Q&A: IAASB head on audit's role in combating fraud, ESG, new technologies, more

Q: What is the IAASB’s mission?

A: The purpose of the IAASB is to set high-quality, globally accepted standards that are used for audit and assurance reports around the world. Our standards should enable users of these external reports to rely upon them when making informed judgments about company performance.

Audit—when done right—is a truly noble pursuit because it should embed trust in our markets and allow investors to allocate capital in the most efficient and appropriate manner. Our strategy is about fulfilling that mission.

Q: What are the IAASB’s key priorities for 2022?

A: What we’re trying to do is threefold: make sure we are tackling issues that are most relevant and important to the world of audit and assurance today; be innovative in our approach to standard setting; and engage the stakeholder community, including standard setters and regulators, in a more intense way than has been done in the past.

We’ve just completed a set of standards—from an exercise that began about seven years ago—on key foundational issues that needed to be addressed to improve audit quality. Those included a new auditor reporting standard, a new standard on auditing estimates, a new risk assessment standard, a new suite of quality management standards, and a group audit standard. Our goal was to finish those so that we could tackle new and emerging topics, including assurance of sustainability and environmental, social, and governance (ESG) reporting, among others.

Q: How does the IAASB plan to address ESG reporting?

A: Our new work plan was approved in December. One of the key commitments we made is to dedicate time and resources to build off our existing assurance standards, which relate to nonfinancial information. We have a robust framework in place already—our umbrella standard, the International Standard on Assurance Engagements (ISAE) 3000, which is the primary standard used in 80 percent of assurance work throughout the world.

We have a specific standard on greenhouse gas statements (ISAE 3410), and last year we released guidance for practitioners on how to apply ISAE 3000 to ESG and sustainability reporting, among other matters. That said, there is an expectation that more needs to be done. We are listening to people right now on what are the most important things we can do at this moment to make our assurance standards more robust so that we can meet market demands.

Q: What are the IAASB’s plans concerning audit expectations relating to fraud and matters of going concern?

A: During our quarterly meeting in December, we approved a full project proposal for revision of our fraud standard (International Standard on Auditing [ISA] 240). It reiterates the auditor’s role in detecting risk in the context of a traditional audit and recognizes areas where our standard—that hasn’t been revised in a couple of decades—could be enhanced. We foresee a robust revision to this standard.

We hear a lot about the ‘expectation gap’ in audit. What we want to do is clearly define what auditors should be expected to do in relation to fraud in the context of an audit. Being clearer about that should go a long way toward reducing the expectations gap.

Secondly, the nature of our standards today has shifted to a risk-based approach, including ensuring risk considerations flow throughout a standard. Right now, our fraud standard needs an update. While the general approach may be correct, it needs to evolve similarly to changes made to other recently revised and new standards to ensure fraud risk is appropriately assessed in the context of an audit.

Another major topic of discussion for us is: What potential external communication should auditors be doing on fraud? How much transparency is required in that? Finally, reinforcing the appropriate exercise of professional skepticism in fraud detection is another area we’re focusing on.

Underlying all of that is how can we leverage technology to support the auditor in conducting the role. How does technology enhance their ability to perform work or potentially cause further audit risk?

Q: On that point, how have newer technologies changed the audit landscape?

A: Clearly, it has a big role in the audit landscape, and it has the potential to transform the way assessments are done over time. One thing we as a board have been doing is putting more effort into understanding disruptive technologies at the board level. We’ve had a couple of public roundtables, with another one happening in February, in which we’re looking five to six years out at what disruptive trends may fundamentally alter how audits are done and whether our standard-setting processes are adequately prepared for that.

Q: Regarding the IAASB’s proposed standard for easing audit requirements for “less complex entities” (LCEs), what is the intent of that initiative?

A: Most of the world’s entities are small- and medium-sized entities (SMEs), audited by small firms that don’t deal in the same complexities as major financial institutions. So, the question we, and many of our stakeholders, have raised is, ‘Could our standards, without depleting quality, be drafted in such a way that is more useful for the world of LCEs?’ That is what we have set out to do.

Our desire to put the standard out for comment sooner rather than later is something new. It reflects a change in our standard-setting practice—the desire to be a bit more agile in developing standards to get feedback quickly from the marketplace, rather than develop standards behind the scenes and hope it works after the fact.

Q: What comments is the IAASB seeking related to this proposed standard?

A: Firstly, we want to make sure our basic assumption on the value of the LCE standard, directionally, meets market demand. Will it be useful in a number of jurisdictions globally? Secondly, is our assumption about proportionality right—that the current drafting is proportionate to the typical nature and circumstance of an audit of an LCE and is responsive to those stakeholders’ challenges? Are we right about our calculation within the process compared to major requirements of the ISAs? What have we missed?

Q: What effect has the Covid-19 pandemic had on the audit profession?

A: Covid has certainly proven you have to adapt to the changing environment. Audit firms have had to reassess how they look at risks. The risks to the entities they’re auditing could be much different today. Our risk assessment standards should force firms to think critically. Fraud and going concern remain highly relevant considerations in this environment, and our efforts to revise these standards will be important as well.

I’m more concerned about the pandemic’s impact over time on the professional development of the next generation of auditors because they need in-person mentoring for professional growth. Without that, something may be lost in translation. That is my biggest long-term concern about Covid, less so on the ability of firms to comply with our standards.

Q: How is the IAASB working to deepen its key stakeholder relationships?

A: With in-person interactions off the table right now, we have been an aggressive adopter of other forms of communication, such as webcasts, LinkedIn, and other social media platforms. In some ways, going virtual has focused our efforts to reaching out to more. We’re meeting quite regularly with national standard setters to hear what is happening around the world and how audit standards are impacting them and what we need to get done.

Going forward, it will necessarily have to be a hybrid. We want to take all we’ve learned during this pandemic while not losing sight of the fact personal interactions are also helpful for standard setters because you can get a clearer read on the tone of comments.