FRC publishes annual Tier 1 audit firm inspection results
The FRC has published its annual review of audit quality of the largest (tier 1) audit firms (BDO, Deloitte, EY, Forvis Mazars, KPMG and PwC). In this blog, we take a look at the key findings.
Headlines
Of the 92 audits reviewed in 2023/24, 74% were categorised as good or limited improvements required, compared with 76% in the previous year. Whilst not a year-on-year increase, these results form part of a wider trend of gradual improvement over the last five years.
Only 4% of audits reviewed were found to require significant improvements, none of which were audits of FTSE 350 entities.
The overall quality of the six tier 1 firms varies significantly. The top four firms - Deloitte, EY, KPMG and PwC - saw either improved, or broadly stable results, with the FRC recognising the considerable efforts to improve audit quality made by these firms over a number of years. There is, though, a widening gap between these firms and BDO and Forvis Mazars, where results have declined. Of BDO’s audits reviewed, the proportion categorised as good or limited improvements required dropped significantly from 69% to 38%, and Forvis Mazars’ results from 56% to 44%. The FRC has commented that the performance of these two firms has fallen significantly below its expectations.
Common findings
The most common findings are once again in areas of estimation and judgement, and the audit of revenue.
- Audit of revenue
Key issues noted involved contract testing, data analytics and data input testing. In some audits, whether the treatment was appropriate was not considered (including identification of performance obligations in a contract). There was often a lack of vouching to third-party or other appropriate supporting evidence and a failure to consider the adequacy of sample sizes.
- Estimation and judgement
The most significant issues here related to weaknesses in the evaluation of key assumptions and judgements, and the challenge of management, as well as journals testing and general IT controls (GITCs). Examples include failure to appropriately challenge valuations and modelling across a wide range of areas, including provisions and expected credit loses. - Reliance on management’s experts
BDO in particular failed to challenge the methodology, assumptions or judgements used by experts, and at times failed to assess the objectivity, competency and capability of management’s experts. - Failure to spot errors audited financial statements
In some audits there were basic errors in financial statements and even in the auditor’s report! This demonstrates failures in the system of quality management. At Mercia we regularly spot errors in the audit reports we review as part of our file review service. Audit reports must be reviewed carefully before being signed – they are, after all, the only publicly available output of the audit itself. - Impairment of goodwill
Inadequate challenge of cash flow forecasts, level of work inconsistent with the risk assessment and poorly documented assessments were all highlighted as findings.
Good practice
Areas of good practice, i.e. effective or innovative ways the auditor has found to address a requirement or respond to the specific circumstances robustly, included:
- Effective use of specialists
A number of audits utilised auditor’s experts well, with thorough analysis and review of the work undertaken by the expert. - Thorough risk assessment for climate and fraud related risks
One audit team engaged specialists to assist in climate workshops with management and in designing audit procedures for climate related risks. In some cases the fraud risk assessment conducted at the planning stage was very robust and offered significant insight into fraud risk factors, leading to an enhanced audit response as a result. - Delay to signing of the audit report
In one case the audit team delayed signing the audit report to allow for further audit procedures to be undertaken in response to specific risks identified.
How can Mercia help?
Many of the issues identified with the audits inspected by the FRC are commonplace in audits conducted by firms of all sizes. Our training highlights common audit pitfalls and our file review services can assist in providing feedback on the quality of your audits. We’re also available to consult on technical queries.