the regulator with the tools and the responsibility to take early action
when it is feasible and practical to do so.
Structural questions
20. Whilst the Review believes the FRC should be put onto a very different basis in a
new organisation with new roles, functions, and powers, it has not recommended major
structural change, for instance merger with another regulator or splitting standard-setting from
enforcement.
21. A case can be made for such changes, and has been made by some respondents,
but the Review is not persuaded that they would be the best way to achieve more effective
regulation. The Review’s thinking on these questions is set out in detail in Chapter 1.
Other issues: actuarial oversight
22. Following Sir Derek Morris’ review of the actuarial profession in 2005, a memorandum
of understanding (MoU) was put in place between the FRC and the Institute and Faculty of
Actuaries (IFoA), which sought to give the former an oversight (and standard-setting) role
in relation to the actuarial profession. However, this is not in practice proving an altogether
effective arrangement. The FRC’s oversight role is based on a voluntary understanding, and
it has no powers with which to enforce any meaningful oversight of the IFoA. More than
13years after Sir Derek reported, only now is the IFoA embarking on a rst attempt at quality
regulation of the profession. Moreover, the FRC has limited actuarial expertise and resource.
23. HM Treasury has told the Review that it wishes to see effective regulatory oversight of
the actuarial profession. The Government Actuary has said the same.
14 Independent Review of the Financial Reporting Council
24. The Review:
• Sees a very real risk that stakeholders may be assuming that the FRC’s current
oversight of the actuarial profession is a great deal more thoroughgoing and effective
than, in the absence of credible powers, it actually is or can be;
• Suggests that, if stakeholders wish to see effective independent oversight of
regulation of the actuarial profession, suitable legal powers must be put in place to
make this possible;
• Questions whether the FRC is the best body to do this; and
• Suggests in any event that regulation of actuarial work, as opposed to the
profession, is likely to have considerably more impact than regulation of the
profession ever can. This is done very thoroughly by the PRA for insurance
companies, through scrutiny of actuarial models. This is however much less the
case for pension schemes.
Recommendations
• The Government, working with the PRA and The Pensions Regulator (TPR), should
review what powers are required effectively to oversee regulation of the actuarial
profession.
• The Review recommends that neither the FRC, nor its successor body, is best-placed
to be the oversight body. The PRA (which employs around 80 actuaries) is a much
larger repository of regulatory actuarial expertise than the FRC and would be best-
placed to take on all the actuarial responsibilities currently vested in the FRC.
Other issues: local audit
25. Following the abolition of the Audit Commission (AC) in 2015, the framework for the
local audit regime was split. It is now complex and fragmented. For England, the FRC is
responsible for inspecting the quality of audits of the largest local public bodies; overseeing
the regulation of relevant audit rms and auditors by relevant Recognised Supervisory Bodies
(RSBs); and setting specic statutory requirements on auditors.
26. There are important differences between local authority audit and private sector audit:
• Auditors of local public bodies report not only on the nancial statements, but also
on arrangements for securing value for money, and nancial sustainability;
• Auditors of those bodies carry out their work on behalf of the public, yet in
comparison to the lines of accountability in companies between the directors, audit
committee and shareholders, there is substantially lower awareness and challenge
of the auditors’ work in the public sector;
• The FRC’s enforcement powers in relation to local audit are meaningfully different
in comparison to its powers in relation to private sector statutory audit. The former
are not within scope of the Audit Enforcement Procedure. Instead of the question
as to whether an auditor has ‘breached a relevant requirement’, a far narrower test
applies in relation to local audit – that there are reasonable grounds to suspect
misconduct, and that the matter appears to raise ‘important issues affecting the
public interest’;and
Summary 15
• Unless the local body is also a PIE, there are no requirements regarding the rotation
of auditors.
27. Historically, the AC also appointed auditors to a range of local bodies in England and
Wales, as well as setting and overseeing relevant standards, and conducting UK-wide anti-
fraud work. Since the AC’s abolition in 2015, the new local audit framework enables bodies
to procure and appoint their own auditors from an open and competitive market of qualied
providers. However, 98% of relevant authorities have opted into a central procurement body.
The Review has serious concern that those arrangements, in practice, are prioritising a
reduction in cost of audit at the expense of audit quality.
28. These arrangements, if allowed to persist, run a very clear risk of allowing weak and
limited audit disciplines to prevail in local government. This is particularly concerning given
the vital role played historically by district auditors for instance, in detecting and seeking out
corruption.
29. Particularly at a time when local authorities are under acute nancial pressure, and some
local authorities are engaging in risky speculative ventures, high-quality and robust scrutiny of
local authorities’ nances and nancial management in the public interest is a critical part of
local democracy. The Review is very concerned that the quality of this scrutiny is being pared
back at the worst possible time.
Recommendations
• The Review recommends that the arrangements for local audit need to be
fundamentally rethought. This should include robust assessment and scrutiny of
the quality of local audit work, with individual reports shared with audit committees
and published; a more appropriate threshold for enforcement action; and, bringing
together in one place all the relevant responsibilities, so a single regulatory body can
take anoverview.
• Such a role (regarding local audit) could be taken on by the FRC or its successor
body, but the Review recommends that it would be much better undertaken by a
separate body that has (or could develop) a deeper expertise in the local audit world.
That body should have a different and much more focused remit than the former
Audit Commission. It should have a clear objective to secure quality, and should
set the relevant standards, inspect the quality of relevant audit work and oversee
the relevant professional bodies. It should also take on responsibility for appointing
auditors for local bodies and agreeing fees.
Other issues: oversight of the NAO
30. Audits carried out by the National Audit Ofce (NAO) in relation to companies (such
as Network Rail, and parts of the BBC) are subject to oversight and monitoring by the FRC.
Accordingly, the FRC carries out a number of AQRs for relevant audit work, which are shared
with the NAO. The results of those AQR reports are not, however, shared with the audit
committee of the company itself, nor are they reported to Parliament or made public.
31. The Review also questions whether there is any good justication for the present
restriction of the FRC’s work to Companies Act audits, and whether there is not also a public
interest in the rest of the NAO’s audit work also being subject to quality oversight. At present,
there is no statutory requirement to examine the quality of nancial audit work undertaken
16 Independent Review of the Financial Reporting Council
for Departments, Agencies, Arm’s Length Bodies, or Charities. Given the size, systemic
importance, and Parliamentary and public interest in their nancial reporting, the Review
considers it would be just as important and valuable to inspect the quality of audit work
conducted for such bodies.
Recommendations
These are clearly matters for Parliament to decide. Nevertheless:
• The Review sees no credible justication for limiting the role of the regulator to
reviewing Companies Act audits, or to limiting any work beyond that to the discretion
of the Comptroller and Auditor General (C&AG). The Review recommends that the
regulator should quality-assess all the NAO’s nancial audit work, in a similar way to
its existing work on Companies Act audits.
• Just as the Review recommends public disclosure of AQR ndings and
gradings in relation to the private sector,the Review recommends that the new
regulator’sindividualAQRreviewsin relation to the NAO should be shared with the
relevant audit committee andParliament, andshouldbe published.
Interim steps
32. Many of the Review’s recommendations would require primary legislation. Naturally, this
will take time. But in the meantime, there is much that can be implemented more quickly.
33. Given the broad consensus and support for improvements in key areas, it is the
Review’s expectation that the actions below should be taken forward voluntarily by the FRC or
with relevant changes to secondary legislation in the rst instance.
34. The Review recommends that the FRC and the Government should work together to:
• Shift the FRC’s mission and purpose to those set out in this Review – as a public
body and independent regulator, and in line with the proposed strategic objective
of the new body. This should include adoption of the Managing Public Money
requirements, the Regulators’ Code, and appropriate FOI and conicts of interest
arrangements. As part of that work, the FRC should introduce a new consistent
and centrally managed complaints procedure, and publish information on how that
willoperate.
• Introduce a remit letter from government.
• Change the FRC’s framework agreement with BEIS, and its internal governance
documentation, in line with the Review’s recommendations, making clear
that the Chief Executive and all board members are public appointments
that will be advertised through open and transparent means. BEIS should
remove the requirement to clear pay and HR matters, in line with the Review’s
recommendations.
• Reshape the Board in line with the Review’s recommendations.
• Develop a new resourcing and capability plan and pay strategy, to include the new
areas of work proposed by the Review, addressing the calls for greater resource, a
broader range of skills, and increased seniority and experience for key areas.
Summary 17
• Begin work on market and economic analysis; and undertake cost-benet analyses
of its programmes and proposed changes.
• Signicantly step-up co-ordination with the Insolvency Service, including agreeing an
MoU with that body.
• Reshape engagement with investors and asset owners.
• Take forward the Review’s recommendations on the Stewardship Code, and the
viability statement.
• Take interim measures to increase the regulatory reach of the FRC in terms of the
direct registration and regulation of PIE audit rms. This would include revising
the current delegation letter from the Secretary of State, the eligibility criteria and
guidance set by the FRC in relation to its RSBs, and the delegation agreements with
the RSBs.
• In relation to funding, activate the existing Companies (Audit, Investigations and
Community Enterprise) Act 2004 provisions for the voluntary levy to be made
compulsory.
• Play an active role in relation to work on the audit expectation gap and solutions
forthat.
18 Independent Review of the Financial Reporting Council
Chapter 1– FRC: structure and purpose
Background
1.1 The Financial Reporting Council (FRC) was established in 1990, in response to
recommendations in Sir Ron Dearing’s 1988 report, ‘The Making of Accounting Standards’.
Before then, the oversight of standards for accounting and nancial reporting had been
carried out – and funded– by the UK’s (then) six professional accountancy bodies through
the Consultative Committee of Accountancy Bodies. Sir Ron’s report recognised the need for
improved accounting standards delivered by an independent body to increase condence in
nancial reporting.
1.2 This remit was extended in 1992 to cover corporate governance at quoted companies,
in response to Sir Adrian Cadbury’s report on ‘Financial Aspects of Corporate Governance’
which set new baseline standards to improve independence, integrity and challenge in
company boardrooms. The Cadbury recommendations were implemented through changes
to the UK Listing Rules in 1992 and were subsequently incorporated, along with Sir Richard
Greenbury’s 1995 recommendations on executive remuneration, into a Combined Code on
Corporate Governance published in 1998. The Code has been through several revisions since
then and has since 2009 been known as the UK Corporate Governance Code. Its provisions
must be followed on a ‘comply or explain’ basis by all UK premium listed companies under
the ListingRules.
1.3 Over time, the regulator has taken on a number of other responsibilities. Since 2005 it
has been responsible for audit, overseeing regulation of actuaries and the independent setting
of actuarial standards (in response to the Morris Review of the actuarial profession). And
since 2010, it has been responsible for maintaining the UK Stewardship Code, which sets out
principles of good stewardship for UK asset managers and asset owners (in response to a
recommendation in the 2009 Walker Review of corporate governance in the nancial sector).
Additionally, the FRC’s core accounting and audit responsibilities have broadened over time
to include, for example, various functions related to local public sector audit and independent
supervision of Auditors General.
1.4 The FRC was created as a company limited by guarantee, which it remains today. It is
now classied by the Government and the Ofce for National Statistics as a public (central
government) body in view of the various statutory functions it fulls and powers delegated to it
by the Secretary of State
2
.
2
In particular, following changes introduced by the Companies (Audit, Investigations and Community Enterprise) Act
2004, the Companies Act 2006 and by European law.
Chapter 1 – FRC: structure and purpose 19
1.5 Additionally, since 2016 the FRC has been the UK Competent Authority for Audit,
following implementation of the 2014 Audit Directive in the UK.
1.6 The FRC’s funding has evolved over time and it is now funded through a mix of statutory
and voluntary funding arrangements, provided mainly by accountancy professional bodies
(mostly statutory contributions) and by quoted and large private companies, pension schemes
and insurance companies (voluntary contributions).
1.7 The FRC’s governance structures have also developed. In particular, in 2012, following
a joint government-FRC consultation
3
, seven discrete operating subsidiaries were rationalised
into two committees– the Codes and Standards Committee and the Conduct Committee –
both of which report to the FRC Board.
Statutory base
1.8 The FRC’s lack of a clear statutory base provided by Parliament is very unusual for a
regulator. The FRC currently relies on a blend of statutory functions and limited delegated
powers (mainly in relation to audit) and voluntary agreements (in particular regarding its
oversight of the accounting and actuarial professions). Whilst the FRC undertakes some
statutory functions in their execution, the FRC is not bound by any statutory duties.
1.9 This ad hoc series of arrangements and understandings is not appropriate and
signicantly limits the FRC’s effectiveness. The absence of clear statutory duties is also a
weakness in that there is no real clarity around what the FRC is to achieve, or how it can
properly be held to account by Parliament and others.
A new regulator
Recommendation 1: The Review recommends that the FRC should be replaced
as soon as possible with a new independent regulator with clear statutory powers
andobjectives.
Recommendation 2: The Review recommends that the new regulator’s statutory
powers, purpose and objectives should be complemented – like the FCA’s – by a remit
letter from the Government at least once during the lifetime of each Parliament setting
out those aspects of economic policy that the regulator should have regard to when
advancing its objectives and discharging its duties. The regulator should respond
publicly to this letter.
3
https://www.gov.uk/government/consultations/financial-reporting-council-reform
20 Independent Review of the Financial Reporting Council
Alternative structures
The Review has considered carefully a range of suggestions that responsibility for audit,
reporting and governance standards be broken up and assigned separately to different
regulators, or that the FRC be merged with another existing regulator, such as the FCA.
A case can certainly be made for such changes, and was made by some respondents.
However, the Review has concluded that this would not be the best way to secure the
Government’s objectives in relation to the FRC. The Review:
• Believes that there are genuine synergies between most of the FRC’s current
functions, especially its work on audit quality, corporate reporting and corporate
governance. If anything, the Review would like to see signicantly more made of these
synergies, not less;
• Considers that whilst a case can certainly be made for merger with the FCA
in particular, and other countries do have combined structures of this kind, in
practice the Review is concerned that the FCA’s responsibilities already cover an
extraordinarily broad span, and it already has many pressures and challenges to
juggle. The Review considers that this kind of merger would, in practice, impede the
speed with which the FRC can be strengthened and reshaped; and
• Is not convinced that a split between the FRC’s standard-setting and enforcement
roles, advocated by some respondents, is in practice necessary or likely to lead to
enhanced outcomes for the reasons set out below.
Recommendation 3: The Review recommends that the new regulator should be named
the Audit, Reporting and Governance Authority.
Recommendation 4: The Review proposes that the new regulator should have the
following strategic objective:
“To protect the interests of users of nancial information and the wider public
interest by setting high standards of statutory audit, corporate reporting
and corporate governance, and by holding to account the companies and
professional advisers responsible for meeting those standards.”
1.10 The pursuit of the strategic objective will require a clear set of underpinning duties
to guide the new regulator in how it acts, how it priorities its resources and how it
measuressuccess.
1.11 In particular, it is important that the new regulator takes a proportionate and risk-based
approach, which focuses effort and challenge on the areas of greatest potential harm.
1.12 The new regulator will also need to work more closely, systematically and effectively with
other regulators in the UK, including the FCA, the Insolvency Service, the PRA and the TPR.
This should be formally embedded into the new regulator’s policies and procedures.
Recommendation 5: The full set of duties that the Review proposes be placed on the
new regulator are below, requiring that it should act in a way which:
• Is forward-looking, seeking to anticipate and where possible act on emerging
corporate governance, reporting or audit risks, both in the short and the
longer term;
• Promotes competition in the market for statutory audit services;
Chapter 1 – FRC: structure and purpose 21
• Advances innovation and quality improvements;
• Promotes brevity, comprehensibility and usefulness in corporate reporting;
• Is proportionate, having regard to the size and resources of those being
regulated and balancing the costs and benets of regulatory action;
• Is collaborative, working closely with other regulators both in the UK and
internationally; and
• Prioritises regulatory activity on the basis of risk, having regard to the
Regulators’ Code.
Recommendation 6: The Review recommends that the new regulator’s duties will
guide the new regulator in carrying out its core functions on audit and corporate
reporting. The Review proposes that its functions should also include:
• To set and apply highcorporate governance, reporting and auditstandards;
• To regulate and be responsible for the registration of the audit profession;
• To maintain and promote the UK Corporate Governance Code and the UK
Stewardship Code, reporting annually on compliance with the Codes;
• To maintain wide and deep relationships with investors and other users of
nancial information;
• To monitor and report on developments in the audit market, including trends
in audit pricing, the extent of any cross-subsidy from non-audit work and the
implications for the quality of audit; and
• To appoint inspectors to investigate a company’s affairs where there are
public interest concerns about any matter that falls within the Authority’s
statutory competence.
1.13 The successful delivery of the new strategic objective, and the supporting duties and
functions, will demand strong leadership. It will require a regulator that is able to anticipate
and shape emerging issues and ideas, as well as being a tough and respected enforcer of
standards. The new regulator will need to be at the leading edge in the development of audit,
corporate reporting and corporate governance in the UK and globally.
Role of the board
Recommendation 7: The new regulator will require a new board with signicant new
powers and responsibilities in a challenging environment. It will need to demonstrate
strong leadership to effect the major shift in tone and culture to rebuild the respect
of those it regulates and other stakeholders. There should be some, but only limited,
continuity from the existing FRC board.
22 Independent Review of the Financial Reporting Council
An improvement regulator
Many respondents, particularly audit rms, have argued that the new regulator should act
as more of an “improvement regulator”. Specically, it has been repeatedly argued that
the new regulator can usefully learn from the safety regulation work of the Civil Aviation
Authority (CAA), and the way in which the CAA works with airlines.
The Review agrees that the new regulator should be, and should think of itself as, an
improvement regulator. However, the Review also believes it is important to be precise
about what should be meant by this term.
It may well be possible to learn from the CAA’s respected work and approach. However,
it is essential to be clear about the radically different industry context. An airline already
has extraordinarily strong commercial incentives not to allow aeroplanes to fall out of the
sky, devastating its business and brand. The commercial pressures on auditors to pursue
stringent, challenging and high-quality audits are much weaker than this. The direct
read-across in terms of regulatory approach is therefore limited, or at any rate should be
interpreted with care.
To be clear, an improvement regulator should not be a soft regulator. What it should
do is use all the available levers it has– including robust enforcement and the powerful
deterrent effect this can create– to maximise self-reinforcing incentives to pursue quality
and best practice.
The Review has been struck in this context by the apparent respect of the major audit
rms for the tougher approach of the PCAOB in the US, and the benets this has
brought.
The Review strongly agrees with respondents that the regulator should be very
concerned with the effective diffusion of innovation and best practice, particularly in
relation to audit quality. Some of the FRC’s innovations, such as its thematic reports and
the work of the Financial Reporting Lab, are already good examples of this.
In addition, the regulator should take responsibility for improvement over and above
checking the work of others, and reporting on trends. The regulator’s action needs
meaningfully to contribute to improvement and it will therefore need to improve and
innovate itself in order to achieve that.
Board size and composition
1.14 The current FRC board is comparatively large. There are 14 board members – 13 of
whom are non-executives.
Figure 1: Regulators’ boards
Regulator Total board size Executives Non-executives
FRC 14 1 13
Financial Conduct Authority 10 2 8
Prudential Regulation Authority 12 6 6
Competition and Markets Authority 11 4 7
The Ofce for Communications 9 2 7
Gas and Electricity Markets Authority 7 1 6
Source: regulator’s websites
Chapter 1 – FRC: structure and purpose 23
1.15 Many respondents to the call for evidence believed that the FRC’s board was too
large. The FRC has told the Review that the breadth of its responsibilities and the number of
stakeholder groups that needed to be regulated or served had led it to having a large board,
but that it had plans for reducing its size.
Recommendation 8: The Review recommends that the new regulator’s board should
be signicantly smaller than the current one.
1.16 The Review is concerned by what appears to be a widespread assumption that the
FRC’s board should in some sense be “representative” of the many stakeholders affected
by its work. Many respondents, in fact, asked for additional representatives to be added to
the board. At a practical level, even if this “representative” approach were right in principle,
this approach clearly cannot work. If all stakeholder groups who might legitimately hope to
be represented on the board were accommodated, it would need to be even larger than the
current board, potentially encompassing:
Asset managers
Pension funds and other asset owners
Retail investors
Accountancy and audit professions
Actuarial professionals
Company secretaries
Business ethics groups
Academic experts
Civil society groups
Large listed companies
Smaller listed companies
AIM (Alternative Investment Market)
companies
Private companies
Small and Medium-sized Enterprises
Local authorities
Unions, and other employee groups
Wider society groups
1.17 A board directly accommodating all of these interests would be incapable of providing
the necessary degree of accountability and strategic direction.
1.18 This approach would also, however, be wrong in principle. Other regulators have not
adopted a representative approach. The FCA, for example, has if anything a much wider
group of stakeholders, but a smaller board. This reects the purpose of a regulator’s board,
which is not to represent all the multiplicity of views of relevant vested interests and somehow
reconcile them in discussion, but rather to ensure that the regulator is doing a highly effective
job in protecting and promoting the public interest.
Recommendation 9: The regulator’s board should comprise a mix of the skills,
experience and knowledge needed to ensure strategic direction and effective,
constructive challenge to the executive. It should not seek to be “representative” of
stakeholder interests. In line with provisions in the UK Corporate Governance Code,
appointments should be diverse, based on merit and objective criteria.
Board appointments
1.19 Currently, only the FRC Chair and the Deputy Chair are appointed by the Secretary of
State for BEIS, and this following an informal agreement rather than by right. Other board
members, including the CEO, are appointed by the FRC’s nominations committee.
1.20 The FRC uses a number of channels to advertise these posts, using an approach which
is not always consistent. There is only limited use of open advertising or headhunters. On
occasion, board and committee posts have been lled using only alumni networks of the “big
four”, LinkedIn and the FRC’s own website. This is clearly inappropriate.
24 Independent Review of the Financial Reporting Council
Figure 2: Advertising methods used to recruit non-executives (2016–18)
Type of non-
executive
appointment
Total no. of
positions
advertised
National
press or
journals
used?
Headhunters
used?
Specialist
recruitment
website
used?
Stakeholder
networks
used?
LinkedIn
used?
FRC website
used?
Board members 4 Yes – 1 role Yes – 2 roles Yes – 3 roles Yes – 1 role Yes – all roles Yes – all roles
Council or
committee
appointments
4
17 No Yes – 4 roles No Yes – 10 roles Yes – 12 roles Yes – all roles
Source: FRC
Recommendation 10: The Review recommends that all appointments to the regulator’s
board, including the CEO, should be public appointments approved by the Secretary of
State forBusiness, Energy and Industrial Strategy.
Recommendation 11: There should be a consistent approach to the appointments
process and all board, committee and senior posts should be openly advertised with
headhunters used.
Recommendation 12: The Review recommends that the posts of chair and CEO should
be subject to conrmation hearings with the BEIS Select Committee, if the committee
wishes.
1.21 The FRC is responsible for the UK Corporate Governance Code, which sets out key
principles for effective board leadership. It also publishes comprehensive guidance on board
effectiveness. The FRC, and the new regulator, must therefore lead by example.
1.22 In line with the Code and guidance, the new regulator’s board should provide effective
leadership and direction, ensure that the necessary resources are in place for the organisation
to meet its objectives, and that it is systematically assessing its performance. The board
needs to promote the right culture and should constantly test the effectiveness of its
regulatory activities. The Review considers that the new board will need to show particular
strengths in setting a strategic direction for the new regulator and in regularly reviewing and
taking stock of its purpose and objectives, and whether it is achieving them.
1.23 It will also need to be equipped and ready to exercise strong intellectual leadership. Asa
regulatory authority with a public prole, the board should ensure that the new regulator is
outward-looking, demonstrating leadership and inuencing and shaping the public debate on
issues affecting the audit and accountancy sector, and on other corporate matters for which
itis responsible.
Sub-board structures
1.24 The FRC board is currently supported by three governance committees – the audit
committee, nominations committee and the remuneration committee. It is also supported
by two key business committees – the Codes & Standards Committee and the Conduct
Committee. In addition to these two committees, there are separate advisory councils for
Corporate Reporting, Audit & Assurance and Actuaries and a number of other committees,
panels and tribunals. The FRC currently engages more than 60 non-executive directors in
more than 100 roles.
4
Examples of these councils and committees include the Actuarial Council, the Conduct Committee and the Audit
Quality Review Committee.
Chapter 1 – FRC: structure and purpose 25
Figure 3: FRC board and key committee structure
5
Conduct
Committee
Codes
& Standards
Committee
FRC Board
Audit &
Assurance
Council
Corporate
Reporting Review
Panel
Corporate
Reporting
Council
Audit Quality
Review Committee
Actuarial
Council
Case
Managment
Committee
Tribunal
Financial
Reporting Review
Panel
14
811
23
5 9
93
23
11 8
Source: FRC
1.25 This is an elaborate architecture. It needs to be further simplied and streamlined. The
Review has not attempted to design a new committee structure for the new organisation
but recommends a number of principles and other factors that should be taken into account
when this is done.
Proposed principles for new committee structure
• Simplicity, transparency and effectiveness should guide the design of the
newstructure.
• The committee structure should be aligned with the key duties and functions of the
new regulator.
• There should be a clear line of sight from the board to each committee and vice
versa.
• The regulator should publish ‘plain English’ terms of reference for each committee, its
membership and its current priorities.
• Appointments should be made in line with the regulator’s policies for diversity and
inclusion.
• Each committee should review its purpose and effectiveness annually and make
recommendations to the board.
5
Chart excludes the board’s three governance committees (for audit, nominations and remuneration); its Enforcement
Committee Panel (4); its stakeholder or investors’ panels.
26 Independent Review of the Financial Reporting Council
Recommendation 13: The Review recommends that the Government, working with
the chair of the new board, should review the existing FRC committee and panel
structure with a view to achieving a signicant simplication of the architecture in line
with the principles set out in the Review. Thereafter, there should be a rigorous annual
evaluation of the performance of the board, its committees, the chair and individual
directors.
Board involvement in enforcement decisions
1.26 Following implementation of the 2014 European Union (EU) Audit Regulation and
Directive, the Government designated the FRC as the UK Competent Authority for audit
with responsibility for the regulation of statutory audit, including setting auditing and ethical
standards and monitoring and enforcement.
1.27 Whilst the law gives the FRC, as an organisation, clear responsibility for enforcement,
it has chosen through its internal rules, to delegate decisions on audit investigations to the
Conduct Committee. Where an investigation is authorised, it is handled by an Executive
Counsel (the FRC’s Director of Enforcement). In the event of a dispute about the ndings, an
Independent Tribunal is involved. The process is set out below.
Figure 4: FRC Enforcement process
FRC’S ENFORCEMENT PROCESS
A settlement
can be
reached with
those under
investigation at
any stage of the
process.
If at any time
during the
investigation
the Executive
Counsel
decides that the
tests have not
been met, the
case is closed.
1
CASE EXAMINER
Initial assessment by Case
Examiner.
Information sourced from audit
firms; companies; FRC teams;
other regulators; open sources
5
ENFORCEMENT ACTION
Decision is made by the Executive
Counsel to pursue the complaint if
the relevant tests are met.
6
DETERMINATION
Misconduct/breaches
either accepted
by respondents
or determined by
Independent Tribunal
7
SANCTIONS
Sanctions for
misconduct/
breaches imposed.
Outcome published.
2
DECISION TO
INVESTIGATE
Taken by the FRC’s Conduct
Committee following
Stage One.
Referred to Executive
Counsel’s Enforcement
Team
4
ALLEGATIONS
Grounds for potential
misconduct and/or
breaches set out in
documents that are
served on audit firms,
accountants and/or
actuaries.
Opportunity for
respondents to make
representations.
3
INVESTIGATION
The evidence gathering stage – involves FRC’s Enforcement
team (lawyers and forensic accountants).
FRC powers to compel audit firms, accountants and
actuaries to cooperate and provide information. In new audit
investigations, FRC powers to compel companies too.
Independent expert opinion on potential misconduct or
breaches of standards is sought.
1.28 The FRC board is not formally involved in enforcement decisions. As the FRC’s report
on its investigation of KPMG’s audits of HBOS conrms, enforcement decisions are “taken by
the Conduct Committee, the Executive Counsel and independent tribunals. No decisions are
taken by the FRC Board”
6
.
6
The FRC’s enquiries and investigation of KPMG’s 2007 and 2008 audits of HBOS, November 2017 (paragraph 4.12).
Chapter 1 – FRC: structure and purpose 27
1.29 The Conduct Committee comprises members with the legal and accountancy expertise
and experience suited to making these judgements about whether to initiate investigations.
Enforcement work is detailed, which, if undertaken regularly by the board, would distract it
from its main purpose of providing strategic leadership, direction and oversight.
1.30 However, this strict formal demarcation of responsibilities carries with it very signicant
reputational risks for the leadership of the FRC. In controversial cases which are in the
public eye, the CEO and board can appear powerless and detached from some of the most
important decisions being taken by the organisation they lead.
Recommendation 14: The Review recommends that the board of the new regulator
should exercise signicantly stronger ownership and oversight of the investigation
and enforcement functions. The regulator should ensure that its internal rules and
procedures enable the board to:
• Take decisions itself on whether to launch audit investigations in cases it
regards as of particular signicance or public interest. The Review does
not anticipate the board taking decisions in many such cases, but it should
maintain an ability to doso;
• Require regular reports from the Conduct Committee and from the director of
enforcement on progress being made with investigations and any subsequent
enforcement decisions; and
• Question the director of enforcement at any point where it considers that a
particular decision or investigation is taking too long.
1.31 Some respondents to the Review have raised concerns that the regulator should not
both set standards and regulate their execution, considering it to risk the regulator ‘marking
its own homework’. Some have suggested that the organisation should be split apart for
thisreason.
1.32 The Review does not agree. There are valuable synergies in the same regulator
developing and enforcing standards. The Review sees particular benets in the standard-
setter being able to bring practical, operational experience to bear in discussing and
developing new standards, adjusting existing standards or other international action. That
will include the identication of emerging trends and novel developments, that arguably may
be acted on in quicker time; and also the identication of systemic deciencies in quality that
could point to the need to adjust the standards themselves. Most if not all other UK regulators
undertake enforcement as well as standard-setting roles, and the Review does not believe
different considerations apply in this case.
28 Independent Review of the Financial Reporting Council
Chapter 2 – FRC: eectiveness of
corefunctions
2.1 This chapter makes recommendations concerning the effectiveness of each of the
FRC’s core functions in turn:
• Audit regulation;
• Audit quality;
• Corporate reporting;
• Enforcement;
• Accountancy oversight; and
• Stewardship.
Audit regulation
2.2 If the FRC becomes concerned that an audit rm has systemic quality issues, as
opposed to an isolated failure of an individual audit, it is currently almost powerless to take
regulatory action, other than to issue a report voicing its concerns. Whilst the FRC can act
against individual auditors and partners, it has no purchase on the rm. The FRC has been
directed by the Government to delegate the relevant regulatory functions – the approval
and registration of those audit rms – to the rms’ professional bodies, in effect their trade
association. Although self-regulatory models are appropriate and can work well in some
circumstances, the Review’s clear conclusion is that, given the strong public interest in further
improving the quality of PIE audit, in this case it is not.
2.3 Through its AQR programme, thematic reports and audit rm monitoring approach,
7
the
FRC develops a view of audit rms’ quality, systems and performance. But should the FRC
become concerned that problems of quality or compliance exist throughout an audit rm or
its associated local ofces, it cannot formally intervene, require improvement, or mandate
changes at the rm.
8
7
Described further at paragraph 2.19.
8
Unless enforcement procedures (on an individual case) are initiated.
Chapter 2 – FRC: effectiveness of core functions 29
2.4 In the UK, the Government has directed
9
that the regulatory tasks to approve and
register statutory auditors be delegated to the professional accountancy bodies (as the
Recognised Supervisory Bodies (RSBs)
10
).
2.5 The Review considers this to be a serious deciency in the regulator’s functions and
power. By contrast, the audit regulators of the USA, Canada, Australia and the Netherlands
11
are all able directly to affect the registration of audit rms.
Recommendation 15: The Review recommends that the approval and registration of
audit rms conducting PIE audits should be reclaimed from the RSBs. The Government
should work with the regulator to develop and consult on the detail of how this regime
should operate.
2.6 For instance, the Government may want to consider an equivalent to the Senior
Managers Regime currently operating in the nancial services sector to be adopted at those
audit rms conducting PIE audit.
Recommendation 16: The Review recommends the new regime for the approval
and registration of audit rms conducting PIE audits should incorporate a range of
sanctions including some that are less severe than the ‘nuclear option’ of audit rm
deregistration.
2.7 For example, the Canadian Public Accountability Board applies a range of restrictions to
underperforming audit rms, including but not limited to:
• Requiring rms to implement actions;
• Temporary bans on tendering for new audit clients; and
• Requiring rms to perform enhanced quality control reviews.
Audit Expectations Gap
The audit “expectations gap” has been dened and described in a number of ways. In the
broadest terms, the expectations gap is the difference between what users expect from
the auditor and the nancial statement audit, and the reality of what an audit is and what
auditors believe their responsibilities entail.
In particular, there continues to be a difference between public perceptions about the
auditor’s ability to detect nancial statement fraud and the auditor’s responsibilities
relating to fraud under the existing professional standards.
Users of corporate nancial information also point to the existence of a gap between the
information they believe is needed to make informed investment and duciary decisions,
and what is available to them through the entity’s audited nancial statements or other
publicly available information.
9
https://www.gov.uk/government/publications/audit-regulatory-tasks-direction-on-delegation
10
ICAEW, ICAS, ACCA (Association of Chartered Certified Accountants), and Chartered Accountants Ireland (CAI),
which operate the approval and registration of all statutory auditors in the UK, including PIE auditors, as well as the
monitoring and enforcement for non-PIE statutory audit following the Government’s Direction to the FRC to delegate
those tasks.
11
The PCAOB, CPAB (Canadian Public Accountability Board), ASIC (Australian Securities and Investments Commission),
and AFM respectively.
30 Independent Review of the Financial Reporting Council
This information gap has implications for the efciency of capital markets and the cost of
capital. The information gap is also seen as increasing the challenges of understanding
how corporate nancial information, including the audited nancial statements and related
disclosures, reects the overall picture of the entity’s nancial condition, performance, and
the sustainability of its business.
These gaps could in principle be closed either through persuading users of accounts
that their expectations are unreasonable or unrealistic, or through requiring auditors to do
more than they currently do.
Recommendation 17: The Review strongly welcomes the proposal that a piece
of independent work should be done to explore the issues arising from the audit
expectation gap, which have not been addressed in this Review. It is essential
that this should be driven, and be seen to be driven, by the interests of users of
accounts.
Denition of a Public Interest Entity
2.8 The denition of a PIE is set by EU audit legislation and requires those entities and their
auditors to adhere to requirements for auditor rotation, capping the provision of non-audit
work, and the prohibition of some forms of non-audit work (which do not apply to non-PIE
entities). The UK classication of such entities has been dened as:
• UK entities with transferable securities (equity/debt) admitted to trading on a
regulated market in the European Economic Area (EEA);
• Credit Institutions, irrespective of whether they are listed or not; and
• Insurance Undertakings.
2.9 However other countries (see table below) have incorporated a much wider range of
entities into their denition of a PIE, such as: all quoted companies, major private companies,
pension funds, or asset management companies. The Review is concerned that the UK’s
current PIE denition may be somewhat too narrowly drawn and may exclude entities whose
audit arrangements are a matter of public interest.
Figure 5: Overview of the definition of PIE across EEA States
Country Extent of the EU denition Other designation entities at national level
Listed Entities
Credit
Institutions
Insurance
Undertakings
Other
designated
entities
Pension funds
UCITS/
Investment
Companies
Size Criterion
Asset
Management
Companies
Electronic
Money
Institutions
Other
UK X X X
France X X X X X X
Germany X X X
Italy X X X X X X X X X
Netherlands X X X X
Spain X X X X X X X X X
Source: Accountancy Europe, Denition of Public Interest Entities in Europe: State of play after the 2014 Audit
Reform, Survey, November 2017
Chapter 2 – FRC: effectiveness of core functions 31
Recommendation 18: The Government should review the UK’s denition of a PIE.
Audit quality
2.10 The FRC does useful and valuable work through its audit quality monitoring programme.
However, this work continues to identify persistent and continuing shortfalls in the quality of
audit work in the UK. Recent high-prole enforcement action against auditors and audit rms,
and an increase in the number of individual audit le inspections receiving poorer gradings,
are all contributing to reduced condence in audit quality.
2.11 As UK Competent Authority for statutory audit, the FRC is responsible for monitoring the
quality of audit for PIEs. The FRC’s Audit Quality Review Team (AQRT) performs this role, and
also monitors certain other entities within the retained scope of the FRC.
12
Monitoring all other
statutory audit work (including for large private companies) is delegated by the FRC to RSBs.
2.12 The AQRT uses three monitoring approaches to form an assessment of audit quality
within an audit rm:
• Reviews of rm-wide quality processes;
• Reviews of individual audit engagements, focusing on areas of high risk, referred to
as Audit Quality Reviews (AQRs); and
• Thematic reviews.
2.13 Results of this monitoring programme are communicated annually in a number of audit
rm and thematic inspection reports. Individual audit engagement inspection ndings and
gradings are not reported publicly, except to the extent that audit committees make some
disclosure of their own about signicant ndings arising from a review within a company’s
annual report and accounts.
13
2.14 AQR inspections of individual audit engagements focus on selected aspects of the audit
to ensure compliance with auditing and professional standards. In the most severe cases, the
AQRT may nd that the auditor failed to gather sufcient audit evidence to support an audit
opinion. If signicant concerns are identied as to whether or not an accounting treatment
complies with the applicable accounting framework, the AQRT may draw the matter to the
attention of the FRC’s corporate reporting team to consider.
2.15 For 2017/18, results of the individual audit engagement inspection work indicated a
decline in audit quality year on year, following a ve-year period of improvement. However,
the annual sample size is not statistically signicant and caution is therefore needed
in extrapolating this trend to unreviewed audit work of the rm, or to the audit market
moregenerally.
2.16 The data also shows that for 2017/18, no rms subject to AQR reviews met the FRC’s
stated quality target.
14
This included all of the “big 4”.
12
These are currently large AIM/ Lloyd’s Syndicates/Listed Non-EEA entities
13
As recommended by paragraph 81 of the FRC’s 2016 audit committee guidance
14
For 90% of their FTSE 350 audits to require no more than ‘limited improvements’
32 Independent Review of the Financial Reporting Council
2.17 Currently 2,350 audits fall within the AQR remit of which 2,136 are conducted by the
largest eight audit rms.
15
In 2017/18, 126
16
AQR inspections were conducted covering 6%
of this total population. The AQR team will increase its inspections in 2018/19, carrying out
170inspections.
2.18 AQR les are selected for review on the basis of risk, and the FRC has a commitment
to examine the audits of FTSE 350 companies over a broadly ve-year cycle. In determining
which les to examine, the FRC will take account of risk factors such as prot warnings, short
selling of shares, or if the company is in a priority sector, together with the need to examine
audits where there has been a change in auditor. Under the EU Audit Regulations, PIE audit
rms must be looked at every 3 years and non-PIE audit rms every 6 years. The AQR
currently undertakes inspections of the larger audit rms annually.
2.19 In addition to carrying out an increased number of inspections, in early 2018 the FRC
announced plans to enhance its monitoring of the six largest audit rms. This approach is
referred to as the Audit Firm Monitoring Approach (AFMA). The responsibilities in this area
come from the EU Audit Regulation, although monitoring will operate under a voluntary
arrangement as the FRC does not have specic powers with which to full this responsibility.
Recruitment of the team to perform this work is still underway and to date, therefore, limited
work has been undertaken.
2.20 The Review supports this new monitoring approach. It will allow the FRC more insight
regarding possible structural problems within rms which in turn may be leading to poor
quality statutory audits.
Recommendation 19: The Review recommends that AFMA should not be carried
out on a voluntary basis, but instead the regulator should have statutory power to
carry out this monitoring work. It is critical that this monitoring work is performed by
individuals with the appropriate skills and seniority.
2.21 Currently only a summary of the AQR gradings for a rm is published along with a
high-level summary of ndings. However, the Review notes that investors and representatives
of the 100 Group of Finance Directors have unanimously told the Review that greater
transparency with regards to audit quality ndings is needed.
Recommendation 20: The Review recommends that the new regulator should
work towards a position where individual audit quality inspection reports, including
gradings, are published in full upon completion of AQRs. This will, however, be a
major step, requiring a high level of condence in the AQR process. For the present,
as a rst and interim step, the Review recommends publication of AQR reports on
an anonymised basis (similar to the approach taken in the US and the Netherlands,
forexample).
2.22 In terms of the FRC’s examination of audit work carried out overseas, where a
UK-registered entity has components overseas that form part of its group-level nancial
statements, it is the responsibility of the UK signing-partner to ensure they have been
sufciently involved in the work of the component audit in order to be in a position to sign an
opinion on the Group accounts. This includes having obtained sufcient, appropriate evidence
regarding the quality of any audit work.
15
Deloitte, Ernst & Young (E&Y), KPMG, PwC, BDO, Grant Thornton, Mazars and Moore Stephens
16
Excluding inspections of audits conducted by UK and Crown Dependency audit firms, Third Country Auditors, Local
Public Audit and the National Audit Office, 20 further inspections.
Chapter 2 – FRC: effectiveness of core functions 33
2.23 In the case of the Public Company Accounting Oversight Board (PCAOB) in the US,
inspection staff will travel to the relevant country and inspect the locally-held audit les and
interview staff should they consider it necessary. The FRC does not deploy this approach,
instead interpreting its role as being to examine a UK auditor’s compliance with the relevant
auditingstandard.
17
2.24 The Review believes that the new regulator should be willing for staff to examine
non-UK les on a risk-based basis. This is of clear potential importance in relation to
multinationalgroups.
Recommendation 21: The Review recommends that the regulator should change its
approach to examining the quality of component audit work conducted overseas, on a
risk-based basis.
2.25 The AQRT is made up of around 40 people, generally with long-standing experience
in the regulator. The Review is struck by the contrast to audit rms’ views of the PCAOB in
the US, where the seniority and experience of the PCAOB’s staff means that they are better
able to challenge and engage rms on complex matters of judgement with sophistication
and certainty. Respondents to the Review also noted the observable difference between the
FRC’s resourcing, areas of focus, and ability to deal with complex sector issues in comparison
to inspections carried out by, for example, the PCAOB.
Recommendation 22: The regulator should revisit and strengthen AQR resourcing, and
should seek to:
• Recruit more senior staff (including at partner-equivalent level) who would
attend AQR inspection visits, adding weight and commanding more
substantial respect in conversations with rms; able to make a call on
complex matters on-site; and bringing to bear a comparative overview of
sector-practice;
• Ensure its approach to stafng addresses the need for its teams to include
recent experience of external audit and understanding of current practice, in
order to test and scrutinise rms as effectively as possible; and
• Widen and appropriately deploy the team’s sector expertise, in particular in
those most complex and high-risk sectors where public interest and risk of
corporate failure ishighest.
Corporate reporting
2.26 The FRC undertakes a range of activities to support robust and reliable corporate
reporting in the UK and to promote improvements in quality. In particular, it monitors and
reviews companies’ compliance with reporting requirements in the Companies Act 2006
(‘the2006 Act’) and applicable accounting standards. The FRC also performs thematic
reviews which aim to supplement monitoring work by sharing examples of good practice
reporting and highlighting areas where improvements can be made.
2.27 This review work is respected and has real value, though is hindered somewhat by a
lack of visibility, low levels of review activity (by international standards) and cumbersome
enforcement mechanisms. It also covers only a part of the annual report – important sections
such as the corporate governance statement and the directors’ remuneration report are out
ofscope.
17
ISA 600 – audits of group financial statements (including the work of component auditors)
34 Independent Review of the Financial Reporting Council
2.28 Within the FRC, a corporate reporting review (CRR) team currently undertakes review
work looking to test whether the directors’ report, strategic report and annual accounts
comply with the relevant reporting requirements. A risk-based approach is taken to select
reports and accounts for review, supplemented by an element of random sampling to
ensure that all entities within scope stand a chance of being reviewed. In addition to its own
monitoring programmes, the CRR team investigates complaints received, including from other
regulators, in relation to corporate reporting.
18
2.29 The FRC’s authority to review accounts extends to all companies and limited liability
partnerships required to prepare reports by virtue of the 2006 Act. In practice, reports are
normally only selected for review if they concern publicly listed or large private companies. It
is estimated that there are in excess of 15,000 entities falling within this remit, including more
than 2,300 issuers.
19
2.30 The FRC also reviews annual and interim accounts of listed entities to ensure that they
have been prepared in accordance with the relevant reporting framework, as required by the
EU Transparency Directive. This work is additional to the FRC’s functions under the 2006 Act,
and includes companies incorporated elsewhere in the EU but with a listing on a UK stock
exchange.
2.31 The FRC has enforcement powers to support its corporate reporting function. Its
ultimate power is to go to court for a declaration that the annual accounts, or the strategic
or directors’ report of a company do not comply with the legal requirements, and to obtain a
court order requiring the directors to prepare revised accounts or a revised report. This power
has never been used, although the FRC has begun legal proceedings on several occasions
and settled before the case reached trial. The FRC also has powers under the 2006 Act to
require a company (or its auditors) to produce any document or to provide any information or
explanations that it needs in order to determine whether to seek revision of the accounts.
2.32 The Review has heard that the FRC’s monitoring work has a positive impact on overall
standards of nancial reporting in the UK. Although the scale of monitoring is relatively small
and formal action rare (see Figure 6), the threat of an investigation – and the effect of this on a
company’s reputation, even though the process is condential in its early stages – is a serious
deterrent to poor reporting. Financial reporting standards in the UK are generally regarded as
relatively high by international standards. If the FRC did not undertake this function, reporting
standards would certainly be lower.
2.33 The Review therefore considers that the regulator should continue to undertake
corporate reporting review work. However, the Review believes that some steps can and
should be taken to increase the impact of this work.
2.34 First, the Review notes that the length and volume of required elements in annual reports
have grown substantially with no overall examination of their usefulness, or evidence that they
have become more comprehensible to users.
Recommendation 23: The regulator should be required to promote brevity and
comprehensibility in accounts and annual reports, engage meaningfully with users and
asset owners about their information needs, and ensure the proportionality and value
of reports. At least once in every Parliament, the FRC should report to BEIS a public
assessment of the extent to which the statutory reporting framework is serving the
interests of the users of company reports together with any recommendations for how
it can be improved.
18
There are a small number of such cases each year (11 in 2017/18, 20 in 2016/17).
19
https://www.esma.europa.eu/sites/default/files/library/esma42-111-4138_peer_review_report.pdf
Chapter 2 – FRC: effectiveness of core functions 35
2.35 The scale of monitoring by the FRC is relatively low by international standards.
Areview
20
conducted by the European Securities and Markets Authority in 2017 showed
that the FRC selected a signicantly lower proportion of issuers for review each year than the
majority of other member states. In the US, the Securities and Exchange Commission (SEC)
undertakes some level of review of each reporting company at least once every three years.
This compares to the FRC’s more modest aim of reviewing the full reports and accounts of
FTSE 350 companies at least once in every ve years with at least one thematic review in
between. Thematic reviews look at one aspect of reporting across a sample of company
reports and accounts. Recent thematic reviews include judgements and estimates and
pensiondisclosures.
Recommendation 24: The Review recommends that the regulator should consider
expanding the volume of CRR activity on a risk-based basis.
Figure 6: Action taken by the FRC from 2013/14 – 2017/18 in relation to corporate reporting
Corporate reporting reviews – action taken
Over a ve-year period of corporate reporting reviews (2013/14 – 2017/18):
• One review group has been convened.
• 7 FRC public press notices have been issued outlining concerns.
• 35 of 1,138 companies subject to review (3%) have been requested by the FRC
to publish details of the FRC’s intervention in their next set of annual nancial
statements*.
• No accounts have been required to be withdrawn and replaced with revised
accounts.
*In instances where the outcome is less signicant, but a degree of publicity is still
deemed appropriate, the FRC asks companies to refer to the FRC’s intervention in their
next published accounts. Some interventions require restatements of primary statements.
Source: FRC website and publications
2.36 The existing mechanism requiring companies to amend their accounts where there
are deciencies is cumbersome. Most equivalent regulators abroad have a power to direct a
company to amend its accounts.
Recommendation 25: The Review recommends that the new regulator should be given
a power to direct changes to accounts rather than having to go to court.
2.37 This process would shift the balance of authority between the regulator and the
preparers of accounts, enhancing the regulator’s credibility and status and giving it “teeth”,
particularly in the case of larger private companies which may be less concerned about
reputational impact than listed companies. It would also help to ensure that material
misstatements and corrections can be communicated to the market on a timely basis. Current
enforcement processes give preparers too much scope to defer and delay so that by the time
any eventual correction is made, it has lost its value to shareholders. In the majority of cases,
the change is made to the following year’s accounts as these are almost ready by the time the
issues have been resolved.
20
https://www.esma.europa.eu/sites/default/files/library/esma42-111-4138_peer_review_report.pdf
36 Independent Review of the Financial Reporting Council
2.38 The Review also considers that the regulator’s review work should be more transparent
to ensure there is greater visibility for users of accounts about any deciencies and
shortcomings identied, and to provide a further incentive for the preparers of accounts to get
them right in the rst place.
Recommendation 26: The Review recommends that CRR ndings are reported
publicly by the regulator. The regulator should publish full correspondence following all
CRR reviews, and the ndings should be published in a set timeframe.
2.39 This improvement in transparency would mirror the SEC’s practice in the US. It will
require primary legislation to amend the current condentiality restrictions in the Companies
Act 2006, which currently prevent disclosure.
2.40 Too much reliance is currently placed on allowing companies to make changes to
future year accounts. Greater urgency is required for material misstatements. These need to
be communicated to investors on a timely basis with the regulator taking ownership of this
communication. The combination of stronger powers for the regulator to direct companies to
correct misstatements, combined with the power to publish correspondence, should give the
regulator the tools to make this happen.
2.41 The scope of the FRC’s corporate reporting review work and its separate audit quality
review regime is not aligned. The former applies, in practice, to all publicly listed and large
private companies (although, as mentioned above, the legal scope extends even wider than
this); the latter applies to PIEs and certain non-PIE entities, NAO Companies Act audits and
major local audits. The Review does not believe this difference makes sense: either there is a
public interest in an entity’s accounts and its audit, or there is not.
Recommendation 27: The Review recommends that the new regulator’s CRR work
should be limited to PIEs, except to the extent unavoidable under EU law.
2.42 The responsibility for preparing accurate accounts, compliant with accounting
standards, rests with companies. However, some accounting treatments, such as prot
recognition and measurement, and presentation and disclosure can be very complex.
Rather than solely picking these issues up retrospectively, the Review considers that the new
regulator could do more to help those companies who want assistance to get it right the
rsttime.
Recommendation 28: In addition to stronger retrospective monitoring of company
reporting, the Review recommends that the new regulator should introduce a
pre-clearance procedure in advance of the publication of accounts.
2.43 The regulator would need to take on additional expert resource to provide such a
service, which could operate on a charged-for basis.
2.44 The FRC’s current reporting review work applies only to the strategic report, the
directors’ report and annual accounts, meaning that other important, mainly non-audited,
non-nancial, parts of annual reports are not subject to any regulatory oversight. These areas
include the directors’ remuneration report, reporting against the principles and provisions set
out in the UK Corporate Governance Code (which includes viability statement provisions), and
the audit committee report.
2.45 In relation to corporate governance, the Review considers that the FRC has been an
effective custodian of the UK Corporate Governance Code and that it should remain a part
of the new regulator’s core functions. Standards of reporting against the Code, however, are
mixed, yet the FRC does not currently have any powers to enforce the accuracy, adequacy or
completeness of reporting.
Chapter 2 – FRC: effectiveness of core functions 37
Recommendation 29: The Review recommends that the stronger corporate reporting
review process described earlier should be extended to cover the entire annual report,
including corporate governance reporting. This should be done on the basis of risk.
2.46 As for other aspects of the annual report and accounts, this will mean that where the
regulator has concerns on any reporting matter it will be able to require explanations and
more information from a company. If necessary, it will be able to direct a company to correct
a statement or provide a fuller explanation or include information required by law that has
beenomitted.
2.47 Extending the corporate reporting review process to the rest of the annual report is not a
substitute for the work performed by the auditor. It must also be recognised that there will be
some limitations on the regulator’s scope to intervene, because non-nancial reporting is often
more subjective and open to interpretation than pure numbers. Nevertheless, an extension of
scope should provide stronger reassurances for shareholders and other users that:
• Annual reports are meeting all the legal requirements;
• The reporting is sufcient to ensure that shareholders can understand the matter
being reported upon; and
• The non-nancial reporting is not clearly inaccurate or inconsistent with the nancial
gures or other aspects of a company’s performance and prospects set out
elsewhere in the report.
2.48 The new regulator will be concerned primarily with the accuracy and completeness of
the reporting, so that shareholders and other stakeholders have accurate information and
arenot misled.
Extension of reporting oversight to investor information
2.49 In addition to the annual report and accounts, listed companies share a signicant
amount of information with investors. As well as required regulatory announcements,
rms often issue non-required communications, including earnings releases and investor
presentations. This information, including forward-looking information, is of signicant interest
to investors. It is often not subject to the same quality control measures as information
contained within annual nancial statements; nor is it audited or subject to any assurance
procedures. There is therefore signicantly more scope for companies to pick and choose
measures, and interpretations of measures, which put a positive gloss on the facts.
2.50 In the US, investor information submitted as a ling with the regulator falls within the
scope of the SEC’s monitoring regime. Inappropriate or questionable approaches to non-
GAAP measures, and questionable use of or interpretation of key performance indicators,
are both a focus of the monitoring work on these lings. Enforcement action is taken when
appropriate. Generally, investor presentations or conference calls, for example, which are not
formally led with the SEC, are required to comply with the federal securities laws’ anti-fraud
requirements and regulations with respect to all statements made in such communications,
including non-GAAP measures. The SEC may selectively read this information as part of a
wider lings review. If inconsistencies are observed between this information and a ling, they
can raise it with the issuer.
2.51 In the Netherlands, press releases submitted to the AFM (the Dutch ‘Authority for the
Financial Markets’) are monitored before the market opens using a joint approach between
the market abuse monitoring team and the nancial reporting quality supervision team. Urgent
corrective action is taken if required. The AFM also listens in to investor presentations/capital
38 Independent Review of the Financial Reporting Council
markets investor days, taking action as it deems necessary should information provided
raise concerns. The AFM usually receives the information presented during these events
beforehand.
2.52 At present, the FRC does nothing similar to either of these monitoring actions, although
monitoring of investor communications is of course done by the FCA on a risk-of-harm basis,
under its existing market supervision responsibilities.
Recommendation 30: The Government, working with the FCA and the new regulator,
should consider whether there is a case for strengthening qualitative regulation around
a wider range of investor information than is covered by the FRC’s existing corporate
reporting work, to ensure that disciplines to drive up the quality of companies’
disclosures in the UK are at least as demanding as best practice internationally.
One possibility would be for the new regulator to trial some additional work in this
area, on a risk-based and/or sampled pilot basis; if so, this should be done in close
collaboration with (or possibly even in support of) the FCA.
Guidance
2.53 The FRC publishes guidance from time to time. The FRC’s Guidance on Audit
Committees, its Best Practice Guide to Audit Tendering, and the guidance on Risk
Management, Internal Control and Related Financial and Business Reporting are all useful
and draw on the FRC’s considerable technical knowledge in these areas. However, some
other guidance, such as the Guidance on Board Effectiveness, which includes guidance on
such matters as succession planning for boards, range more widely into areas where the FRC
is not expert and where it could be said to apply a rather bureaucratic mindset to business.
Such documents create material costs to business, as companies will inevitably feel an
obligation to give them carefulconsideration.
Recommendation 31: The Review recommends that the new regulator should be
more sparing and disciplined than the FRC in promulgating guidance and discussion
documents. These documents should only be issued if they are genuinely useful, and
their utility clearly exceeds the considerable costs they impose through users having
to read and check them.
Chapter 2 – FRC: effectiveness of core functions 39
International standards-setting
International accounting standards are set by the International Accounting Standards Board
(IASB), becoming a mandatory requirement in the UK after their endorsement.
21
Once
adopted, latitude for the FRC to adjust the standards to the UK context only applies to
smaller companies through its role in setting UK Generally Accepted Accounting Principles.
There are two UK nationals sitting on the IASB’s advisory boards; and one UK national
sitting on the IASB’s Board of Trustees.
For international auditing standards, there is greater latitude for the UK to adapt standards
if that is necessary for the UK context. Standards are set by the International Auditing and
Assurance Standards Board (IAASB). Those standards are not binding nor mandatory.
For example, the UK was the rst country internationally to adopt a requirement for
preparation of an extended auditor report. A member of the FRC’s staff sits on the IAASB
board, and the UK participates actively in the board’s working groups.
The Review has not identied major concerns in relation to these aspects of the FRC’s
work and does not make recommendations in this area. As a general matter, however,
the Review’s proposed overarching duty that the new regulator should seek to promote
the interests of users of accounts should apply here, as elsewhere.
Enforcement
2.54 Public condence in business depends not just on regulators setting and monitoring
standards but on auditors, accountants and directors being held to account when necessary.
2.55 There has been substantial criticism of the FRC’s historic enforcement performance. The
FRC has been widely viewed as reluctant to act, slow to achieve results and therefore failing
to create an adequate deterrent to wrongdoing.
2.56 Poor past decisions, such as not to investigate KPMG’s audit of HBOS, have
unquestionably damaged condence in the regulator as well as the integrity and reliability of
the regulatory process.
2.57 The FRC has itself recognised that it needed to improve the speed of its investigations,
especially following its decisions on HBOS. Many respondents to the Review have also noted
a signicant and positive shift in the FRC’s approach since the introduction of the Audit
Enforcement Procedure (AEP) in 2016.
2.58 The FRC has now set itself a key performance indicator to conclude investigations within
two years. The FRC has told the Review that it is, 30 months on from the introduction of its
new AEP process, “in general, meeting the target”. There are examples where signicant
delays appear to remain; it is inevitably very hard to judge, case-by-case, the extent to which
such remaining delays are genuinely unavoidable.
Recommendation 32: Although the Review is heartened by the FRC’s evident recent
change in approach, and by the strengthening of the enforcement team’s resourcing
and new leadership of the enforcement function, the Review recommends that both
the board and the Government should continue to monitor enforcement performance
21
Currently undertaken at EU level.
40 Independent Review of the Financial Reporting Council
closely. The new regulator should report on this in its Annual Report, and the regulator
should regularly be held accountable by Parliament through appearances at the BEIS
SelectCommittee.
2.59 The Review notes the review of FRC sanctions undertaken by Sir Christopher Clarke
which took effect in June 2018. A wide range of nancial and non-nancial sanctions is
available, including exclusions of up to 10 years for dishonesty, and unlimited nes for
seriously poor audit work. In the light of these changes, as well as the outcomes of recent
enforcement cases, the Review does not believe there is any shortfall in the severity of
sanctions
22
available to the FRC or Tribunal.
2.60 In the US, nes for audit failure are subject to statutory limits, with the PCAOB able to
levy nes of up to $15m,
23
in the case of rms that have engaged in international misconduct.
Since January 2017, the largest ne levied by the PCAOB following enforcement has
been$1.5m, compared with £6.5m
24
by the FRC. Fines levied against individuals have also
been considerably lower. Overall, therefore, nes in the US are more modest than have been
levied in recent years in the UK (Figure 7). The PCAOB also applies a wider range of sanctions
for audit misconduct, including censures, limitations on rms’ practice, revocations of rm
registrations, or bars and suspensions of individuals.
Figure 7: Fines for audit failures imposed by the FRC and the PCAOB (January 2017 to
September2018)
25
FRC (£) PCAOB ($)
Firm Individual Firm Individual
Maximum ne £6,500,000 £325,000 $1,500,000 $50,000
Upper quartile £5,000,000 £135,000 $20,000 $25,000
Median £3,000,000 £79,500 $10,000 $12,500
Lower quartile £2,100,000 £55,125 $10,000 $9,375
Minimum £700,000 £45,000 $5,000 $2,500
Total value of nes £29,625,000 £1,288,050 $5,322,500 $352,500
Number of nes 9 12 43 20
Source: FRC and PCAOB
2.61 In its 2018 Developments In Audit publication, the FRC reported that it considered
“around a third of cases to be less serious and consequently have been resolved by the FRC’s
Case Examiner through constructive engagement”. The FRC has not published its ndings or
any information on the outcomes of any of these cases or the number of cases. The Review
considers this an insufcient degree of transparency and scrutiny.
22
Following introduction of the AEP, fines now flow to HM Treasury, rather than to the professional bodies.
23
Adjusted for inflation.
24
Reduced from £10m for early settlement.
25
FRC fines are those imposed under the Accountancy Scheme for misconduct relating to statutory audit (no AEP
cases have yet been concluded) and include any discounts for early settlement. In addition, costs totalling £1.288m
were awarded against firms.
The PCAOB may impose sanctions for violations of PCAOB rules and standards, SEC Rules applicable to the
preparation and issuance of audit reports, and the Sarbanes-Oxley Act. The penalties noted above relate to cases
in which audit firms or individuals were sanctioned for conduct including violations of PCAOB standards in relation
to the performance of audits, PCAOB quality control standards, failure to co-operate with Board inspections and/or
investigations of failure to comply with the Board’s reporting rules. Published disciplinary orders represent settlements
that the PCAOB has reached with registered firms or their associated persons and public adjudicated orders imposing
sanctions against registered firms or their associated persons.
Chapter 2 – FRC: effectiveness of core functions 41
2.62 The Review notes the sensitivity in reporting specic details of cases, but considers that
the transparency of the regulator’s actions is nevertheless of key importance. Reporting more
information regarding undertakings will serve as a deterrent whist having a benecial effect on
audit quality.
Recommendation 33: The regulator should revisit application of its publication policy
in relation to concluded cases that result in undertakings.
2.63 The FRC currently limits statutory audit enforcement investigation to UK rms and
individuals, consistent with its approach taken to Audit Quality Reviews. By comparison, the
PCAOB conducts enforcement action against overseas auditors, and the Review is struck
by the signicant action it has taken as a result, including the case of Deloitte Turkey where
the PCAOB has imposed sanctions on the rm and has barred the CEO and others from US
public company audit work.
Recommendation 34: The international reach of the regulator’s statutory audit
enforcement action should be extended, on a risk-based basis.
Different approaches to enforcement – auditors and accountants
2.64 The FRC operates two enforcement procedures, the Audit Enforcement Procedure
(AEP) for matters relating to the statutory audits of PIE and other retained audits, and
the Accountancy Scheme. The Accountancy Scheme is the disciplinary scheme for the
accountancy profession i.e. members of the various professional bodies covered by the
Scheme. The AEP came into effect in June 2016, and prior to this all statutory audit related
matters were dealt with under the Accountancy Scheme. There are key differences between
the AEP and the Scheme. These include:
• The threshold for conduct capable of attracting sanction is lower under the AEP,
being a breach of a relevant requirement. The threshold under the Accountancy
Scheme is the higher one of misconduct (i.e. an act or omission which falls
signicantly short of the standards reasonable to be expected);
• Under the AEP, the FRC has the power to compel information and documentation
from PIE audited entities, whereas under the Accountancy Scheme they are only
able to obtain such material on a voluntary basis; and
• Under the current arrangements it is possible that investigations into the same
company can be conducted under two separate enforcement procedures. For
example, investigations into the audit of Patisserie Holdings plc will be conducted
under the AEP, whereas the CFO’s behaviour will be investigated under the
Accountancy Scheme. The same situation arises in relation to the Carillion
plcinvestigation.
2.65 Whilst there are historic reasons for these differences, the Review feels there is no good
justication for them and that they need to be addressed. Auditors and accountants should
be held to account on an equal footing; the bar should be aligned. The Review also believes
that the regulator should take the lead in investigating apparent wrongdoing by accountants in
relation to nancial reporting or corporate governance of Public Interest Entities.
Recommendation 35: The Review recommends that enforcement action against
accountants in relation to apparent wrongdoing in Public Interest Entities should
be undertaken by the regulator on a statutory basis. The current voluntary scheme
should be discontinued and replaced with a new statutory regime with tests and
42 Independent Review of the Financial Reporting Council
powers aligned and similar to those in the Audit Enforcement Procedure. Those in
scope would be judged against the requirements that already apply to them (legislative
requirements, nancial reporting standards and professional ethical standards).
2.66 Key characteristics of the two schemes as currently operating are set out in the
tablebelow.
Figure 8: Audit enforcement procedure and accountancy scheme characteristics
AEP Accountancy Scheme
Applies to Auditors and their rms when conducting
statutory audit for PIE and retained audits as
below
Members/Member Firms of of accountancy
professional bodies participating in the
Scheme other than in relation to statutory
audit work.
Statutory or voluntary Statutory Voluntary/contractual arrangements
Companies in scope Listed companies, credit institutions,
insurance undertakings; some AIM-listed
companies; Lloyds syndicates
All
Test to be met to impose a
sanction
Breach of a relevant requirement (including
audit standards and ethical standards)
Misconduct
Test to commence investigation Allegation i.e. information which raises a
question as to whether they have breached
a Relevant Requirement; and there is “good
reason” to investigate
Matter raises important issues affecting
the public interest in the UK; and there are
reasonable grounds to suspect misconduct
How are investigations of cases
not meeting the threshold dealt
with
n/a Where the public interest test is not met, the
RSB under its disciplinary rules
What powers to obtain
information
Power to obtain information from the audited
entity and the audit rm
Powers limited to obtaining information from
Members and Member Firms
Fines paid to The Government The relevant participating accountancy body
Source: FRC
Retrospective action
2.67 The Chairs of the BEIS and Department for Work and Pensions Select Committees
have asked the Review to consider whether the FRC should open new investigations into the
work completed by an individual or a rm for a previous year’s audit, if successful action has
already been taken in relation to that rm. Particular attention is drawn to the case of BHS.
2.68 In response to this question, the FRC has stated that:
“This situation arises in a signicant number of our investigations. In such
circumstances, as a risk-based regulator with nite resources, we do not, as a matter
of course, open new investigations into previous audit years where steps have already
been taken to safeguard the public interest and sanctions have been imposed to
those who fall within scope of our regulatory remit.”
2.69 The Review does consider the FRC’s approach reasonable in this case. Very substantial
sanctions have been imposed on the audit rm and the responsible audit partner, which
included a 15-year ban. The Review does not consider that there has been a failure to protect
the public interest as a result of the FRC’s decision not to examine previous years’ audits.
Chapter 2 – FRC: effectiveness of core functions 43
Enforcement: directors
2.70 The FRC currently has no authority to act against company directors unless they are
a member of a professional accountancy body (“member directors”). Perhaps more than
any other single issue, respondents to the Review’s call for evidence commented on this
point, with the great majority concerned that the current position is inadequate in holding
‘non-member’ directors to account for any part they have played in a serious reporting or
audit-related failure.
2.71 It is clear from a helpful mapping exercise carried out by the FRC, FCA, and Insolvency
Service that there is a wide range of arrangements to hold directors to account for the suite of
duties and requirements applying to them:
• Shareholders can act through the courts;
• The Insolvency Service has wide-ranging powers to disqualify directors (including
where insolvency has not occurred) usually as a result of serious corporate abuse
and fraud; and to prosecute directors for criminal offences in the Companies Act.
This is however a highhurdle;
• The FCA may act in cases of breaches of the rulesapplying tolisted companies,
whichincludedisclosure failings andmarket abuse, etc; and
• The FCA and PRA may act to enforce requirements specic to companies in the
nancial services sector.
2.72 Whilst the Review welcomes that mapping process and the memoranda of
understanding put in place to achieve better co-ordination between regulators, inconsistency
remains between the treatment of member directors and non-member directors particularly
in relation to corporate reporting. The Review considers that this is undesirable and has the
unintended consequence of creating an articial incentive for individual directors to resign their
professional body membership. It is the directors of a company who are responsible for the
accurate preparation of a company’s report and accounts, and it is important that they should
face appropriate consequences if this is not properly done. This is also important in creating
an effective deterrent.
2.73 While all directors face disqualication if they are found unt to be a company director,
this sanction is usually reserved for serious corporate abuse such as fraud and wrongful
trading. The Review considers that a more effective system is needed to deal specically with
accounting and corporate reporting failures.
Recommendation 36: The Review recommends that the Government, working with
the new regulator, should task the regulator to develop detailed proposals for an
effective enforcement regime in relation to Public Interest Entities that holds relevant
directors to account for their duties to prepare and approve true and fair accounts
and compliant corporate reports, and to deal openly and honestly with auditors. The
Review recommends that this should apply to a company’s CEO, CFO, chair, and audit
committee chair.
Recommendation 37: The Review recommends that the regime for non-member
directors should follow the principles of the Audit Enforcement Procedure, with
the same threshold for action to be taken, and a graduated range of sanctions. To
achieve this, the regulator should set out relevant requirements or statements of
responsibilities in relation to auditing and corporate reporting in order that directors
are individually accountable for their roles.
44 Independent Review of the Financial Reporting Council
Recommendation 38: Although the regulator should be able to impose a range of
sanctions, the Review recommends that action relating to director disqualication
should continue to rest with the Insolvency Service. The Review does, however,
recommend that the FRC should have the necessary powers to investigate directors
and refer cases to the Insolvency Service, working closely with them to ensure
effective action is taken where necessary.
Accountancy oversight
2.74 As set out from paragraph 2.2 above, the Review recommends that the current
self-regulatory regime for PIE audit rms should end. There remain, however, important
regulatory tasks that sit with professional accountancy bodies, largely following a voluntary
self-regulatory model. This section deals with the FRC’s role in regard to those functions, and
the oversight of those bodies it undertakes on a voluntary basis.
2.75 To step back, the voluntary oversight of accountancy regulation was established
following reforms in 2003. That saw the FRC expand its operations in response to the
WorldCom and Enron collapses to provide additional assurance to the self-regulatory model
and improve condence in it.
26
2.76 In terms of the oversight carried out by the FRC, it states that it “may review other
regulation by the professional accountancy bodies
27
of their members in: education, training,
Continuing Professional Development, standards, ethical matters, professional conduct,
and discipline, registration and monitoring and may make recommendations on how these
activities might be improved. The professional accountancy bodies have agreed that they will
consider the FRC recommendations carefully, and either implement them within a reasonable
period, or give reasons in writing for not doing so”.
2.77 Until 2010, the FRC conducted oversight thematic reviews of the accountancy
profession. The FRC has told the Review that securing action to meet its recommendations
was not always easy to achieve, not least when the recommendations were unwelcome. As
a result, the FRC has told the Review that it “prioritised its resources after 2010 with a greater
focus on achieving outcomes through its consideration of complaints …, combined with its
statutory oversight monitoring which involves monitoring of the Recognised Qualifying Bodies’
(RQBs) and RSBs’ processes and procedures”.
2.78 Although the Review has seen some complaints about the FRC’s handling of matters
dealt with by the professional bodies, it has not received evidence of substantial failure which
would merit a signicant shift in the regulatory model for the accountancy profession at this
point, particularly since the Review is recommending the replacement of the FRC with a new
regulator with a different culture and less consensual approach.
Recommendation 39: The regulator should continue to operate its oversight role of the
accountancy profession, but with a work programme sufciently wide and expert to
identify any emerging concerns of public interest.
26
The FRC’s remit in this area was set out in an exchange of letters between the FRC and the Consultative Committee
of Accountancy Bodies (CCAB), which now comprises Institute of Chartered Accountants in England and Wales
(ICAEW), ACCA, CIPFA, ICAS, CIPFA and CAI. CIMA (Chartered Institute of Management Accountants) is no longer a
member of the CCAB. A separate draft MoU exists between CIMA and the FRC
27
ICAEW, ACCA, CIPFA, ICAS, CIPFA, CAI and CIMA only
Chapter 2 – FRC: effectiveness of core functions 45
2.79 The FRC historically in dealing with the profession has adopted a “consensus-building”
approach in its oversight role. However, there is a clear risk that if the new regulator should
identify issues of signicant public interest in the future, its recommendations and actions
would not be enforceable or mandatory under the current oversight arrangements.
Recommendation 40: The Review recommends that the Government should put in
place a backstop statutory power, requiring action to be taken by a professional body
if there was a need in the public interest. The Review recommends that such a power
would be activated only if needed and at the regulator’s request.
Recommendation 41: The regulator should replace exchanges of letters with formal
memoranda of understanding with each of the UK’s professional accountancy bodies.
Stewardship
2.80 The FRC is responsible for maintaining and monitoring compliance with the UK
Stewardship Code.
28
The Code sets out high-level principles, supported by guidance, for
Code signatories to follow on a comply or explain basis in the course of their stewardship
activities. It was introduced in 2010, in response to a recommendation in Sir David Walker’s
2009 report on corporate governance at banks and other nancial institutions.
2.81 The Code currently has 278 signatories, comprising 172 asset managers, 94 asset
owners (such as pension funds) and 12 proxy advisers or investment consultants. Asset
managers are required under the FCA’s Conduct of Business Rules to disclose whether, and
if so how, they comply with Code. If they do not comply with the Code, they must disclose
what their alternative investment strategy is.
29
Other than this rule for asset managers, the
Stewardship Code has no basis in law or formal regulation.
2.82 Since 2016, the FRC has adopted a tiering approach to Code signatories, to help
differentiate publicly the extent of signatories’ commitment to the Code’s principles. The aim
has been to raise standards by providing an incentive on signatories to join the top tier. Tiering
is based primarily on an annual FRC assessment of each signatory’s public statement of its
commitment to the following principles:
• Publicly disclose their policy on how they will discharge their stewardship
responsibilities;
• Have a robust policy on managing conicts of interest in relation to stewardship
which should be publicly disclosed;
• Monitor their investee companies;
• Establish clear guidelines on when and how they will escalate their stewardship
activities;
• Be willing to act collectively with other investors where appropriate;
• Have a clear policy on voting and disclosure of voting activity; and,
• Report periodically on their stewardship and voting activities.
28
https://www.frc.org.uk/investors/uk-stewardship-code
29
https://www.handbook.fca.org.uk/handbook/COBS/2/2.html
46 Independent Review of the Financial Reporting Council
2.83 Initially, the FRC adopted three tiers, with only 40 signatories awarded top Tier 1 status
to begin with. The bottom Tier 3 was subsequently dropped, and over the past two years
Tier1 has expanded very signicantly to the point that 200 of the current 278 signatories
to the Code are now in Tier 1. This has happened as more signatories have expanded their
policy statements stating their commitment to the Code’s principles.
2.84 Apart from some minor amendments in 2012, and the introduction of tiering in 2016,
the Stewardship Code has not been signicantly updated since rst published in 2010. The
FRC will be launching a consultation on a revised Code early in 2019. At the same time,
the UK Government is due to implement a number of new statutory reporting requirements
for stewardship as part of implementation of a revised Shareholder Rights Directive
30
by
June2019.
2.85 Informed and engaged stewardship of companies by UK investors helps the FRC
to meet its wider responsibilities in relation to corporate governance, corporate reporting
andaudit.
2.86 However, the existing tiering approach focuses predominantly on checking the content
of stewardship statements, not on actual effectiveness or outcomes.
Recommendation 42: The Review recommends that a fundamental shift in approach
is needed to ensure that the revised Stewardship Code more clearly differentiates
excellence in stewardship. It should focus on outcomes and effectiveness, not on
policy statements. The Government should also consider whether any further powers
are needed to assess and promote compliance with the Code. If the Code remains
simply a driver of boilerplate reporting, serious consideration should be given to its
abolition.
2.87 The FRC also seeks more broadly to engage with the UK investment community,
both to help promote compliance with the Stewardship Code and to seek investor views on
governance, reporting and audit matters. However, it was only in June 2018 that the FRC
established an Investor Advisory Group
31
and this very largely consists of ESG specialists, not
investment decision-makers. Overall, the Review is not convinced that the FRC has anything
like the depth and breadth of relationships with senior decision-makers in the investor
community that it needs to exercise its functions well. To be fair, it is also true that the investor
community is also not as engaged, particularly in complex technical audit or accounting
topics, as it should be.
Recommendation 43: The FRC needs to engage at more senior level in a much
wider and deeper dialogue with UK investors, including both fund managers and
representatives of end-investors.
30
Directive (EU) 2017/828 of the European Parliament and of the Council of 17 May 2017 amending Directive
2007/36/EC as regards the encouragement of long-term shareholder engagement
https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32017L0828
31
https://www.frc.org.uk/about-the-frc/structure-of-the-frc/investor-advisory-group-(iag)/members-of-the-investor-
advisory-group-(iag)
Chapter 3 – Corporate failure 47
Chapter 3 – Corporate failure
The role of the regulator
3.1 The failure of major companies naturally raises public concern over whether more could
have been done by public authorities to prevent failure from occurring.
3.2 Responsibility for corporate failure must always rest, rst and foremost, with a
company’s directors, as well as to some degree with shareholders.
3.3 The Review does not believe it would be practical or desirable to task a regulator
with a general responsibility to ensure that even major companies are well-run and that
failure could not occur. Such a regulatory regime would require very intensive oversight of a
company’s operations, strategy, nances and management. It would be a huge inhibitor to
risk-taking, investment and innovation in the economy, and the costs would almost certainly
exceed the benets. The Review is not aware that any country in the world has attempted
such a regulatory regime, and strongly doubts that it could ever be effective.
3.4 All that said, it is clear that the FRC’s work already can, and should, contribute at least
to some degree to avoiding unnecessary and avoidable causes of major corporate failure.
3.5 The FRC sets accounting and auditing standards, issues guidance and regulates the
quality of corporate reports and statutory audits for the UK’s largest companies. It shapes
the system that provides the essential information that allows capital markets to work.
It also seeks to promote high standards of corporate governance. Company accounts
should provide an accurate picture of the company’s performance and nancial position,
independently assured by external audit; and other reports should describe fairly the
company’s strategy and principal risks. Investors, creditors and customers should be able to
use this information to make an informed assessment of a company’s prospects.
3.6 However, the FRC’s current work is generally backward-looking: its remit is to check
whether a company’s published accounts are defective; and whether its statutory audit was
of acceptable quality. Further, the FRC’s enquiries on company accounts are essentially
technical in nature and intended to lead to incremental improvements in future years.
3.7 The Review has considered whether there is scope for the new regulator to play a more
forward-looking role, particularly in acting in response to intelligence it has, or to potential
“warning signs”. The Review considers that there is potential to do this.
3.8 First of all, the new regulator should put in place more effective and pro-active
arrangements to identify emerging risks, at market and company levels. Through its work on
AQR, CRR and corporate governance, the regulator gains potential insights and information
48 Independent Review of the Financial Reporting Council
relating to companies. This intelligence should be put to better use. It also needs tobe
supplemented with a morecomprehensiveand effective picture, usinganalysis ofpublicly
availablemarket dataof sectors and companies at risk, as well as information gathered
through its own work.
Recommendation 44: The Review recommends that the regulator should
developa robust market intelligencefunctionto identify emerging risks at an early
stage,helping to shiftits perspective to current and future risks, as well as its
existingretrospectivefocus.
3.9 In addition, the Review considers that the effectiveness of the regulator will be improved
by greater engagement with auditors about risks atasector and company level, using
thePRA’s regulator-auditor meetingsas auseful reference point. At present in the UK,
auditors of banks and insurance rms are obliged to report to the PRA if they believe that the
company is not, or may cease to be a going concern; but this duty does not apply to auditors
of other PIE entities.
Recommendation 45: The Reviewrecommends that the Government introduces a
duty of alert for auditors to report viability or other serious concerns. The regulator
should also take a close interest, and engage with the auditor, in situations where a PIE
auditor has parted company with its client outside the normal rotation cycle.
3.10 The Review suggests that in developing the detail of that duty, the Government should
look at the system applied in France, whichrequires statutoryauditors to report viability
concerns to the company board, thereafter to escalate them to the shareholders and
ultimately to aregulatory body if their concerns are not addressed.
3.11 Bringing together the range of intelligence and analysis set out above would be of
benet to the regulator in relation to the FRC’s existing regulatory functions. It would enable
the regulator:
• Better to inform its risk-based approach for AQR and CRR work;
• Proactively to convenestakeholders to clarify the application of standards in higher
risk areas;
• To issue ‘practice guidance’ to auditors to inform forthcoming audits;
• To work with companies and auditors to develop guidance on the interpretation
of accounting standards for a particular issue, or to recommend – and possibly
mandate – additional disclosures; and
• Better to share intelligencewithother regulators such as the FCA and the Insolvency
Service where it is relevant to their work.
New powers
3.12 The Review considers that it would also be possible to go further and task the new
regulator with new powers to take more pro-active steps.
Recommendation 46: The regulator needs to be able to act quickly where potentially
serious problems are indicated. The Review recommends that the regulator should be
able to require rapid explanations from companies about reasonable concerns raised
by the regulator.
Chapter 3 – Corporate failure 49
3.13 Where those concerns are serious enough, it should also be able to assess the
underlying issues in more depth. The FCA and PRA have the power to commission experts
(‘skilled persons’) to visit companies and examine any matter relating to the regulators’
strategic objectives. For example, the FCA commissions skilled person reviews of authorised
rms in the nancial services sector to assess their systems of control, business conduct, risk
management or information security, using powers in section 166 of the Financial Services
and Markets Act 2000. The skilled person reports condentially to the FCA with their ndings
and recommendations, and the FCA can decide what further action is necessary, which may
include mandating improvements to the rm’s operations. The company may appoint its own
contractor to undertake the skilled person review from a panel pre-selected by the FCA, but
the FCA must approve the company’s selection and decides the remit of the review. The
company is required to pay for the review.
3.14 In comparison, the FRC’s current powers to investigate concerns (other than for
statutory audit) are limited. The FRC has a statutory power to obtain information from a
company to discharge its delegated statutory responsibilities on corporate reporting. That
is, to obtain explanations where it appears that a company’s nancial statements, directors’
report or strategic report may not comply with the Companies Act 2006. However, the
FRC has no authority to make more in-depth enquiries into a company’s risks, systems or
other affairs unless these are relevant to its delegated statutory responsibilities for corporate
reporting.
Recommendation 47: The Review recommends that the new regulator should be able
to commission a skilled person review, paid for by the company, in circumstances
where there is any signicant interest arising from its strategic objective:
“To protect the interests of investors and the wider public interest by setting
high standards of corporate governance, corporate reporting and statutory
audit, and by holding to account the companies and professional advisers
responsible for meeting those standards.”
3.15 The regulator would need to use this power in a proportionate manner, bearing in mind
its potential cost and administrative burden.
3.16 This power would be novel and would differ in a number of signicant respects from
the regulators’ powers in the nancial services sector where the nature of the supervisory
regime is very different. The Review considers that the circumstances justifying an inspection
couldinclude:
• Where there are concerns about the accounting treatment of key areas of
auditjudgement;
• Where there is evidence of signicant investor concern;
• Where there are concerns about the credibility of a company’s viability or going
concern statement or the methodologies used to underpin the statements;
• Where there are concerns that corporate governance explanations are seriously
misleading or inaccurate and that shareholders may be receiving a misleading
impression of what is really happening;
• Where there are grounds to believe that important aspects of corporate governance
are seriously decient;
• Where there is intelligence that an audit committee is not doing its job effectively or
is being unduly inuenced by executive directors;
50 Independent Review of the Financial Reporting Council
• Where internal controls or risk management appear to be seriously inadequate;
• Where a dividend has been announced that appears rash or unaffordable and
incompatible with the UK’s capital maintenance rules; or
• Where there are indications that a company might not be nancially viable, and the
company is not acting responsibly in dealing with these risks.
3.17 In many cases, the Review would expect the skilled person to recommend certain
improvements to the company’s accounting or governance and for the company to
accept those recommendations voluntarily, with the regulator monitoring subsequent
progress. In such cases, it may well be appropriate for the report and the outcome of it to
remaincondential.
Recommendation 48: The Review recommends that the regulator should also have the
power to publish the skilled person’s report if it judges that to be in the public interest.
Investors would then be able to reach their own conclusions about the company’s
conduct and management.
Recommendation 49: In terms of further action that may ow as a result of an
inspection, depending on its ndings the Review recommends that the regulator
should be given powers to:
• Require a company to procure additional assurance on the viability statement
or any other aspect of company reports and accounts;
• Require a company to procure an independent boardroom evaluation
focused on particular areas of concern such as a specic examination of the
effectiveness of the audit committee;
• Notify the company of its view of the risks to nancial viability and require a
formal response from the board, with a recovery plan if appropriate; or
• Order the removal of the auditor or an immediate retendering.
Recommendation 50: In the most serious cases, the Review suggests it may be
appropriate for the regulator to issue a report to shareholders suggesting that the
company’s dividend policy should be reviewed, or that they consider the case for a
change of CEO, CFO, chair or audit committee chair, or for other strengthening of the
board of directors. The Review believes that, where the severity of the facts merit it,
the regulator should have the condence to do this. Decision-making should rest, as
now, with boards and shareholders.
Other relevant issues
Internal controls
3.18 A number of respondents to the Review suggested that there is a serious case
for considering the introduction of stronger regulation in respect of companies’ internal
controls, similar to that applying in the US under the Sarbanes-Oxley Act (SOX). The relevant
provisions in SOX are requirements for the CEO and CFO of public companies to report
annually on the effectiveness of the company’s internal controls over its nancial reporting
and for the company’s auditor to attest to, and report on, management’s assessment of its
internalcontrols.
Chapter 3 – Corporate failure 51
3.19 The Review is particularly struck by the extent of support for these provisions
amongst senior audit committee chairs with experience of operating this regime in US-listed
companies. A number of members of the Review’s own advisory group also support the
provisions. The arrangements are seen as having led to better nancial reporting, fewer
signicant accounting restatements and stronger reassurances for audit committee members
about the robustness of internal controls. The provisions also underline clearly that the primary
responsibility for internal nancial controls and the accuracy of nancial reporting rests with
the board and management of a company.
3.20 Introducing SOX-style provisions would clearly be a very major step.It could impose
signicant costs, at least initially, particularly on smaller listed companies. The US experience
shows that smaller companies are affected disproportionately and listing could become
less attractive. Ongoing, recurring costs, however, are said to be lower. So too are the costs
of auditing automated and centralised systems which, in itself, provides an incentive to
improvecontrols.
Recommendation 51: BEIS should give serious consideration to the case for a
strengthened framework around internal controls in the UK, learning any relevant
lessons from operation of the Sarbanes-Oxley regime in the US. The pros and
cons of options for change should be analysed and consulted upon, giving
special consideration to the importance of proportionality in relation to the size of
thecompany.
Viability statements
3.21 The viability statement was introduced in 2014 as part of the revised UK Corporate
Governance Code. The statement is published in a company’s annual report and explains the
directors’ assessment of the company’s prospects over a specied period, taking account of
its current position and principal risks. It should set out how the directors have assessed the
company’s prospects, whether the company is viable over the period selected and why that
period is appropriate, and any assumptions or qualications. For the most part, companies
have used a three-year period to assess viability, although there is no upper limit on the period
that may be selected.
3.22 It is widely acknowledged that whilst a well-meant innovation, viability statements are not
performing an effective role. In general they consist of boilerplate statements that provide little
meaningful insight for investors and users of accounts.
Recommendation 52: The Review recommends that viability statements should be
reviewed and reformed with a view to making them substantially more effective;
and if they cannot be made more effective, serious consideration should be given to
abolishing them.
3.23 For instance, one possibility for consideration could be to require the inclusion in
viability statements of detail on what specic stress testing has been undertaken by the
company to underpin the viability statement. There may also be a case for bringing the
viability statement within the scope of audit, or some other form of assurance.
Reporting graduated audit ndings
3.24 The Review also believes that there is scope for the audit information provided to
investors and other stakeholders to improve, so as better to inform their scrutiny of the
company. The UK was the rst country globally to introduce extended audit reports, which
auditors of listed (and more recently PIE) companies are required to produce. Those reports
52 Independent Review of the Financial Reporting Council
are intended to provide greater transparency about the audit to the users of accounts
including communicating key audit matters. The enhanced audit report was welcomed by
investors, and reporting is now embedded.
3.25 Extending this further, the Review has considered the audit reports of a small number
of FTSE 100 companies which have included additional information in relation to key audit
matters over and above that required by the auditing standards. Included in the opinions are
the conclusions reached by the auditor in relation to the key audit matters. Findings are not
presented just as yes/no, or pass/fail, but instead the audit report presents judgemental views
as “graduated” ndings: for example describing an estimate as being cautious, balanced
oroptimistic.
3.26 The Review understands that, in essence, these are the ndings that the auditor already
presents to audit committees indicating their views on the judgements taken. The Review
considers that including this information within the audit report could provide shareholders
with more detail about the ndings of the audit, and a year on year comparison of how
balanced accounting estimates and judgements are.
3.27 Reporting “graduated” ndings in this way has been well received by investors. However,
the Review understands that there is currently only very limited appetite amongst preparers
for auditors to report in this way.
3.28 The Review supports further enhancements to the audit report of this kind. Reporting
“graduated” ndings could ensure greater transparency with regard to the conclusions
reached, ultimately providing more information with which shareholders can challenge
management.
3.29 The regulator should be the driver of such a change. It should consult appropriately and
inuence internationally. Consistency in approach across UK audit rms is critical as too is
ensuring international buy-in. This is a further opportunity for the UK regulator to drive best
practice and improvement globally.
Recommendation 53: The Review recommends that the regulator considers requiring
further enhancement to the Independent Auditor’s Report to include “graduated”
auditndings.
Chapter 4 – The new regulator: oversight and accountability 53
Chapter 4 – e new regulator: oversight
andaccountability
Oversight by Government and Parliament
4.1 Chapter 1 set out recommendations for a statutory base for the new regulator.New
arrangements for accountability to Parliament, and an appropriate relationship with the
Government, are also required.
4.2 The oversight and accountability arrangements for regulators vary. In relation to
Parliamentary oversight, the FRC is currently called to account for its actions by relevant
Select Committees at their invitation, but in practice this only occurs sporadically. Parliament
does not have a formal role in scrutinising the FRC’s work, or its performance. At present, the
FRC Chair and Deputy Chair are appointed by the Secretary of State for BEIS (though they
are not public appointments) and there is no scrutiny of these appointments by Parliament.
4.3 Given the signicant role it plays, the Review concludes that a higher degree of
Parliamentary scrutiny and accountability is warranted.
Recommendation 54: The regulator should submitanAnnual Report to Parliament.
4.4 The Review has also recommended in Chapter 1 that all board appointments should
be public appointments, that the appointment of the Chair and CEO should be subject to a
pre-appointment hearing with the BEIS Select Committee, and that the Government should
issue a remit letter to the regulator at least once each Parliament.
Recommendation 55: In terms ofitsinternal systems and controls,the Review
recommends that the new regulator must apply:
• The provisions of Managing Public Money
32
;
• The Regulators’ Code
33
, which sets out a clear principles-based framework for
how regulators should engage with those they regulate; and
• The Public Contracts Regulations
34
regarding procurement.
4.5 The Review also expects the regulator to ensure that its work fully considers and
assesses equalities impacts, particularly given that it will be taking on the FRC’s existing role
in relation to the Corporate Governance Code and its requirements on equality and diversity.
32
https://www.gov.uk/government/publications/managing-public-money
33
https://www.gov.uk/government/publications/regulators-code
34
https://www.gov.uk/guidance/public-sector-procurement-policy
54 Independent Review of the Financial Reporting Council
Recommendation 56: The regulator should actively promote diversity, especially in its
work on corporate governance.
Conicts of interest
4.6 The FRC has been the subject of strong criticism from some stakeholders over a
perceived closeness to those it regulates, its reliance on recruiting from the major audit rms,
and an associated concern that the FRC has an ingrained cultural sympathy towards the
accounting profession.
4.7 It is inevitable that the regulator will need to, and should, recruit former partners and
employees of major audit rms – it needs to employ qualied, experienced auditors and
accountants in order to have the expertise, knowledge, and skill needed to test complex
issues of corporate reporting and audit quality. Many of them will have worked in the “big
4”. There is nothing inappropriate in this, any more than it is inappropriate for the nancial
regulators to employ former staff of major nancial rms. All the FRC’s international peers
employ former “big 4” staff.
4.8 This, however, makes itall the morecritical that the regulator has procedures and
arrangements in place that provide a robust and defensible basis for the legitimacy of its
decision-making, in particular to avoid any potential for actual or perceived conicts of interest.
4.9 The FRC publishes the code of conduct applying to its board, committees and councils;
and it has a principles-based code of conduct that applies to all staff. Both set out the
requirements and expectations in relation to conicts of interest.
4.10 In the case of the executives and non-executives on the FRC’s board, committees and
sub-groups, a register of interests is published; a condential register of nancial interests is
maintained (applying a £25,000 minimum threshold); and individuals withdraw from discussion
when any conicts arise. In addition, the majority of board members may not have been
practising accountants or actuaries in the ve years prior to their taking up the role;
35
and no
member of the board may have been a practising auditor
36
in the three years prior to their
taking up that role.
37
4.11 For staff at the FRC, AQR inspectors are legally required to observe a 3-year cooling-off
period
38
, while staff in other roles “as a general principle, ... should not be involved with
monitoring or enforcement work in relation to a former employer”. Managers are therefore able
to exercise some discretion in considering how best to manage potential conicts ofinterest.
35
The majority of directors on the Board may not be individuals who in the five years prior to appointment have: (i) been
practising accountants or actuaries; or (ii) held voting rights in an accountancy or actuarial firm; or (iii) been employees
of an accountancy or actuarial firm, members of the administrative or management body of an accountancy or
actuarial firm.
36
No director/member appointed may be an individual who in the three years prior to appointment has: (iv) been
a practising auditor; or (v) held voting rights in an audit firm; or (vi) been an employee of, partner of or otherwise
contracted by an audit firm, a member of the administrative, management or supervisory body of an audit firm or an
officer holder of an audit body.
37
This rule also applies to members of the FRC’s Conduct Committee, Codes and Standards Committee, Case
Management Committee, and Enforcement Committee Panel.
38
As required by Article 26 of the EU Audit Regulation, which states that “a person shall not be allowed to act as an
inspector in an inspection of a statutory auditor or an audit firm until at least three years have elapsed since that
person ceased to be a partner or employee of that statutory auditor or of that audit firm or to be otherwise associated
with that statutory auditor or audit firm”.
Chapter 4 – The new regulator: oversight and accountability 55
4.12 The FRC’s hospitality register has only been published in recent weeks; and it is only
recently that the FRC has applied a consistent approach to the documentation of conicts
of interest for its staff. Whilst this is welcomed, the Review understands that the FRC does
not have a uniform approach to documenting deployment of staff to work concerning former
employers, nor the mitigations or other safeguards put in place as a result.
4.13 The Review considers that all these arrangements need to be strengthened. For the
foreseeable future, the priority needs to be to rebuild the regulator’s credibility.
Recommendation 57: The Review recommends that:
• For the foreseeable future, it would be wise for the regulator not to allow
staff, board or committee members ever to work on any regulatory functions
relating to a past employer, removing themselves and/or delegating to others
as necessary; and
• Written declarations for all staff members’ conicts of interest and nancial
interests should include proposed mitigations, and record any exercise
of management discretion in relation to work undertaken relating to a
formeremployer.
4.14 The Review recognises that the extent of the rst of these recommendationsis unusually
stringent, and some reasonable exibility should be permitted if for instance an individual only
undertook very early-career training in a relevant rm. But the Review does consider that a
very rigorous regime is justied at least until such time as the new regulator’s credibility and
reputation for tough independent-minded judgement is fully and unequivocally established.
These arrangements should not however be enshrined in legislation.
4.15 There has also been some criticism from stakeholders of the FRC’s approach to
procurement. The Review believes there is force to this,in particular aroundthe FRC’s failure
to adopt an open competitive approach. The FRC told the Review that it does not consider
that public contracting regulations apply toit; nor does the FRC apply them in spirit. During
the last 3 years, it has not tendered openly forthe majority ofits legal and professional
services, the value of which has been over £2m. The Review does not believe this approach
isappropriate.
Recommendation 58: The Review recommends that the regulator should establish a
procurement policy that adheres to public contracting regulations, and that follows an
open tendering process. Its policy should be published,along with a summary of those
contracts awarded that are above the Public Contracts Regulation threshold.
Complaints
4.16 The FRC handles complaints about accountants, auditors, professional bodies, nancial
reporting and other areas. There is currently no uniform approach across the FRC when
dealing with complaints, and most are dealt with under voluntary arrangements. Complaints
about the FRC itself may be escalated to an Independent Complaints Reviewer (ICR)
39
.
4.17 Last year, the FRC received over 300 complaints. Twelve complainants raised issues
about the FRC itself, 2 of which were referred to the ICR.The majority ofcomplaints received
by the FRC were about the conduct or performance of an accountant or auditor.
39
https://www.icrev.org.uk/about-the-icr/
56 Independent Review of the Financial Reporting Council
4.18 In responding to the Review’s Call for Evidence, concerns were raised around the length
of time the FRC takes to resolve complaints, there was frustration at the lack of clarity about
outcomes, and some considered the FRC’s handling to be defensive.
4.19 The Review has also heard that complaints can be of value to the FRC and may provide
useful information regarding its CRR functions, for example.
4.20 The FRC has a limited role in handling complaints about the bodies it oversees
on a voluntary basis (on accountancy and actuarial regulation, for example). In those
circumstances, the FRC is only mandated to test if the relevant professional body has
followed its own complaints procedure, rather than to examine the merit of the complaint
itself. The Review has not examined the detail of each professional body’s complaint handling
process, but notes the other avenues of appeal and independent review available to individual
complainants, as well as civil mechanisms for redress. The Review remains concerned,
however, that current systems do not appear to look for emerging sector-wide issues of
concern that need to be addressed. Here there is strong cross-over to the wider oversight
of professional bodies as set out in Chapter 2, which examines whether the regulator should
have stronger powers to act should it have concerns about theadequacy of professional
bodies’performance.
4.21 The Review’s concern in this matter is exacerbated by an apparent absence of
transparency. Very little information about complaints is published by the FRC, with its annual
report referring only to the outcomes of complaints relating to the FRC itself, rather than
reporting on those raised about others.
Recommendation 59: The Review considers the lack of transparency regarding
complaints to be unhelpful and recommends that aggregated data on the trend,
nature, andoutcome of complaintsreferred to the FRC bepublished, as well as
information on the speed at which they were dealt with.
Recommendation 60: The Review recommends that thenew regulator should more
proactively monitortrendsincomplaintsreceived by,and regarding,professional
bodies, since this provides useful intelligence on the way in which professional bodies
are operating. The new regulator should be actively interested in the substance of
complaint-handling, especially whereit is clear that complaintshave merit, and not
simply be monitoring process-compliance.
4.22 The Review is concerned that the absence of a central or consistent approach to
complaints managementmay result inmissed opportunities to drive improvements in auditing
or corporate reporting, and to ensuring that all relevant parts of the regulator are aware of
aconcern.
Recommendation 61: Given the complex nature of the issues dealt with by the
FRC,the Review recommends that a central team receive, triage, respond, and ensure
appropriate action is taken in relation to complaints or complaint-like contact from
stakeholders. That team should also develop clear guidance on how complaints will
be dealt with, including timelines.Although basic, the review considers these changes
necessary to improve the regulator’s credibility.
4.23 The FRC has a whistleblowing policy that is in line with those of other regulators.
Freedom of Information
4.24 The Review’s terms of reference specically question the FRC’s application of Freedom
of Information (FOI) provisions.
Chapter 4 – The new regulator: oversight and accountability 57
4.25 At present, only some of the FRC’s functions are subject to FOI
40
, with its application
41
including information about:
• The recognition of recognised supervisory and qualifying bodies;
• The independent supervision of the Auditors General; and
• The registration of third country auditors.
4.26 The Review is surprised that the FRC’s other statutory functions are not covered by FOI
provisions, including its activities as the Competent Authority for audit. By comparison, the
Freedom of Information Act 2000 (FOIA) applies in full to the FCA
42
.
4.27 The Review has heard that that the FRC lacks transparency and is not always
forthcoming with information when requested. In its published disclosure log
43
,the FRC
received 16 Freedom of Information (FOI) requests in the year ending 31 March 2018, and
it provided the requested information to 4 of these. The FRC did not provide the requested
information tothe majority ofits respondents because their requests did not fall within the
statutory functions covered by the FOIA.
Recommendation 62: The Review sees no reason why FOI provisions should not
apply in full to the regulator’s functions and internal running and recommends that it is
designated as a Public Authority for this purpose.
Leaks
4.28 The Review is dismayed at the scale and sensitivity of information about the FRC’s
activities that appears routinely to leak to the media. Such leaks are extremely rare in the case
of other regulators.
4.29 The Review notes that recent leaks of FRC activities have included:
• Pre-emptive stories, including detailed facts around the outcomes of individual
cases, including highly sensitive settlement negotiations or embargoed Tribunal
judgments in the cases of Connaught, BHS (British Home Stores) andRedcentric;
• The content of anticipated publications, including on the revised Corporate
Governance Code and the FRC’s review of audit quality;
• Internal stafng information – including the resignation of StephenHaddrill; and
• Information known to the FRC relating to this Independent Review.
4.30 The FRC is a public interest regulator which handles highly market sensitive information.
Its enforcement activities have substantial impacts on companies, professional rms and
individuals. As the organisation responsible for good corporate governance, the Review
expects the FRC to take stronger and more comprehensive action to ensure the protection of
sensitive information, whether through operating tighter internal procedures or by being more
restrictive and disciplined in sharing information in advance with external stakeholders.
40
https://www.frc.org.uk/frc-for-you/freedom-of-information
41
The FRC has been delegated to exercise functions of the Secretary of State under Part 42 of the Companies Act
(which relates to Statutory Audit). As a result of that delegation order, the FRC has been designated under section 5 of
the FOIA.
42
https://www.fca.org.uk/freedom-information/fca-freedom-information-act
43
https://www.frc.org.uk/frc-for-you/freedom-of-information/disclosure-log
58 Independent Review of the Financial Reporting Council
Figure 9: Leaks during the period of the Review
Date Issue
October 2018 Resignation of StephenHaddrill
October 2018 Settlement details of enforcement case against PwC’s audit ofRedcentric
July 2018 Revised Corporate Governance Code
June 2018 Series of stories relating to PwC’s audit of BHS
June 2018 FRC reporting on ‘big four’ audit quality review results
May 2018 Names of members of the Advisory Group for Independent Review
April 2018 Appointment of Sir John Kingman to lead Independent Review
Recommendation 63: The Review recommends that FRC and the new regulator must
ensure thattheirinternal procedures and approach to sharing information with external
stakeholders, and its procedures to investigate and act on any leaks, are much more
robust and effective.
Chapter 5 – Staffing and resources 59
Chapter 5 – Stang and resources
Funding
5.1 The FRC’s budget of £36.3 million is funded by market participants: those it regulates,
those who directly benet from its regulatory activities, and those who have regard to the
standards it sets. The funding groups pay the FRC levies through a mixture of statutory,
contractual and voluntary arrangements.
Figure 10: FRC budget
Table 1: Budget 2017/18 2017/18 2018/19
Budget Estimated outturn Budget
£m £m £m
Corporate Govenance & Reporting
Corporate governance 1.1 0.9 0.8
Accounting and reporting 2.9 3.1 3.2
Corporate reporting review 4.0 3.9 4.2
Financial Reporting Lab 1.0 0.8 0.9
XBRL 0.2 0.2 0.2
Central costs 1.8 1.7 1.6
Sub total 11.0 10.6 10.9
Audit and Assurance Regulation
Audit quality review 7.7 7.6 7.9
Audit & Assurance standards 1.9 2.0 1.9
Audit rm monitoring 0.6
Professional oversight 1.9 2.1 2.2
Central costs 1.8 1.8 1.9
Sub total 13.3 13.5 14.5
60 Independent Review of the Financial Reporting Council
Table 1: Budget 2017/18 2017/18 2018/19
Budget Estimated outturn Budget
£m £m £m
Actuarial Standards & Regulation
Technical actuarial standards 0.9 0.7 0.8
Professional oversight 0.2 0.2 0.2
IFoA actuarial monitoring 0.1
Central costs 1.0 1.0 1.0
Sub total 2.1 1.9 2.1
Enforcement
Enforcement core costs 3.4 3.4 3.3
Sub total 29.8 29.4 30.8
Audit and accountancy case costs 5.0 5.0 5.0
Actuarial case costs 0.5 0.1 0.5
Total 35.3 34.5 36.3
Increase/(Decrease) in reserves 0.7 1.7 –
Funding requirement 36.0 36.2 36.3
Source: FRC Strategy 2018/21 Budget and Levies 2018/19
5.2 At present, the bulk of FRC funding is provided by preparers of accounts and the
audit profession. The contributions from preparers of accounts are provided to the FRC on
a voluntary basis. These payments contribute to the FRC’s work on audit quality, corporate
governance and reporting, alongside funding provided by accountancy bodies, RSBs
and others via a combination of contractual arrangements and statutory requirements.
Preparers contribute 50% of FRC funding; the RSBs and accountancy bodies also contribute
around50%.
5.3 The voluntary nature of part of the FRC’s funding is very unusual and is
clearlyinappropriate.
Recommendation 64: The Review recommends that the regulator should not be
funded on a voluntary basis. BEIS should put in place a statutory levy.
5.4 Some of the Review’s recommendations – to strengthen stafng in the AQR and CRR
teams to increase the volume and quality of that work undertaken; to develop new functions
on intelligence and to execute its competition duty; and to undertake its forward-looking work
on corporate failure – will require further funding.
Recommendation 65: The Review recommends that BEIS should agree a new budget,
consistent with the Review’s recommendations, working with the new regulator and
consulting stakeholders.
Recommendation 66: The Review recommends that BEIS should set the regulator’s
budget each year, and having consulted, determine the proportions of the levy that will
apply to different parties.
Chapter 5 – Staffing and resources 61
Stafng
5.5 This Review was set clear objectives, to:
“Put the FRC in a position to stand as a beacon for the best in governance,
transparency and independence; strengthening its position and reputation.”
And to:
“Ensure that its structures, culture and processes; oversight, accountability, and
powers; and its impact, resources, and capacity are t for the future.”
5.6 For these objectives to be achieved, the regulator must be able to recruit high-calibre
candidates from a wide variety of professional backgrounds. Its staff must be technically
expert and must inspire respect. There must be openness and diversity of thought in the
organisation.
5.7 There is a clear public interest in enabling this: the regulator’s staff must hold to account
some of the biggest companies and rms in the economy, and it must provide national and
international leadership at a time of signicant change.
5.8 Having examined the detail of FRC’s current stafng position, the Review makes
recommendations focusing on three key areas: diversity and openness; seniority and
expertise; and on pay, as set out below.
5.9 On diversity and openness, the review is concerned that the FRC needs to do more
to ensure that its staff have greater recent experience outside the regulator to ensure that
understanding of current practice, new developments, and emerging trends is as up to date
as possible. High levels of staff loyalty are of course good. But a narrow organisational culture
is not. The regulator needs a more open stafng model than in the past.
Recommendation 67: As set out in Chapter 3, the regulator needs to develop new
teams, and should look to recruit analysts, investment experts, economists, and those
skilled in corporate law.
5.10 As recommended in Chapter 2, the Review considers that the regulator should increase
the seniority of its staff carrying out regulatory functions, particularly AQR. It should mirror
the PCAOB’s approach to employ former partner-equivalent experts, which would better
enable teams to deploy the degree of challenge, breadth of knowledge and sophistication of
judgement necessary to hold such signicant actors to account.
Recommendation 68: The Review recommends that the new regulator should develop
a stafng and resourcing strategy to achieve the vision set out in this Review. That
should include a more diverse approach to hiring. The regulator should also build on
the experience of the Financial Reporting Review Panel and, like the other nancial
regulators, develop a pool of former or retired senior executives and experts – so-
called ‘grey panthers’ – to boost its capacity to deploy expertise at short notice.
5.11 On pay, the Review is satised that the FRC has generally been able to advertise
vacancies at a rate that attract candidates of suitable quality and qualication. Its pay strategy
is based on a methodology similar to that of other market-funded regulators; and rates of pay
are comparable to those for similar grades working at the FCA and PRA. If anything, there is
evidence that some junior and generalist staff are paid over the market reference point, and
the FRC is taking action to address this.
5.12 However, the right arrangements must also be put in place for the future.
62 Independent Review of the Financial Reporting Council
5.13 The FRC was recently required for the rst time to submit for government approval each
individual role with a salary over a £100,000 threshold. This is a very time-consuming and
bureaucratic process that risks the regulator being unable to recruit when needed, or unable
to engage the best candidate for a role. It is of particular concern to the Review that, owing
to the seniority and qualications of staff needed by the regulator, 50% of its staff currently
fall above this threshold, including those in key regulatory and enforcement roles. The Review
also understands that BEIS and HM Treasury are asking the FRC to agree a Long-Term Pay
Strategy and apply Public Sector Pay Guidance structures even to highly specialist roles.
5.14 These new arrangements are anomalous. Neither the FCA nor the PRA is subject to
requirements of this kind. Both are public bodies; have similar rates of pay to the FRC; and
use a similar methodology to set their pay strategy. Like the FRC, they are not funded by
the taxpayer, but by those they regulate. The Review is clear that if the recently-introduced
arrangements persist, the new regulator inevitably will become steadily a less effective body
over time than the FRC is now, at a time when the Government is very clear that it wishes to
see a more effective body.
Recommendation 69: The Review recommends that the control arrangements on pay
for the regulator should mirror those of other nancial regulators such as the FCA,
PRA and Ofcom which are not funded by the taxpayer. This approach should apply
immediately. The new regulator’s budget should be set by Ministers, as should the
CEO’s pay, but other pay decisions should be made by the regulator subject, of course,
to proper transparency, and within the overall nancial budget set by Ministers.
Recommendation 70: The Review recommends that the new regulator’s pay
arrangements should be set out in the new regulator’s legal base, and mirror that of
Ofcom. That sets out with clarity that the arrangements for the terms, conditions,
and remuneration of staff are a matter of Ofcom’s responsibility. The Ofce of
Communications Act 2002 states that:
Schedule (7)(1): “The employees of Ofcom who are not executive members shall
be appointed to and hold their employments on such terms and conditions,
including terms and conditions as to remuneration, as Ofcom may determine.”
The Review recommends that the same wording be used for the founding legislation
for the new regulator.
Chapter 6 – Other matters 63
Chapter 6 – Other matters
Competition issues
6.1 The market for audit services is highly concentrated – currently 97% of audits of FTSE
350 rms are undertaken by the Big Four auditors. One of the mid-tier auditors, Grant
Thornton, which could, in principle, provide competition to the Big Four, announced earlier
this year that it would no longer tender for FTSE 350 audit work because of the difculties and
costs of making inroads into this market.
6.2 The FRC has a major role in regulating the audit market but does not currently have
a competition duty or remit, and has resisted taking one on. In 2013 the Competition
Commission recommended that the FRC should amend its articles of association so that
“without prejudice to its other objects, in performing its functions it will have due regard to
the need for competition in the statutory audit market for FTSE 350 companies”. The FRC
did not adopt this recommendation, seeing its role as being focused on quality rather than
competition, and having concerns about situations where there could be tension between
thetwo.
6.3 Under the EU Audit Directive the FRC, designated as the “Competent Authority” for
audit in the UK, has the task of monitoring developments in the market for providing statutory
audit services toPublicInterestEntities, including market concentration levels. The Competent
Authority must report every three years on developments in the market for statutory audit
services to PIEs. This role is still developing, but the FRC already has a stronger formal interest
in competition in the audit market alongside audit quality issues
44
.
How the FRC’s work can affect competition
6.4 Whilst the Reviewentirelyagrees that quality must be the regulator’s principal focus,
the Review is also clear that there are numerous areas where the FRC’s work can have a
direct effect on competition and the dynamics of the audit market and where regulation and
competition can work hand in hand to deliver higher quality. These were also noted by many
responses to the Review. For instance:
• The FRC’s approach to using and publicising ndings from its Audit Quality Review
(AQR) work. In a market where the quality of the product is largely invisible unless
things go wrong, AQR ndings are one of the key ways in which audit customers
44
Regulation (EU) No 537/2014 of the European Parliament and of the Council of 16 April 2014 on specific requirements
regarding statutory audit of public-interest entities – Article 27 (Monitoring market quality and competition).
64 Independent Review of the Financial Reporting Council
can differentiate between providers. More transparency on ndings – including
ratings – would help audit committees and shareholders make better informed
choices and drive competition in quality.
• The number of audit rms covered by the FRC’s AQR programme. If AQR ndings
are a key means of assessing audit providers, then not being part of the assessment
programme represents a barrier to entry. Only six providers are currently subject
to annual FRC reviews. The lack of regular external reports on other auditors can
have the effect of limiting choice for audit committees who will wantto play safe and
only include auditors on shortlists where they have satisfactory current reports. The
FRC’s recent decision to enhance reviews for the six largest audit rms may have
a similar effect in entrenching the incumbents because audit committees may only
want to pick rms where the FRC has validated their processes. In both cases, there
may be ways in which the FRC could try to counteract this potential barrier to entry.
• The FRC’s approach to setting or negotiating audit and accounting standards –
Wherever possible, standards need to be set in ways that are proportionate and take
account of the different scale and size of providers. Where standards and other rules
are set internationally, the FRC’s negotiating approach and objectives could similarly
take account of competition issues.
• The FRC’s approach to determining nes, liabilities and other sanctions –
Theapproach taken, including the respective weights given to nancial and
non-nancial sanctions, can have a strong bearing on smaller rms’ willingness
toenter the audit market.
• The FRC’s approach to the development of the UK Corporate Governance Code.
This has a strong potential bearing on competition, particularly the Code provisions
and supporting guidance on how audit committees should procure auditors and
assess pricing and quality.
• The future development of the FRC’s new responsibility under Article 27 of the EU
Audit Directive, as the Competent Authority, to monitor and report every three years
on developments in the market for providing statutory audit services to PIEs. This
role could be expanded voluntarily, beyond the minimum EU requirement.
• The extent to which the FRC encourages or discourages permitted alternative
approaches, such as joint audits –
These are allowed under audit standards applying in the UK and could be used to
involve a wider range of rms at the top end of the listed audit market and increase
the capacity and capabilities of mid-tier audit rms.
• The FRC’s approach to approving the transfer of audit technologies to challenger-
rms –
In the future this could help address entry barriers by ensuring that these capabilities
can be made available on viable terms, more broadly among audit rms.
A new competition duty
6.5 When the FRC rejected the Competition Commission’s recommendation of a new
competition duty, its main concern was a potential clash between audit quality and
competition; for instance, in the pursuit of audit quality, it might need to restrict competition by
preventing a poorly-performing rm from continuing to offer audit services.
Chapter 6 – Other matters 65
6.6 The Review agrees that safeguarding audit quality must remain central to the regulator’s
mission and purpose. However, it is perfectly possible to draft duties which allow regulators
to promote competition to the extent that this is compatible with other objectives or as a way
of furthering other objectives. Indeed, the Competition Commission’s proposed formulation at
the time was of this type, and arguably afairly weakformulation.
6.7 There area number ofpotential models for a competition duty set out in the legislation
establishing the FCA, the PRA and economic regulators such asOfcom,Ofce of Gas
and Electricity Markets (Ofgem)and the Ofce of Rail and Road (ORR), as set out in the
tablebelow.
Figure 11: Examples of other regulators’ competition duties and objectives
Regulator Competition duty
FCA Has a strategic objective and three operational objectives, including a competitionobjective. It must, “so far as is
compatible with acting in a way which advances the consumer protection objective or the integrity objective, discharge
its general functions in a way which promotes effective competition in the interest of consumers.”
PRA Must “so far as is reasonably possible act in a way which, as a secondary objective, facilitates effective competition in
the markets for services provided by PRA-authorised persons. . .”
Ofcom Has a principal duty to further the interests of citizens in relation to communication matters and “to further the interests
of consumers in relevant markets, where appropriate by promoting competition.”
Ofgem Must carry out its functions in the manner it considers is best calculated to further its principal objective, wherever
appropriate by promoting effective competition.
ORR Has ve equally weighted objectives, including to “promote competition in theprovision of railway services for the
benet of users of railway services.”
Source: Regulators’ websites
Recommendation 71: The Review recommends that the new regulator should be
given a competition duty in a stronger form than the “have regard to” formulation
recommended by the Competition Commission in 2013 and should follow the model
set out in Chapter 6, which is broadly based on the FCA’s competition duty.
Figure 12: Proposed competition duty for the new regulator
Proposed competition duty
The new regulator must, so far as is compatible with advancing its other objectives,
discharge its general functions in a way which promotes effective competition in the
market for statutory audit services.
The matters to which the new regulator may have regard in considering the effectiveness
of competition include:
• The availability of information about the quality of service provided by auditors and the
extent to which audit customersare able tomake informed choices;
• The impact of competition on the price and quality of audit;
• The ease with which the procurers of audit services can change provider;
• The ease with which new auditors can enter the market; and
• How far competition between auditors is encouraging innovation.
66 Independent Review of the Financial Reporting Council
New function to keep the audit market under review
Recommendation 72: In addition to a competition duty, the Review also recommends
that the regulator should be given a specic statutory function to keep the statutory
audit market under review and to report regularly on market and competition
developments. This will need to include reporting on trends in audit pricing, the extent
of any cross-subsidy from non-audit work and any implications for the quality of audit.
6.8 This function will build on the role that the FRC has recently been given under the
EUAudit Directive to report on developments in the UK market for statutory audit services
to PIEs. It will ensure that the regulator has the knowledge and expertise needed in terms of
market intelligence, analysis and competition expertise to be able to act on a new competition
duty effectively. These capabilities will also be needed if the regulator is to take on a role in
implementing any competition remedies identied following the Competition and Markets
Authority’s (CMA) current market study and monitoring their impact.
New powers and resources
Recommendation 73: The Review recommends giving the regulator the powers
it needs to support a competition duty and an ongoing market review function. In
particular, itwill need powers to require rms to provide audit pricing, cross-subsidy
and market share data and powers to act to address competition issues where
necessary. The position should be reviewed again following completion of the CMA’s
market study to ensure that the regulator has the powers needed to implement or
monitor the CMA’s competition remedies and to act on evolving or new competition
issues in the future.
6.9 The new duty and market review functions will have resourcing and organisational
implications. These will need to draw on the experience of the FCA and other regulators who
have been successful in adopting and implementing competition duties.
Actuarialoversight
6.10 Following Sir Derek Morris’ review of the actuarial profession in 2005, a memorandum
of understanding was put in place between the FRC and the IFoA, which sought to give the
former an oversight (and standard-setting) role in relation to the actuarial profession. However,
this is not in practice proving an altogether effective arrangement. The FRC’s oversight role
is based on a voluntary understanding, and it has no powers with which to enforce any
meaningful oversight of theIFoA. More than 13 years after Sir Derek reported, only now
is theIFoAembarking on a rst attempt at quality regulation of the profession. Moreover,
the FRC has limited actuarial expertise and resource(4 actuaries are employedwithin the
Actuarial Policy team).
6.11 The FRC assumed non-statutory oversight of the UK actuarial profession’s self-regulation
of actuaries in 2006.Responsibilities for the professional regulation of actuariesis summarised
in the following diagram.
Chapter 6 – Other matters 67
Figure 13: Responsibilities of the FRC and IFoA in relation to actuarial oversight
FRC IFoA
Setting Actuarial Standards:
Generic Technical Actuarial Standards
Specic Technical Actuarial Standards
Actuaries’ Code
Ethical Standards (APSs)
Professional/Independent oversight
Educations and examinations
CPD
Practising certicates
Member support
Enforcement – Actuarial Scheme
Public interest disciplinary cases
Discipline
(excluding public interest)
Source: FRC
6.12 Although the FRC carries out oversight of theIFoAby reviewing relevantIFoAactivities
and monitoring visits, it performs no monitoring or supervisory role over the quality of actuarial
work; and at present nor does theIFoA.
6.13 Technical Actuarial Standards are enforced in the context of an Actuarial Scheme
investigation into misconduct by an actuary. The FRC’s enforcement remit is limited to
investigating, in the public interest, potential misconduct by individual actuaries (not rms).
6.14 Actuarial work is key in a number of matters relating to pensions and therefore of interest
to TPR. HM Treasury has told the Review that it wishes to see effective regulatoryoversight of
the actuarial profession. The Government Actuary has said the same.
6.15 The Review:
• Sees asignicantrisk that stakeholders may be assuming that the FRC’s current
oversight of the actuarial profession is a great deal more thoroughgoing and effective
than, in the absence of credible powers, itactually is or can be;
• Suggests that, if stakeholders wish to see effective independent oversight of
regulation of the actuarial profession, suitable legal powers must be put in place to
make this possible;
• Questions whether the FRC is the best body to do this; and
• Suggests in any event that regulation of actuarialwork, as opposed to the
profession, is likely to haveconsiderably more impact thanregulation of the
profession ever can. This isalreadydone thoroughly by the PRA for insurance
companies, through scrutiny oftheiractuarial models. This is, however, much less
the case for pension schemes.
Recommendation 74: The Government, working with the PRA and TPR, should review
what powers are requiredeffectively to oversee regulation of the actuarial profession.
68 Independent Review of the Financial Reporting Council
Recommendation 75: The Review recommends that neither the FRC, nor its successor
body, is best-placed to be the oversight body.The PRA (which employs around
80actuaries) is a much larger repository of regulatory actuarial expertise than the FRC
and would be best-placed to take onall the actuarial responsibilities currently vested
in the FRC.
6.16 Actuarial work performed within a statutory audit context will continue to be subject
to audit oversight monitoring and enforcement and therefore will remain the responsibility of
theFRC.
Local audit
6.17 In 2010 the Secretary of State for Communities and Local Government announced plans
to disband the Audit Commission, transfer the work of its in-house practice to the private
sector and put in place a new audit framework. This was enacted in The Local Audit and
Accountability Act 2014 (LAAA) which in turn introduced a new Local Audit regime in England.
Transitional arrangements were put in place and on the 1 April 2018 the new Local Audit
regime became fully operational.
6.18 As a result of the new regime, the responsibilities of the Audit Commission in relation
to statutory audit transferred to other bodies, namely the FRC, the NAO and RSBs. The
framework is now complex and fragmented. Key players on statutory audit under the
LAAAare:
Figure 14: Summary responsibilities of organisations for local body statutory audit
Organisation Summary Responsibilities
Ministry of Housing, Communities and
LocalGovernment
Responsible for delivering implementation of the Act.
FRC Monitoring and enforcement.
Professional oversight of local auditors has been delegated to the FRC. In turn, the
FRC has specied three professional bodies to undertake specic regulatory activities.
NAO Responsible for setting relevant standards, which incorporate the FRC’s auditing
and ethical standards. Local auditors must also have regard to guidance to auditors
published by the C&AG.
The Act also allows the C&AG to examine the economy, efciency and effectiveness
with which local authorities and other local public bodies use their resources, providing
evaluation, commentary and advice of a general nature rather than examining specic
authorities.
Professional Bodies
RSBs =ICAEW, Institute of Chartered
Accountants of Scotland (ICAS)
RQBs = Chartered Institute of Public Finance
andAccountancy (CIPFA)
Responsible for registrationand qualicationof rms and individuals subject to FRC
oversight.
Monitoring and enforcement.
Public Sector Audit Appointments Ltd (PSAA) Nowthecentral procurement body
6.19 For England, the FRC is responsible for inspecting the quality of major local audits
45
and operating enforcement procedures under the Accountancy Scheme. The FRC has
oversight of the regulation by RSBs (ICAEW and ICAS) of auditors of local public bodies and
is responsible for recognising bodies as RSBs and Recognised Qualifying Bodies (CIPFA) for
Local Auditpurposes.
45
Major local audits – Local Authority and Health Bodies where total income or expenditure exceeds £500 million and
pension funds with assets of £1 billion or more than 20,000 members. The Local Audit (Professional Qualifications
and Major Local Audit Regulations) 2014, part 3, schedule 12.
Chapter 6 – Other matters 69
6.20 There are important differences between local authority audit and private sector audit:
• Auditors of local public bodies report not only on the nancial statements, but also
arrangements for securing value for money, and nancial sustainability;
• Auditors of those bodies carry out their work on behalf of the public, yet in
comparison to the lines of accountability in companies between the directors, audit
committee and shareholders, there is substantially lower awareness and challenge
of auditors’ work in the public sector;
• The FRC’s enforcement powers in relation to local audit are meaningfully different in
comparison to its powers in relation to private sector statutory audit. The former are
not within scope of the Audit Enforcement Procedure. Instead of the question as to
whether an auditor has ‘breached a relevant requirement’, a far narrower test applies
in relation to local audit – that there are reasonable grounds to suspect misconduct
and that the matter appears to raise important issues affecting the public interest;
and
• Unless the local body is also a PIE, there are no requirements regarding the rotation
of auditors.
6.21 These new arrangements, overall, appear to be insufcient to work adequately to
promote and deliver audit quality:
• The structure is fragmented and piecemeal. Public sector specialist expertise is
now dispersed around different bodies. The structure means also that no one body
is looking for systemic problems, and there is no apparent co-ordination between
parties to determine and act on emerging risks. The NAO has an overall oversight
role, but it is very unclear from what evidence base it is supposed tooperate;
• These arrangements only apply to the examination of the quality of nancial audit
and value for money, not issues of public interest which an auditor is also obliged to
report. Where issues are raised about corruption, impropriety, or a failure to comply
with relevant rules for example; the role of the FRC, and their ability to intervene or
act is unclear;
• There is also no one body tasked to understand and examine any tensions arising
from current trends: for example, between reducing audit fees and the increasing
complexity of local audit given thechallengingnancial situationoflocal authorities;
• The FRC’s execution of its functions regarding local audit appear based on an
assumption that nancial audit is a uniform product based on a uniform process,
regardless of the body subject to the audit and the landscape within which it sits.
The FRC is an expert in private sector corporate audit; and its expertise on, and
detailed understanding of issues relevant to local audit are currently limited;
• The results of the FRC’s individual reports on audit quality are not yet shared with
audit committees in the same way that they are for company audits inspected.
Norare there yet appropriate gateways in place to share results with the PSAA.
Norare they published. Even when results are shared in the future, as is planned, it
is very unclear who is supposed to take action to understand and address issues
raised about the quality of local auditors’ work;
• The PSAA has said that it intends to manage contracts for auditing on a 5-yearly
cycle, but there is no stated intention on auditor rotation, nor a requirement for
rotation to take place; and
70 Independent Review of the Financial Reporting Council
• The threshold for enforcement against an auditor– misconduct– is extremely
narrow, far narrower than in private sector audit.
6.22 The review also hasconcerns in relation to the new arrangements for appointing local
authority auditors. Historically these appointments were made by the Audit Commission. From
2015, this responsibility was transferred to local authorities– with transitional oversight by
PSAAfor contracts running to31 March2018.
6.23 Under the Appointing Person provisions of the LAAA, PSAA has since been selected
to take on the ongoing Appointing Person role, in effect appointing local auditors and setting
associated scale fees. Under the new framework, relevant authorities can in theory procure
and appoint their own auditors. However, in practice the vast majority choose not to. 98%
of relevant authorities (484 of 494
46
) have opted in to the central procurement body, in effect
delegating this decision.
6.24 The PSAA is very focused on reducing the costs of local audit. Its consultation on
2018/19 fee scale highlighted the following fee savings:
“We propose that scale fees for 2018/19 for all opted-in bodies should be reduced
by 23 per cent, compared to the fees applicable for 2017/18. This proposal continues
the practice of averaging rms’ costs, so that all bodies benet from the same
proportionate savings irrespective of the rm appointed to a particular opted-in body.
This reduction is possible as a result of the favourable prices secured from rms in
the recent audit services procurement. It follows a period from 2012/13 to 2017/18
in which scale fees reduced in two stages by an aggregate of 55 per cent, in part
reecting reductions in the size and scope of the Audit Commission, for example with
the closure of its inspection services.”
6.25 The Review has serious concern that these arrangements, in practice, may well
be prioritising a reduction in cost of audit, at the expense of audit quality. The Review
understands that CIPFA has raised publicly its concerns that local public audit fees have been
driven too low.
6.26 Particularly at a time when the entire local authority system is under acute nancial
pressure, and some local authorities are engaging in risky speculative ventures, high-quality
and robust scrutiny of local authorities’ nances and nancial management in the public
interest is a critical part of local democracy. All in all, the Review is very concerned that the
quality of this scrutiny is being pared back at the worst possible time.
Recommendation 76: The Review recommends that the arrangements for local audit
need to be fundamentally rethought to ensure they:
• Deliver robust assessment and scrutiny of the quality of local audit work, with
individual reports shared with audit committees and published;
• Establish a more appropriate threshold for enforcement action; and,
• Bring together in one place all the relevant responsibilities, so a single
regulatory body can take an overview.
46
In October 2016, PSAA formally invited all eligible principal local government and police bodies to become opted-in
authorities for a five-year period commencing on 1 April 2018. Out of 494 bodies eligible to join the scheme at that
time, 484 took the decision to opt in. The number of bodies can change when new bodies are created or bodies
cease to exist.
Chapter 6 – Other matters 71
Recommendation 77: Such a role (regarding local audit) could be taken on by the
FRC or its successor body, but the Review recommends that it would be much better
undertaken by a separate body that has (or could develop) a deeper expertise in the
local audit world. That body should have a different and much more focused remit
than the former Audit Commission. It should have a clear objective to secure quality;
and should set the relevant standards, inspect the quality of relevant audit work and
oversee the relevant professional bodies. It should also take on responsibility for
appointing auditors for local bodies and agreeing fees.
6.27 As shown in Figure 15, there is inconsistency in the arrangements for local bodies.
For example, Health Bodies appoint auditors directly and cannot participate in the PSAA’s
Appointing Person regime, and the PSAA has no responsibility for health in the new
framework. The LAAA does not capture Foundation Trusts, with the responsibility for audit
quality resting with NHS Improvement.
Figure 15: Volume of local bodies categorised as major local audits or PIE
47
Category Total Population Major local audits Major local audits
also meeting PIE
denition
Health Bodies (NHS Trusts and Clinical Commissioning Groups)
(auditors appointed directly-not part of the PSAA)
276 66
(AQR monitoring
from 01/04/18)
0
Local Public Bodies
(majority of auditors appointed by PSAA from01/04/18 onwards)
505 141
(AQR monitoring
from 01/04/19)
21
Local Authority Pension Funds
(majority of auditors appointed by PSAA from01/04/18 onwards)
79 66
(AQR monitoring
from 01/04/19)
0
Total – in scope of the LAAA 860 273
Small bodies
(Annual audits not required)
9,752 N/A N/A
Foundation Trusts
(not within the scope of the LAAA – responsibility for oversight of
audit quality rests with NHS Improvement)
151 N/A N/A
Total 10,763 273 21 (subject to AQR
monitoring)
Source: FRC
Recommendation 78: In the same spirit, the Government should review whether the
arrangements now in place for other public sector audits, such as Foundation Trusts,
are genuinely robust and effective. It is very unlikely that they are.
National Audit Ofce
6.28 In England, the NAO audits the nancial statements of all central government
departments, agencies and other public bodies, and reports the results to Parliament.
Parliament appointsthe NAO for this purpose. The NAOisindependent of government.
47
This table has been produced using publicly available data (PSSA and NHS improvement websites) along with FRC
data on major local audits and PIEs.
72 Independent Review of the Financial Reporting Council
6.29 The Companies Act 2006requiresthat Auditors General who audit relevant companies
(i.e. those subject to statutory audit requirements) are subject to oversight and monitoring
of that audit work by an “Independent Supervisor”. The FRChas beenappointed as the
Independent Supervisorfor the NAO.
6.30 In the year ending March 2018 the C&AG certied 370 sets of accounts, of which
62were statutory accounts pursuant to the 2006 Companies Act. It is these 62 sets of
statutory accounts which fall within the remit of the FRC’s supervision. Audits are carried out
in relation to companies such as Network Rail, UK Asset Resolution and parts of the BBC.
6.31 The FRC’s Audit Quality Review (AQR) team monitors the quality of thisstatutory audit
work performed by the NAO. On a voluntary basis,that isonly whenrequestedbythe C&AG,
the FRC also reviewsselected non-Companies Act(government department and public
body)audits, reporting privately to the C&AG the results of this work. (Similar monitoring is
performed by the ICAEW for the Auditor General for Wales and ICAS for Audit Scotland).
6.32 Results of the AQR areonlyreported privately to the NAO. The FRC does not interact
with the audit committee chair of the company whose audit is subject to review. Nor are its
reportspublished, orshared with Parliament.
6.33 The FRC does have a statutory obligation to report annually to the Government on its
supervision of the C&AG, a responsibility it discharges in a high-level summary report within
the FRC’s annual report.
6.34 One further C&AG responsibility of relevance to the Review relates to local audit.
Following the abolition of the Audit Commission, responsibility for preparation, publication
and maintenance of the Code of Audit Practice (which public sector auditors must follow) was
passed to the C&AG under the LAAA. Effectively the C&AG determines the standards and
other requirements that local auditors must meet to full their statutory responsibilities under
the LAAA.
6.35 All matters relating to the NAO, and its accountability, are matters for Parliament to
consider. Nevertheless, the NAO is a near monopoly provider of audit services within the
public sector, operating within (currently) a framework of limited scrutiny and accountability.
The Review believes there is a case for strengthening those arrangements in the case of the
NAO, just as in the case of private sector audits.The Review suggests that this should include
greater transparency and accountability to Parliament.
Recommendation 79: Just as the Review recommends public disclosure of AQR
ndings and gradings in relation to the private sector,the Review recommends that the
new regulator’sindividualAQRreviewsin relation to the NAO should be shared with
the relevant audit committee andParliament, andshouldbe published.
6.36 The Review also questions whether there is any good justication for the present
restriction of the FRC’s work to the NAO’s Companies Act audits, and whether there is not
also a public interest in the rest of the NAO’s audit work also being subject to more thorough
quality oversight. At present, examination is sometimes made of the quality of nancial audit
work undertaken for Departments, Agencies, arm’s length bodies, or charities but this is solely
at the request and discretion of the C&AG. Given the size, systemic importance and public
interest inherent in many of the accounts audited by the NAO there would appear to be a
strong case for scrutiny of a fuller population of NAO audits.
Recommendation 80: The Review recommends that all nancial audits in scope of the
NAO should be brought within the audit quality monitoring scope of the new regulator,
and not only at the discretion of the C&AG.
Chapter 6 – Other matters 73
6.37 Were the Government to create a new body to undertake more effective scrutiny and
oversight of local audit(as set out above) oneadditionalpossibility would be to transfer quality
oversight of the NAO’s audit workfrom the FRCto that body. This wouldreducethe risk that
the FRC successor bodymaytake a “cookie cutter” approach applying the same private
sector standards and approaches without regard to the different context of public sector audit
work. The Review would support such an approach.
Recommendation 81: In light of the Review’s recommendations on local audit, and
those above, the Review recommends that the Secretary of State for Business, Energy
and Industrial Strategy should reassess if the FRC remains the most appropriate
body to perform the role of Independent Supervisor of Auditors General in respect of
statutory audits.
Recommendation 82: The Reviewalsorecommends that responsibility for the local
audit “Code of Audit Practice” shouldbe movedto the same body that monitors the
quality of local audit work.
74 Independent Review of the Financial Reporting Council
Chapter 7 – Interim steps
7.1 Some of the Review’s recommendations, such as putting the new regulator on a full
statutory footing, and giving it stronger powers, will require primary legislation to bring them
fully into effect. This will take time.
7.2 In the meantime, however, there are important interim steps that can be taken to move
the FRC signicantly in the direction envisaged by the Review. Many of the recommendations
can be implemented in whole or in part without legislation. The Review believes that all
opportunities for early implementation should be taken in order to maintain momentum for
delivery of the changes for which there is a broad consensus. Implementation will involve
different methods, including secondary legislation, amendments to the FRC’s articles of
association, revisions to the FRC’s existing internal processes and procedures and new or
revised voluntary MoUs with the professional bodies and other regulators.
7.3 The table below sets out some of the key areas and recommendations where the
Review considers that early implementation is possible and should be actioned as a priority.
Figure 16:Interim implementation plan
Recommendation Interim action
Structure and purpose
Align the FRC’s strategic objective, duties and functions to those
recommended by the Review
Pending legislation, amend the FRC’s articles of association to
align them as closely as possible with Review’s recommendations
Reshape the size and composition of the Board in line with the
Review’s recommendations
Implement immediately
Make all board appointments public appointments subject to
approval by the Secretary of State
Implement immediately
Ensure that all board, committee and senior posts are openly
advertised
Implement immediately
Introduce a remit letter from government once each Parliament. Implement immediately
Ensure that Board is able to exercise stronger ownership of the
FRC’s enforcement functions.
Implement immediately
Chapter 7 – Interim steps 75
Recommendation Interim action
Effectiveness of core functions
Increase the regulatory reach of the FRC in terms of the direct
registration and regulation of PIE audit rms.
Revise the current delegation letter from Secretary of State along
with the eligibility criteria and guidance set by the FRC in relation to
its RSBs
Finalise new delegation agreements with the RSBs to clarify that
their role no longer includes registration and approval of PIE audit
rms
The regulator should play an active role in relation to work on the
audit expectation gap and solutions for that.
Implement immediately
Extend the regulator’s oversight to cover the entire annual report,
including corporate governance reporting
Powers to request information and order corrections require
primary legislation. As an interim step, the FRC should be ready to
write to companies pointing out reporting that is clearly decient
The Government should review the UK’s denition of a PIE Take forward immediately
As an interim step towards more transparency about audit quality,
the FRC should publish AQR reports on an anonymised basis
Implement immediately
The FRC should also revisit and strengthen its AQR resourcing
Reshape engagement with investors and asset owners and take
forward the Review’s recommendations on the Stewardship Code,
and the viability statement
Implement immediately
Step-up co-ordination with the Insolvency Service to create an
effective and seamless regime in which responsible directors are
held to account.
Prioritise the nalisation of an MoU between the FRC and the INSS
Corporate failure
Regulator should develop a robust market intelligence function to
identify emerging risks
The FRC should develop a plan for how this intelligence function
should be structured and resourced ahead of new powers to allow
the regulator to shift its perspective to current and future risks
BEIS should examine the case for a strengthened framework
around internal controls learning from the operation of the
Sarbanes-Oxley regime in the US
Early public consultation on pros and cons of options for change
is needed so that potential new legislation can be identied in
goodtime
New regulator: oversight and accountability
BEIS should remove the requirement to clear individual pay
approvals, in line with the Review’s recommendations.
Implement immediately
Signicant improvements should be made to the FRC’s internal
systems and controls including adoption of:
– A consistent and centrally managed complaints procedure
– The provisions of Managing Public Money
– The Regulators’ Code
– The FOI Act, and
– The Public Contracts Regulations
Implement immediately
The FRC should also urgently ensure that its procedures for
investigating and acting on any leaks are robust and effective
The FRC should tighten its rules and procedures to manage and
mitigate conicts of interest including:
– The new regulator should not allow staff, board or committee
members ever to work on any regulatory function relating to
a past employer, removing themselves and/or delegating to
others as necessary, and
– Written declarations for all staff members’ conicts of interest
and nancial interests should include proposed mitigations,
and record any exercise of management discretion in relation to
work undertaken relating to a former employer.
Implement immediately
76 Independent Review of the Financial Reporting Council
Recommendation Interim action
Stafng and resources
The regulator should no longer be funded on a voluntary basis BEIS should prepare secondary legislation to activate the existing
Companies Act provisions to put in place a statutory levy
A new resourcing and capability plan and pay strategy should
be developed to include the new areas of work proposed by the
Review, addressing the calls for greater resource, a broader range
of skills, and increased seniority and experience for key areas.
Implement immediately
Control arrangements on pay should mirror those of other nancial
regulators such as the FCA, PRA and Ofcom which are not funded
by the taxpayer.
Implement immediately
Other matters
The Government, working with the PRA and TPR should review
what powers are required effectively to oversee regulation of the
actuarial profession.
Take forward immediately
Arrangements for local audit need to be fundamentally rethought
including bringing together in one place all the relevant
responsibilities so that a single body can take an overview
MHCLG should bring forward as soon as possible plans for strong
oversight of local audit and how they will be introduced
Recommendation 83: An immediate priority task for the FRC and the Government
should be to work together to identify all the recommendations that can be
implemented in whole or in part without primary legislation and to develop an interim
implementation plan. This plan should be published along with a clear timetable
foraction.
Annex 1: List of all recommendations 77
Annex 1: List of all recommendations
Chapter 1
Recommendation 1: The Review recommends that the FRC should be replaced as soon as
possible with a new independent regulator with clear statutory powers andobjectives.
Recommendation 2: The Review recommends that the new regulator’s statutory powers,
purpose and objectives should be complemented – like the FCA’s – by a remit letter from the
Government at least once during the lifetime of each Parliament setting out those aspects of
economic policy that the regulator should have regard to when advancing its objectives and
discharging its duties. The regulator should respond publicly to this letter.
Recommendation 3: The Review recommends that the new regulator should be named the
Audit, Reporting and Governance Authority.
Recommendation 4: The Review proposes that the new regulator should have the following
strategic objective:
“To protect the interests of users of nancial information and the wider public interest
by setting high standards of statutory audit, corporate reporting and corporate
governance, and by holding to account the companies and professional advisers
responsible for meeting those standards.”
Recommendation 5: The full set of duties that the Review proposes be placed on the new
regulator are below, requiring that it should act in a way which:
• Is forward-looking, seeking to anticipate and where possible act on emerging
corporate governance, reporting or audit risks, both in the short and the longer term;
• Promotes competition in the market for statutory audit services;
• Advances innovation and quality improvements;
• Promotes brevity, comprehensibility and usefulness in corporate reporting;
• Is proportionate, having regard to the size and resources of those being regulated
and balancing the costs and benets of regulatory action;
• Is collaborative, working closely with other regulators both in the UK and
internationally; and
• Prioritises regulatory activity on the basis of risk, having regard to the
Regulators’Code.
78 Independent Review of the Financial Reporting Council
Recommendation 6: The Review recommends that the new regulator’s duties will guide the
new regulator in carrying out its core functions on audit and corporate reporting. The Review
proposes that its functions should also include:
• To set and apply highcorporate governance, reporting and auditstandards;
• To regulate and be responsible for the registration of the audit profession;
• To maintain and promote the UK Corporate Governance Code and the UK
Stewardship Code, reporting annually on compliance with the Codes;
• To maintain wide and deep relationships with investors and other users of nancial
information;
• To monitor and report on developments in the audit market, including trends in audit
pricing, the extent of any cross-subsidy from non-audit work and the implications for
the quality of audit; and
• To appoint inspectors to investigate a company’s affairs where there are public
interest concerns about any matter that falls within the Authority’s statutory
competence.
Recommendation 7: The new regulator will require a new board with signicant new powers
and responsibilities in a challenging environment. It will need to demonstrate strong leadership
to effect the major shift in tone and culture to rebuild the respect of those it regulates and
other stakeholders. There should be some, but only limited, continuity from the existing
FRCboard.
Recommendation 8: The Review recommends that the new regulator’s board should be
signicantly smaller than the current one.
Recommendation 9: The regulator’s board should comprise a mix of the skills, experience
and knowledge needed to ensure strategic direction and effective, constructive challenge to
the executive. It should not seek to be “representative” of stakeholder interests. In line with
provisions in the UK Corporate Governance Code, appointments should be diverse, based on
merit and objective criteria.
Recommendation 10: The Review recommends that all appointments to the regulator’s
board, including the CEO, should be public appointments approved by the Secretary of State
forBusiness, Energy and Industrial Strategy.
Recommendation 11: There should be a consistent approach to the appointments
process and all board, committee and senior posts should be openly advertised with
headhuntersused.
Recommendation 12: The Review recommends that the posts of chair and CEO should be
subject to conrmation hearings with the BEIS Select Committee, if the committee wishes.
Recommendation 13: The Review recommends that the Government, working with the chair
of the new board, should review the existing FRC committee and panel structure with a view
to achieving a signicant simplication of the architecture in line with the principles set out in
the Review. Thereafter, there should be a rigorous annual evaluation of the performance of the
board, its committees, the chair and individual directors.
Recommendation 14: The Review recommends that the board of the new regulator should
exercise signicantly stronger ownership and oversight of the investigation and enforcement
Annex 1: List of all recommendations 79
functions. The regulator should ensure that its internal rules and procedures enable the
boardto:
• Take decisions itself on whether to launch audit investigations in cases it regards as
of particular signicance or public interest. The Review does not anticipate the board
taking decisions in many such cases, but it should maintain an ability to do so;
• Require regular reports from the Conduct Committee and from the director of
enforcement on progress being made with investigations and any subsequent
enforcement decisions; and
• Question the director of enforcement at any point where it considers that a particular
decision or investigation is taking too long.
Chapter 2
Recommendation 15: The Review recommends that the approval and registration of
audit rms conducting PIE audits should be reclaimed from the RSBs. The Government
should work with the regulator to develop and consult on the detail of how this regime
shouldoperate.
Recommendation 16: The Review recommends the new regime for the approval and
registration of audit rms conducting PIE audits should incorporate a range of sanctions
including some that are less severe than the ‘nuclear option’ of audit rm deregistration.
Recommendation 17: The Review strongly welcomes the proposal that a piece of
independent work should be done to explore the issues arising from the audit expectation
gap, which have not been addressed in this Review. It is essential that this should be driven,
and be seen to be driven, by the interests of users of accounts.
Recommendation 18: The Government should review the UK’s denition of a PIE.
Recommendation 19: The Review recommends that AFMA should not be carried out on
a voluntary basis, but instead the regulator should have statutory power to carry out this
monitoring work. It is critical that this monitoring work is performed by individuals with the
appropriate skills and seniority.
Recommendation 20: The Review recommends that the new regulator should work towards
a position where individual audit quality inspection reports, including gradings, are published
in full upon completion of AQRs. This will, however, be a major step, requiring a high level
of condence in the AQR process. For the present, as a rst and interim step, the Review
recommends publication of AQR reports on an anonymised basis (similar to the approach
taken in the US and the Netherlands, forexample).
Recommendation 21: The Review recommends that the regulator should change its
approach to examining the quality of component audit work conducted overseas, on a risk-
based basis.
Recommendation 22: The regulator should revisit and strengthen AQR resourcing, and
should seek to:
• Recruit more senior staff (including at partner-equivalent level) who would attend
AQR inspection visits, adding weight and commanding more substantial respect
in conversations with rms; able to make a call on complex matters on-site; and
bringing to bear a comparative overview of sector-practice;
80 Independent Review of the Financial Reporting Council
• Ensure its approach to stafng addresses the need for its teams to include recent
experience of external audit and understanding of current practice, in order to test
and scrutinise rms as effectively as possible; and
• Widen and appropriately deploy the team’s sector expertise, in particular in those
most complex and high-risk sectors where public interest and risk of corporate
failure is highest.
Recommendation 23: The regulator should be required to promote brevity and
comprehensibility in accounts and annual reports, engage meaningfully with users and asset
owners about their information needs, and ensure the proportionality and value of reports.
At least once in every Parliament, the FRC should report to BEIS a public assessment of
the extent to which the statutory reporting framework is serving the interests of the users of
company reports together with any recommendations for how it can be improved.
Recommendation 24: The Review recommends that the regulator should consider expanding
the volume of CRR activity on a risk-based basis.
Recommendation 25: The Review recommends that the new regulator should be given a
power to direct changes to accounts rather than having to go to court.
Recommendation 26: The Review recommends that CRR ndings are reported publicly by
the regulator. The regulator should publish full correspondence following all CRR reviews, and
the ndings should be published in a set timeframe.
Recommendation 27: The Review recommends that the new regulator’s CRR work should be
limited to PIEs, except to the extent unavoidable under EU law.
Recommendation 28: In addition to stronger retrospective monitoring of company reporting,
the Review recommends that the new regulator should introduce a pre-clearance procedure
in advance of the publication of accounts.
Recommendation 29: The Review recommends that the stronger corporate reporting review
process described earlier should be extended to cover the entire annual report, including
corporate governance reporting. This should be done on the basis of risk.
Recommendation 30: The Government, working with the FCA and the new regulator, should
consider whether there is a case for strengthening qualitative regulation around a wider range
of investor information than is covered by the FRC’s existing corporate reporting work, to
ensure that disciplines to drive up the quality of companies’ disclosures in the UK are at least
as demanding as best practice internationally. One possibility would be for the new regulator
to trial some additional work in this area, on a risk-based and/or sampled pilot basis; if so, this
should be done in close collaboration with (or possibly even in support of) theFCA.
Recommendation 31: The Review recommends that the new regulator should be more
sparing and disciplined than the FRC in promulgating guidance and discussion documents.
These documents should only be issued if they are genuinely useful, and their utility clearly
exceeds the considerable costs they impose through users having to read and check them.
Recommendation 32: Although the Review is heartened by the FRC’s evident recent
change in approach, and by the strengthening of the enforcement team’s resourcing and
new leadership of the enforcement function, the Review recommends that both the board
and the Government should continue to monitor enforcement performance closely. The new
regulator should report on this in its Annual Report, and the regulator should regularly be held
accountable by Parliament through appearances at the BEIS SelectCommittee.
Annex 1: List of all recommendations 81
Recommendation 33: The regulator should revisit its publication policy in relation to
concluded cases that result in undertakings.
Recommendation 34: The international reach of the regulator’s statutory audit enforcement
action should be extended, on a risk-based basis.
Recommendation 35: The Review recommends that enforcement action against accountants
in relation to apparent wrongdoing in Public Interest Entities should be undertaken by the
regulator on a statutory basis. The current voluntary scheme should be discontinued and
replaced with a new statutory regime with tests and powers aligned and similar to those in the
AEP. Those in scope would be judged against the requirements that already apply to them
(legislative requirements, nancial reporting standards and professional ethical standards).
Recommendation 36: The Review recommends that the Government, working with the new
regulator, should task the regulator to develop detailed proposals for an effective enforcement
regime in relation to Public Interest Entities that holds relevant directors to account for their
duties to prepare and approve true and fair accounts and compliant corporate reports, and to
deal openly and honestly with auditors. The Review recommends that this should apply to: a
company’s CEO, CFO, chair, and audit committee chair.
Recommendation 37: The Review recommends that the regime for non-member directors
should follow the principles of the Audit Enforcement Procedure, with the same threshold for
action to be taken, and a graduated range of sanctions. To achieve this, the regulator should
set out relevant requirements or statements of responsibilities in relation to auditing and
corporate reporting in order that directors are individually accountable for their roles.
Recommendation 38: Although the regulator should be able to impose a range of sanctions,
the Review recommends that action relating to director disqualication should continue to rest
with the Insolvency Service. The Review does, however, recommend that the FRC should
have the necessary powers to investigate directors and refer cases to the Insolvency Service,
working closely with them to ensure effective action is taken where necessary.
Recommendation 39: The regulator should continue to operate its oversight role of the
accountancy profession, but with a work programme sufciently wide and expert to identify
any emerging concerns of public interest.
Recommendation 40: The Review recommends that the Government should put in place a
backstop statutory power, requiring action to be taken by a professional body if there was a
need in the public interest. The Review recommends that such a power would be activated
only if needed and at the regulator’s request.
Recommendation 41: The regulator should replace exchanges of letters with formal
memoranda of understanding with each of the UK’s professional accountancy bodies.
Recommendation 42: The Review recommends that a fundamental shift in approach is
needed to ensure that the revised Stewardship Code more clearly differentiates excellence
in stewardship. It should focus on outcomes and effectiveness, not on policy statements.
The Government should also consider whether any further powers are needed to assess
and promote compliance with the Code. If the Code remains simply a driver of boilerplate
reporting, serious consideration should be given to itsabolition.
Recommendation 43: The FRC needs to engage at more senior level in a much wider and
deeper dialogue with UK investors, including both fund managers and representatives of end-
investors.
82 Independent Review of the Financial Reporting Council
Chapter 3
Recommendation 44: The Review recommends that the regulator should developa robust
market intelligencefunctionto identify emerging risks at an early stage,helping to shiftits
perspective to current and future risks, as well as its existingretrospectivefocus.
Recommendation 45: The Review recommends that the Government introduces a duty of
alert for auditors to report viability or other serious concerns. The regulator should also take
a close interest, and engage with the auditor, in situations where a PIE auditor has parted
company with its client outside the normal rotation cycle.
Recommendation 46: The regulator needs to be able to act quickly where potentially serious
problems are indicated. The Review recommends that the regulator should be able to require
rapid explanations from companies about reasonable concerns raised by the regulator.
Recommendation 47: The Review recommends that the new regulator should be able to
commission a skilled person review, paid for by the company, in circumstances where there is
any signicant interest arising from its strategic objective:
“To protect the interests of investors and the wider public interest by setting high
standards of corporate governance, corporate reporting and statutory audit, and by
holding to account the companies and professional advisers responsible for meeting
those standards.”
Recommendation 48: The Review recommends that the regulator should have the power to
publish the skilled person’s report if it judges that to be in the public interest. Investors would
then be able to reach their own conclusions about the company’s conduct and management.
Recommendation 49: In terms of further action that may ow as a result of an inspection,
depending on its ndings the Review recommends that the regulator should be given
powersto:
• Require a company to procure additional assurance on the viability statement or any
other aspect of company reports and accounts;
• Require a company to procure an independent boardroom evaluation focused on
particular areas of concern such as a specic examination of the effectiveness of the
audit committee;
• Notify the company of its view of the risks to nancial viability and require a formal
response from the board, with a recovery plan if appropriate; or
• Order the removal of the auditor or an immediate retendering.
Recommendation 50: In the most serious cases, the Review suggests it may be appropriate
for the regulator to issue a report to shareholders suggesting that the company’s dividend
policy should be reviewed, or that they consider the case for a change of CEO, CFO, chair
or audit committee chair, or for other strengthening of the board of directors. The Review
believes that, where the severity of the facts merit it, the regulator should have the condence
to do this. Decision-making should rest, as now, with boards and shareholders.
Recommendation 51: BEIS should give serious consideration to the case for a strengthened
framework around internal controls in the UK, learning any relevant lessons from operation
of the Sarbanes-Oxley regime in the US. The pros and cons of options for change should
be analysed and consulted upon, giving special consideration to the importance of
proportionality in relation to the size of the company.
Annex 1: List of all recommendations 83
Recommendation 52: The Review recommends that viability statements should be reviewed
and reformed with a view to making them substantially more effective; and if they cannot be
made more effective, serious consideration should be given to abolishing them.
Recommendation 53: The Review recommends that the regulator considers requiring further
enhancement to the Independent Auditor’s Report to include “graduated” auditndings.
Chapter 4
Recommendation 54: The regulator should submitanAnnual Report to Parliament.
Recommendation 55: In terms ofitsinternal systems and controls,the Review recommends
that the new regulator must apply:
• The provisions of Managing Public Money;
48
• The Regulators’ Code,
49
which sets out a clear principles-based framework for how
regulators should engage with those they regulate; and
• The Public Contracts Regulations
50
regarding procurement.
Recommendation 56: The regulator should actively promote diversity, especially in its work on
corporate governance.
Recommendation 57: The Review recommends that:
• For the foreseeable future, it would be wise for the regulator not to allow staff, board
or committee members ever to work on any regulatory functions relating to a past
employer, removing themselves and/or delegating to others as necessary; and
• Written declarations for all staff members’ conicts of interest and nancial interests
should include proposed mitigations, and record any exercise of management
discretion in relation to work undertaken relating to a formeremployer.
Recommendation 58: The Review recommends that the regulator should establish a
procurement policy that adheres to public contracting regulations, and that follows an open
tendering process. Its policy should be published, along with a summary of those contracts
awarded that are above the Public Contracts Regulation threshold.
Recommendation 59: The Review considers the lack of transparency regarding complaints
to be unhelpful and recommends that aggregated data on the trend, nature, and outcome of
complaints referred to the FRC be published, as well as information on the speed at which
they were dealt with.
Recommendation 60: The Review recommends that the new regulator should more
proactively monitor trends in complaints received by, and regarding, professional bodies,
since this provides useful intelligence on the way in which professional bodies are operating.
The new regulator should be actively interested in the substance of complaint-handling,
especially where it is clear that complaints have merit, and not simply be monitoring
process-compliance.
Recommendation 61: Given the complex nature of the issues dealt with by the FRC, the
Review recommends that a central team receive, triage, respond, and ensure appropriate
action is taken in relation to complaints or complaint-like contact from stakeholders. That team
48
https://www.gov.uk/government/publications/managing-public-money
49
https://www.gov.uk/government/publications/regulators-code
50
https://www.gov.uk/guidance/public-sector-procurement-policy
84 Independent Review of the Financial Reporting Council
should also develop clear guidance on how complaints will be dealt with, including timelines.
Although basic, the review considers these changes necessary to improve the regulator’s
credibility.
Recommendation 62: The Review sees no reason why FOI provisions should not apply in full
to the regulator’s functions and internal running, and recommends that it is designated as a
Public Authority for this purpose.
Recommendation 63: The Review recommends that FRC and the new regulator must ensure
that their internal procedures and approach to sharing information with external stakeholders,
and its procedures to investigate and act on any leaks, are much more robust and effective.
Chapter 5
Recommendation 64: The Review recommends that the regulator should not be funded on a
voluntary basis. BEIS should put in place a statutory levy.
Recommendation 65: The Review recommends that BEIS should agree a new budget,
consistent with the Review’s recommendations, working with the new regulator and
consulting stakeholders.
Recommendation 66: The Review recommends that BEIS should set the regulator’s budget
each year, and having consulted, determine the proportions of the levy that will apply to
different parties.
Recommendation 67: As set out in Chapter 3, the regulator needs to develop new teams,
and should look to recruit analysts, investment experts, economists, and those skilled in
corporatelaw.
Recommendation 68: The Review recommends that the new regulator should develop a
stafng and resourcing strategy to achieve the vision set out in this Review. That should
include a more diverse approach to hiring. The regulator should also build on the experience
of the Financial Reporting Review Panel and, like the other nancial regulators, develop a pool
of former or retired senior executives and experts – so-called ‘grey panthers’ – to boost its
capacity to deploy expertise at short notice.
Recommendation 69: The Review recommends that the control arrangements on pay for
the regulator should mirror those of other nancial regulators such as the FCA, PRA and
Ofcom which are not funded by the taxpayer. This approach should apply immediately. The
new regulator’s budget should be set by Ministers, as should the CEO’s pay, but other pay
decisions should be made by the regulator subject, of course, to proper transparency, and
within the overall nancial budget set by Ministers.
Recommendation 70: The Review recommends that the new regulator’s pay arrangements
should be set out in the regulator’s legal base, and mirror that of Ofcom. That sets out with
clarity that the arrangements for the terms, conditions, and remuneration of staff are a matter
of Ofcom’s responsibility. The Ofce of Communications Act 2002 states that:
Schedule (7)(1): “The employees of Ofcom who are not executive members shall be
appointed to and hold their employments on such terms and conditions, including terms
and conditions as to remuneration, as Ofcom may determine.”
The Review recommends that the same wording be used for the founding legislation for the
new regulator.
Annex 1: List of all recommendations 85
Chapter 6
Recommendation 71: The Review recommends that the new regulator should be given a
competition duty in a stronger form than the “have regard to” formulation recommended by
the Competition Commission in 2013 and should follow the model set out in Chapter 6, which
is broadly based on the FCA’s competition duty.
Recommendation 72: In addition to a competition duty, the Review also recommends that
the regulator should be given a specic statutory function to keep the statutory audit market
under review and to report regularly on market and competition developments. This will need
to include reporting on trends in audit pricing, the extent of any cross-subsidy from non-audit
work and any implications for the quality of audit.
Recommendation 73: The Review recommends giving the regulator the powers it needs to
support a competition duty and an ongoing market review function. In particular, it will need
powers to require rms to provide audit pricing, cross-subsidy and market share data. The
position should be reviewed again following completion of the CMA’s market study to ensure
that the regulator has the powers needed to implement or monitor the CMA’s competition
remedies and to act on evolving or new competition issues in the future.
Recommendation 74: The Government, working with the PRA and TPR, should review what
powers are required effectively to oversee regulation of the actuarial profession.
Recommendation 75: The Review recommends that neither the FRC, nor its successor body,
is best-placed to be the oversight body. The PRA (which employs around 80actuaries) is
a much larger repository of regulatory actuarial expertise than the FRC and would be best-
placed to take on all the actuarial responsibilities currently vested in the FRC.
Recommendation 76: The Review recommends that the arrangements for local audit need to
be fundamentally rethought to ensure that they:
• Deliver robust assessment and scrutiny of the quality of all local audit work, with
individual reports shared with audit committees and published;
• Establish a more appropriate threshold for enforcement action; and,
• Bring together in one place all the relevant responsibilities, so a single regulatory
body can take an overview.
Recommendation 77: Such a role (regarding local audit) could be taken on by the FRC or
its successor body, but the Review recommends that it would be much better undertaken
by a separate body that has (or could develop) a deeper expertise in the local audit world.
That body should have a different and much more focused remit than the former Audit
Commission. It should have a clear objective to secure quality, and should set the relevant
standards, inspect the quality of relevant audit work and oversee the relevant professional
bodies. It should also take on responsibility for appointing auditors for local bodies and
agreeing fees.
Recommendation 78: In the same spirit, the Government should review whether the
arrangements now in place for other public sector audits, such as Foundation Trusts, are
genuinely robust and effective. It is very unlikely that they are.
Recommendation 79: Just as the Review recommends public disclosure of AQR ndings and
gradings in relation to the private sector, the Review recommends that the new regulator’s
individual AQR reviews in relation to the NAO should be shared with the relevant audit
committee and Parliament, and should be published.
86 Independent Review of the Financial Reporting Council
Recommendation 80: The Review recommends that all nancial audits in scope of the NAO
should be brought within the audit quality monitoring scope of the new regulator, and not only
at the discretion of the C&AG.
Recommendation 81: In light of the Review’s recommendations on local audit, and those
above, the Review recommends that the Secretary of State for Business, Energy and
Industrial Strategy should reassess if the FRC remains the most appropriate body to perform
the role of Independent Supervisor of Auditors General in respect of statutory audits.
Recommendation 82: The Review also recommends that responsibility for the local audit
“Code of Audit Practice” should be moved to the same body that monitors the quality of local
audit work.
Chapter 7
Recommendation 83: An immediate priority task for the FRC and the Government should
be to work together to identify and agree a set of measures that should be implemented in
the short term ahead of legislative time being available for primary legislation. This interim
implementation plan should be published along with a timetable.
Annex 2: Glossary of acronyms 87
ACCA Association of Chartered Certied Accountants
AEP Audit Enforcement Procedure
AFM Authority for the Financial Markets (Netherlands)
AFMA Audit Firm Monitoring Approach
AIM Alternative Investment Market
AQR Audit Quality Review
AQRT Audit Quality Review Team
ASIC Australian Securities and Investments Commission
BEIS Department for Business Energy and Industrial Strategy
C&AG Comptroller and Auditor General
CAI Chartered Accountants Ireland
CCAB Consultative Committee of Accountancy Bodies
CFO Chief Financial Ofcer
CIMA Chartered Institute of Management Accountants
CIPFA Chartered Institute of Public Finance and Accountancy
CMA Competition and Markets Authority
CPAB Canadian Public Accountability Board
CRR Corporate Reporting Review
E&Y Ernst & Young
EEA European Economic Area
ESG Environmental, Social and Governance
EU European Union
FCA Financial Conduct Authority
Annex 2: Glossary of acronyms
Annex 3: List of respondents to the Call for Evidence 89
A total of 69 organisations, and a further 33 individuals, responded to the Review’s call for
evidence. Responding organisations are listed below.
Aberdeen Standard Investments
AIA Group
Association of Accounting Technicians
Association of Business Recovery Professionals (R3)
Association of Chartered Certied Accountants
Association of Consulting Actuaries
Association of International Accountants
BDO Global
BlackRock
Brunel Pension Partnership
CFA Society
Chartered Accountants Ireland
Chartered Institute of Internal Auditors
Chartered Institute of Management Accountants
Chartered Institute of Personnel and Development
City of London Law Society
ClientEarth
Climate Disclosure Standards Board
Competition and Markets Authority
Crowe UK
Deloitte
Duncan & Toplis
Ernst & Young
Financial Reporting Council
Freshelds Bruckhaus Deringer
GC100
GES International
GlaxoSmithKline
Annex 3: List of respondents to the
CallforEvidence
90 Independent Review of the Financial Reporting Council
Government Actuary’s Department
Grant Thornton UK LLP
Group A and APA
Halex
Hermes Investment Management
Institute and Faculty of Actuaries
Institute of Business Ethics
Institute of Chartered Accountants in England and Wales
Institute of Chartered Secretaries and Administrators
Institute of Directors
Invesco Perpetual
Investment Association
Investor Relations Society
K&L Gates
KPMG
Kreston Reeves
Legal & General Investment Management Limited
Local Authority Pension Fund Forum
M&G Investments
Mazars
Old Mutual Global Investors
Pensions and Lifetime Savings Association
Pensions Research Accountants Group
Perscitus
Principles for Responsible Investment
Public Sector Audit Appointments
PricewaterhouseCoopers
Sarasin & Partners
Schroders
ShareAction
State Street Global Advisors Ltd
The Association of Investment Companies
The Charity Commission
The Institute of Chartered Accountants of Scotland
The Quoted Companies Alliance
The Society of Professional Accountants
Trades Union Congress
UK Shareholders’ Association and ShareSoc
UK Sustainable Investment and Finance Association
WMT Chartered Accountants
Annex 4: Review terms of reference 91
Annex 4: Review terms of reference
Independent Review of the Financial Reporting Council (2018)
A: Purpose and Timing
The Secretary of State for the Department for Business, Energy, and Industrial Strategy (BEIS)
invites Sir John Kingman to conduct a review of the FRC.
The review will aim to submit its ndings to the Secretary of State for Business, Energy and
Industrial Strategy and the FRC Board by the end of 2018. The review process will include a
public consultation. The nal report will be published, and the government will consult on its
response to the review’s recommendations.
B: Review Objectives
Mindful of the FRC’s role in helping to ensure the effective functioning of UK capital markets,
and in safeguarding the reputation of the UK as a world-leading nancial and commercial hub,
the review objectives will be to:
• Put the FRC in a position to stand as a beacon for the best in governance, transparency
and independence; strengthening its position and reputation.
• Ensure that its structures, culture and processes; oversight, accountability, and powers;
and its impact, resources, and capacity are t for the future.
C: Scope
The review’s scope is taken to include the objectives and context included in these terms of
reference, and will include the FRC’s governance and transparency; the avoidance of conicts
of interest, as well as its independence, oversight and accountability; and nally its impact,
resources and capacity. The detail of the review’s scope is set out in annex A.
D: Context
The FRC and its remit have developed considerably since it was initially established; and
it was last the subject of a review in 2011/12. Since then, there have been changes both in
regulation, and in expectations of regulators and how they operate. The FRC is a public body.
Some stakeholder groups have called for the FRC to demonstrate greater independence from
those they regulate.
92 Independent Review of the Financial Reporting Council
The government’s expectation is to see the UK at the forefront of corporate governance
internationally, including in terms of regulation. In the context of the UK’s exit from the EU,
it is even more important that our regulatory structures are t for the future. With reforms to
the UK’s Corporate Governance Code in hand, it is also appropriate to make sure that the
governance of the FRC as the body with responsibility for the Code, is best in class.
E: Governance
The review will led by Sir John Kingman.
The Independent Reviewer will be supported by an Advisory Group that will advise on the
direction of the review and sources of evidence and will help to scrutinise and challenge
emerging ndings and recommendations.
Advisory Group discussions will be held under Chatham House principles to enable free and
frank scrutiny of the issues. A summary meeting note will be produced and made available if
requested.
F: The Review Secretariat
There will be a small dedicated Review Secretariat acting in support of the Independent
Reviewer.
G: Stakeholder Engagement
The Review will undertake engagement with signicant stakeholder groups, including those
involved in preparing nancial accounts, the users of accounts and those affected by other
aspects of the FRC’s work, including governance and stewardship, in order fully to understand
the range of issues, and provide constructive challenge.
Annex A: Detailed scope
The Review will consider and make recommendations on the issues set out below.
1. Governance
The review will consider whether current governance arrangements and their transparency
are suitable given the FRC’s status as a public body; the increasing span of the its functions
(including in relation to large private companies); and in comparison to the increasing
expectations on companies, including those that will ow from anticipated changes to the
Corporate Governance Code, and especially so as to promote condence and emulation.
2. Independence
The review will consider whether the FRC is sufciently independent:
Within government;
From those whom it regulates; and
Including as a result of its funding arrangements, or to the extent that independence is
insufcient, the review will propose how this might be addressed.
The review will also consider, in particular, whether there are sufcient safeguards in place
to ensure and assure that independence. Such measures may include FRC’s processes,
transparency, culture, or other factors.
Annex 4: Review terms of reference 93
3. Avoidance of Conicts of Interest
In addition to the question of independence, it is important that the FRC is able to carry out its
broad range of functions and responsibilities without conicting, or being seen to conict with
other functions. The review will therefore consider:
Whether the practices, structure, culture and functioning of the FRCs activities and operations
are safeguarded against conicts of interest, or a perception that there may be conicts
ofinterest.
Whether existing mechanisms and practices for the prevention, detection, and resolution of
conicts of interest are adequate, or if additional measures are needed.
Whether the procurement of legal and consulting services are suitable.
4. Oversight & accountability
Whilst respecting the FRCs operational independence, the review will consider appropriate
mechanisms to realise its accountability to Parliament and government. The review will also
consider whether current arrangements for the FRC’s accountability to stakeholders and the
public are appropriate, including on the specic matter of Freedom of Information.
5. Powers
The review will consider whether the current legal bases for FRC activities are adequate; or
whether there is a case for an underpinning statutory architecture. In addition, the review will
look ahead to consider whether any extension of powers is necessary, advisable, or otherwise
recommended.
6. Impact
As a critical part of the UK’s oversight of the economy, it is important that the FRC is seen as
a world class regulator able to take effective action to detect and act on breaches, as well as
to deter inadequacy and wrong-doing, and incentivise compliance. The review will consider
what changes would best enable the FRC to achieve this; and how best the FRC can lead
globally on issues of governance.
7. Resources & capacity
It is important that the FRC has sufcient resource, skills, experience, and capacity to
deliver its responsibilities. The review will consider this, as well as whether current funding
arrangements are adequate and desirable. In so doing, the review will take account of
whether there are lessons that could be taken from international comparator bodies.
