The Financial Reporting Council (FRC) recently published revisions to its ethical standard for auditors, placing greater responsibility on UK audit firms and practitioners to deliver higher standards of ethical behaviour.
Taking effect from 15 December 2024, the update comes swiftly after the revision of the international IESBA code of ethics and is a clear move from the FRC to better align the UK with international best practice.
Acting with integrity is likely to require a higher standard of behaviour than merely being honest
Auditors should review their internal procedures and policies to ensure they are ready for the ‘simplified’ standard and to avoid allegations of misconduct that could result in regulatory proceedings. The FRC may well make an example of any individual or firm for non-compliance.
A first step would be to work through the changes, which have been neatly set out by the FRC. The implications will vary from practice to practice, but the key principle is integrity.
What is integrity?
The concept of integrity is often mistaken to mean the same as honesty, but there is in fact an important a distinction between the two. A professional who acts dishonestly will almost always act without integrity, but the opposite is not necessarily true: an auditor can act honestly but without integrity.
In practice therefore, acting with integrity is likely to require a higher standard of behaviour than merely being honest. When the regulator considers whether a firm or professional has acted without integrity, it will assess conduct through a broader lens and with the public interest in mind. It will not necessarily be enough for a firm to have acted honestly; integrity requires more. Unethical behaviour isn’t necessarily dishonest.
An example of the FRC acknowledging the distinction between honesty and integrity was in the case it brought against KPMG for its audit of Carillion. The FRC accused the firm and six of its former auditors of both dishonesty and a lack of integrity in their responses to FRC staff during routine audit-quality inspections. The tribunal made a number of findings of misconduct, which involved breaches of the fundamental principle of integrity.
‘No accountant should require training to realise that misleading a regulator is dishonest’
Dishonesty is a particularly serious form of a lack of integrity. The FRC has reminded auditors that the principle requires an accountant to be straightforward and honest in all professional and business relationships.
In its judgment against KPMG and others in connection with Regenersis and Carillion audits, the FRC stated: ‘No accountant should require any education or training to realise that deliberately misleading anyone, but especially a regulator, is at least incompatible with integrity and, barring special circumstances, dishonest.’
The growing reliance on AI will also invite new considerations around how to apply the principle of integrity. It is unlikely to be enough for a firm to rely on the purchase and use of AI in good faith, for instance.
It is not enough simply to rely on each individual’s idea of doing the right thing
What to do
To avoid running into trouble, auditors and audit firms should review their policies and procedures (which need only be appropriate to the size and nature of the firm) to ensure they promote the outcomes of the updated standard.
Firms could also consider how to improve their ability to monitor compliance with the specific requirements, such as modernising the periodic review of engagement documentation.
In the end, a lack of integrity is one of those concepts that is easy to recognise when you see it but harder to describe in abstract. It is not enough simply to rely on each individual’s idea of doing the right thing.