The Institute of Chartered Accountants of Scotland (ICAS) is calling for the UK to implement a US-style Sarbanes-Oxley regime on internal controls to make audit fit for purpose for the 21st century.
In its response to Sir Donald Brydon’s "call for views" on the quality and effectiveness of audit, ICAS is also urging for increased transparency and greater accountability for directors, as part of an overhaul of the UK’s corporate reporting ecosystem.
“The time is now to build on the strong audit regime we already have and this is why we are calling for evolutionary change to shape the future of audit in the UK. Our proposals will further enhance the UK’s respected governance framework,” said Bruce Cartwright, CEO of ICAS.
ICAS issued a number of recommendations including:
Internal controls: introduce a proportionate UK version of the Sarbanes-Oxley regime to focus more on the controls and the checks and balances that are in place to manage a business. This should re-emphasise that responsibility for the preparation of financial statements rests with the directors of the entity.
Roles and responsibilities: include a broader responsibilities chart at the front of the annual report, and/or on a company website.
Mandate online annual reports: making searchable electronic annual reports mandatory would improve transparency. A fully electronic model could make it easier to highlight matters such as which parts of the annual report are subject to assurance and at what level.
Assurance maps: the new regulator should consider publishing what it sees as the generic accountability and assurance model for corporate UK, then could require each company to present their own version of this as part of the description of their business model in the annual report.
Assurance on KPIs: key performance indicators (KPIs) have increasingly become a measure by which corporates communicate their performance. Auditors should therefore be asked to provide assurance over KPIs. This would not be on whether the KPIs are the right ones to assess the performance of an entity, but whether they had been compiled appropriately.
This article was first published in June 2019.