Audit Information systems & IT Security
Audit Information systems & IT Security
Menu
Search







Audit Information systems & and IT Security

Information System audit and IT Security

The News page

Securityfocus - Security News

Securityfocus - Latest Vulnerabilities

The Register - Security News

The Register - Management News

Financial Director - Audit News

Computer Weekley - IT Management News

Computer Weekley - Security News


SecurityFocus - Security News


News: Change in Focus
Publish Date: 2010-03-10
Change in Focus


News: Twitter attacker had proper credentials
Publish Date: 2009-12-18
Twitter attacker had proper credentials


News: PhotoDNA scans images for child abuse
Publish Date: 2009-12-18
PhotoDNA scans images for child abuse

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909


News: Conficker data highlights infected networks
Publish Date: 2009-12-16
Conficker data highlights infected networks


Brief: Google offers bounty on browser bugs
Publish Date: 2010-02-02
Google offers bounty on browser bugs


Brief: Cyberattacks from U.S. "greatest concern"
Publish Date: 2010-01-28
Cyberattacks from U.S. "greatest concern"

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909


Brief: Microsoft patches as fraudsters target IE flaw
Publish Date: 2010-01-21
Microsoft patches as fraudsters target IE flaw


Brief: Attack on IE 0-day refined by researchers
Publish Date: 2010-01-18
Attack on IE 0-day refined by researchers


News: Monster botnet held 800,000 people's details
Publish Date: 2010-03-04
Monster botnet held 800,000 people's details

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909


News: Google: 'no timetable' on China talks
Publish Date: 2010-03-04
Google: 'no timetable' on China talks


News: Latvian hacker tweets hard on banking whistle
Publish Date: 2010-02-26
Latvian hacker tweets hard on banking whistle


News: MS uses court order to take out Waledac botnet
Publish Date: 2010-02-25
MS uses court order to take out Waledac botnet

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909


Infocus: Enterprise Intrusion Analysis, Part One
Publish Date:
Enterprise Intrusion Analysis, Part One


Infocus: Responding to a Brute Force SSH Attack
Publish Date:
Responding to a Brute Force SSH Attack


Infocus: Data Recovery on Linux and ext3
Publish Date:
Data Recovery on Linux and <i>ext3</i>

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909


Infocus: WiMax: Just Another Security Challenge?
Publish Date:
WiMax: Just Another Security Challenge?


Gunter Ollmann: Time to Squish SQL Injection
Publish Date:
Time to Squish SQL Injection


Mark Rasch: Lazy Workers May Be Deemed Hackers
Publish Date:
Lazy Workers May Be Deemed Hackers

>> Advertisement <<
Can you answer the ERP quiz?
These 10 questions determine if your Enterprise RP rollout gets an A+.
http://www.findtechinfo.com/as/acs?pl=781&ca=909


Adam O'Donnell: The Scale of Security
Publish Date:
The Scale of Security


Mark Rasch: Hacker-Tool Law Still Does Little
Publish Date:
Hacker-Tool Law Still Does Little


More rss feeds from SecurityFocus
Publish Date:
News, Infocus, Columns, Vulnerabilities, Bugtraq ...


SecurityFocus - Latest Vulnerabilities


Vuln: GnuPG 'GPGSM Tool' Certificate Importing Remote Code Execution Vulnerability
Publish Date: 2010-07-30
GnuPG 'GPGSM Tool' Certificate Importing Remote Code Execution Vulnerability


Vuln: Multiple Mozilla Products 'importScripts()' Method Cross Domain Information Disclosure Vulnerability
Publish Date: 2010-07-30
Multiple Mozilla Products 'importScripts()' Method Cross Domain Information Disclosure Vulnerability


Vuln: Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability
Publish Date: 2010-07-30
Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability


Vuln: Mozilla Firefox, Thunderbird and SeaMonkey CSS Values Integer Overflow Vulnerability
Publish Date: 2010-07-30
Mozilla Firefox, Thunderbird and SeaMonkey CSS Values Integer Overflow Vulnerability


Bugtraq: ESA-2010-012: EMC Disk Library (EDL) Denial Of Service Vulnerability
Publish Date:
ESA-2010-012: EMC Disk Library (EDL) Denial Of Service Vulnerability


Bugtraq: XSS vulnerability in Campsite
Publish Date:
XSS vulnerability in Campsite


Bugtraq: XSS vulnerability in Campsite
Publish Date:
XSS vulnerability in Campsite


Bugtraq: Akamai Download Manager arbitrary file download & execution
Publish Date:
Akamai Download Manager arbitrary file download & execution


More rss feeds from SecurityFocus
Publish Date:
News, Infocus, Columns, Vulnerabilities, Bugtraq ...


The Register Security News


Vuln: GnuPG 'GPGSM Tool' Certificate Importing Remote Code Execution Vulnerability
Publish Date: 2010-07-30
GnuPG 'GPGSM Tool' Certificate Importing Remote Code Execution Vulnerability


Vuln: Multiple Mozilla Products 'importScripts()' Method Cross Domain Information Disclosure Vulnerability
Publish Date: 2010-07-30
Multiple Mozilla Products 'importScripts()' Method Cross Domain Information Disclosure Vulnerability


Vuln: Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability
Publish Date: 2010-07-30
Mozilla Firefox, Thunderbird, and SeaMonkey 'nsTreeSelection' Remote Code Execution Vulnerability


Vuln: Mozilla Firefox, Thunderbird and SeaMonkey CSS Values Integer Overflow Vulnerability
Publish Date: 2010-07-30
Mozilla Firefox, Thunderbird and SeaMonkey CSS Values Integer Overflow Vulnerability


Bugtraq: ESA-2010-012: EMC Disk Library (EDL) Denial Of Service Vulnerability
Publish Date:
ESA-2010-012: EMC Disk Library (EDL) Denial Of Service Vulnerability


Bugtraq: XSS vulnerability in Campsite
Publish Date:
XSS vulnerability in Campsite


Bugtraq: XSS vulnerability in Campsite
Publish Date:
XSS vulnerability in Campsite


Bugtraq: Akamai Download Manager arbitrary file download & execution
Publish Date:
Akamai Download Manager arbitrary file download & execution


More rss feeds from SecurityFocus
Publish Date:
News, Infocus, Columns, Vulnerabilities, Bugtraq ...


The Register Management News


Disney throws $763m at social gaming
Publish Date: Sat, 31 Jul 2010 08:02:02 GMT

Getting animated about Facebook

Disney has thrown over three quarters of a billion dollars to bring it up to Goliath status in the online gaming world, acquiring two and a half year old Playdom, which offers games for social networks ? the new buzzword in gaming that has all the VCs on the planet hopping onto investments.?


UK supermarket starts contactless payments
Publish Date: Fri, 30 Jul 2010 15:01:58 GMT

No touching

Spar is going contactless, attracted by the four pence per transaction the company could save by not asking shoppers for their PINs.?


Gaming sites bet on merger
Publish Date: Fri, 30 Jul 2010 09:07:55 GMT

In time for US welcome?

PartyGaming and Bwin have agreed to merge, just as moves to make online gambling legal in the US get a little closer.?


Citrix fluffed by XenDesktop virt in Q2
Publish Date: Wed, 28 Jul 2010 22:58:23 GMT

Pumped for the future

That $500m investment in XenSource from three summers ago is starting to pay off for Citrix Systems. The virtual desktop wave that helped lift Citrix in the first quarter continued to swell in the second quarter as the company booked $458.4m in revenue, up 16.7 per cent, and net income rose to $47.6m, up 11.8 per cent.?


Microsoft biz stars won't shine in Wall Street web show
Publish Date: Wed, 28 Jul 2010 19:15:11 GMT

Offline schmoozing for tired buns

Microsoft watchers and stockholders scratching their heads over the recent cloud re-org, Bing's continued losses, and potential prospects for Office 2010 will have to personally trek to Redmond this year if they want to hear from those directly in charge about what's going on.?


Virgin Media survives World Cup, buys back shares
Publish Date: Wed, 28 Jul 2010 10:53:11 GMT

Back of the net

Did the World Cup bring any sunshine to Virgin Media? The company today announced profits of £80m on increased turnover of £964m in its most recent quarter. But long-suffering shareholders take precedence over customers - Virgin will spend £375m buying back shares. Buy-backs usually have the goal of raising the share price.?


Watchdog rules on Hull Daily Mail 'porncoder' exposé
Publish Date: Wed, 28 Jul 2010 10:10:41 GMT

Mild wrist slap for smut website scandalmongery

The Press Complaints Commission has issued a mild wrist slap to the Hull Daily Mail for its coverage of Paul Smith - the man behind local news site HU17.net who was discovered to have a bit of previous form knocking together smut websites.?


Sage expects to fall into line after improved Q3 growth
Publish Date: Wed, 28 Jul 2010 09:31:56 GMT

Biz software biz buzzes

UK-based software maker Sage reported this morning ?improving organic growth trends? in its third quarter, and said that its full-year results would be in line with market expectations.?


NatWest sets lawyers on student site
Publish Date: Tue, 27 Jul 2010 12:56:17 GMT

Don't speak of us without our permission

A student finance website which offers summaries of bank accounts available for the feckless unwashed masses has been hit with a copyright infringement claim by NatWest.?


SAP Q2 sales up 12% despite gloomy Euro market
Publish Date: Tue, 27 Jul 2010 12:17:20 GMT

Tucks Sybase up in bed

German business software maker SAP AG reported US second quarter sales growth that offset a licence revenues slump in the European market.?


Empires built on free code aren't cheap
Publish Date: Fri, 23 Jul 2010 23:42:47 GMT

Starting up is cheap. Success is expensive

Open...and Shut Five years ago, Joe Kraus declared that it was a "great time to be an entrepreneur." In the midst of dwindling hardware and software costs, among other things, it's never been easier to start and scale a company.?


Forrester: IT spending growth holding up
Publish Date: Fri, 23 Jul 2010 15:56:25 GMT

Asia and Latin America counterbalance Europe

The prognosticators at IT watcher Forrester Research are not letting a little debt crisis in Greece and the fears by some that it will "metastasize across the European Union" put a damper on global IT spending growth for 2010.?


Microsoft 'record' results beat Jedi mind trickery
Publish Date: Fri, 23 Jul 2010 00:22:46 GMT

Cloud company you are not

Microsoft has reported record financial results for the quarter ending June 30, and the big money maker was Windows. Despite attempts at Jedi mind trickery involving cloud services, the company remains firmly wedded to the earth-bound PC.?


Amazon's profit disappoints, thanks to Apple's iPad success
Publish Date: Thu, 22 Jul 2010 23:01:47 GMT

Current quarter not so sanguine, either

Amazon reported disappointing second-quarter profit on Thursday, as competition from Apple, weakening European currencies and shrinking consumer spending ate into the company's bottom line. Shares tumbled 15 percent following the announcement.?


Dell pays $100m to settle accounting fraud charges
Publish Date: Thu, 22 Jul 2010 22:52:56 GMT

Michael Dell pays $4m

Dell has agreed to pay $100 million to settle US Security and Exchange Commission charges that it failed to disclose information to investors and used fraudulent accounting practices to give the false impression it was meeting Wall Street earnings targets.?


Zuckerberg: I'm 'quite sure' I own Facebook
Publish Date: Thu, 22 Jul 2010 10:21:17 GMT

Dancing on the head of a pin over lawsuit

Mark Zuckerberg last night addressed the question of whether he owes 84 per cent of Facebook to a New York firewood salesman.?


Imitate Real Ale quaffers, save the economy, says biz prof
Publish Date: Thu, 22 Jul 2010 09:24:19 GMT

'And I don't even like beer'. Weirdo

Top economics'n'biz brainboxes, having performed a detailed analysis, have announced that the way for the UK economy to revitalise itself is for us all to emulate beer-swilling real ale drinkers.?


Google shutters Nexus One webstore
Publish Date: Wed, 21 Jul 2010 22:06:08 GMT

Schmidt happens

Google has shuttered the Nexus One web store, ending its days as a direct phone seller.?


Apple 'stunned' by iProduct demand
Publish Date: Wed, 21 Jul 2010 18:26:44 GMT

'We do not create shortage for buzz'

Apple doesn't have enough iPads and iPhone 4s to meet consumer demand, doesn't know when it will, and doesn't know how many more it needs.?


Grauniad faces offshoring strike
Publish Date: Wed, 21 Jul 2010 10:59:45 GMT

Father of the chapel's on Facebook and everything

Guardian Media Group*Guardian News & Media is facing strike action from techies and possibly journalists if it pushes ahead with plans to start outsourcing technical staff.?


Zuckerberg admits working for man claiming Facebook ownership
Publish Date: Wed, 21 Jul 2010 10:52:57 GMT

Claims of frivolity looking more frivolous

So it may not be "completely frivolous" after all.?


Mac sales tripled since 2005
Publish Date: Wed, 21 Jul 2010 04:48:42 GMT

Jobsian wave sweeps Asia

Amid all the ballyhoo and whoop-de-doo about Apple's resurgence being a result of the consecutive successes of the iPod and iPhone ? and the promise of the iPad ? one Cupertinian money-maker has been flying under the radar: Mac sales have tripled in the past five years.?


Yahoo! blames so-so revenues on 'sluggish' search
Publish Date: Tue, 20 Jul 2010 22:53:36 GMT

Bing tests ahoy!

After all that Meltdown-induced cost-cutting and Bartzian reshaping, Yahoo!'s profits rose 32 per cent during the second quarter. But revenues grew a mere two per cent, failing to reach the expectations of both the Wall Street guessmen and Yahoo! itself.?


Apple iPad ? the 'Tickle Me Elmo' of 2010
Publish Date: Tue, 20 Jul 2010 22:40:45 GMT

Can't make 'em fast enough

Apple will sell 12.9 million iPads before the end of this year, according to the market watchers at iSuppli, upping their earlier estimate of 7.1 million "magical and revolutionary" devices.?


Apple revenue tops bullish expectations by $1bn
Publish Date: Tue, 20 Jul 2010 21:02:03 GMT

iPod sales slipping. But who gives a %$#@?

The Wall Street moneymen were expecting a big quarter for Apple, and with today's announcement that the Cupertinians had pulled in $15.7bn in revenue in their third quarter of fiscal 2010, those prognosticating financial folks got what they were hoping for ? and a billion dollars more.?


Small biz stays nervous on recovery
Publish Date: Tue, 20 Jul 2010 11:20:28 GMT

Cost-cutting is focus, not chasing sales

Small businesses in the UK remain focused on cost-cutting rather than expanding sales to secure their futures.?


EU pledges huge spend for small biz R&D
Publish Date: Tue, 20 Jul 2010 09:54:12 GMT

Biggest ever investment

The European Commission has pledged ?6.4bn for research investments across Europe in various areas for both academics and small businesses.?


Intel escapes monopoly fine as competition probe ends
Publish Date: Tue, 20 Jul 2010 08:59:39 GMT

More volume pricing restrictions

Chip giant Intel looks set to escape an anti-trust fine from the Federal Trade Commission.?


IBM wrings more profit from revived IT market
Publish Date: Mon, 19 Jul 2010 23:16:43 GMT

UK (still) soaring like a BRIC

Looks like all of those pink slips IBM handed out in the first quarter and the improving global economy is going to yield some big fat bonuses for the bigwigs thanks to a steady second quarter financial performance and the ongoing march to higher profits for Big Blue.?


HP's Palm bid beat Apple, Google, RIM, says report
Publish Date: Fri, 16 Jul 2010 22:46:29 GMT

Wooing worthy of a soap opera

HP was not Palm's only suitor when the Pr? and Pixi punter offered itself for sale ? Apple, Google, and RIM were also seeking the hand of the smartphone maker, presumably attracted by its webOS dowry and its patent portfolio. Nokia wasn't.?

Free On-Demand Webcast - Virtualizing the Hard Stuff


Google bags Metaweb for search future
Publish Date: Fri, 16 Jul 2010 20:14:03 GMT

The web is more than words

Google has acquired Metaweb Technologies, a five-year-old San Francisco startup that maintains a massive open database that details all sorts of real-world stuff in an effort to "build a smarter, more connected Internet."?


Dell proposes settlement with SEC
Publish Date: Fri, 16 Jul 2010 14:40:09 GMT

Ball in Uncle Sam's court

Computer maker Dell said this morning that it has put forth a settlement proposal with the Securities and Exchange Commission to end a probe into Dell's accounting practices that has been underway since September 2006.?


Paul Allen pledges philanthropy for ever
Publish Date: Fri, 16 Jul 2010 10:43:05 GMT

Death will not wither me

Microsoft's other founder, Paul Allen, promised his philanthropy will continue after his death while announcing a series of grants to mark the 20th anniversary of his charitable foundation.?


Job sites slam domain name land grab
Publish Date: Fri, 16 Jul 2010 09:45:47 GMT

Dot-jobs plan 'reeks'

Dozens of job sites have stuck the boot into plans to effectively create tens of thousands of new employment boards under the .jobs internet top-level domain.?


AMD sales up ? but ink still red
Publish Date: Thu, 15 Jul 2010 23:23:14 GMT

Fresh Fusion APUs, Bulldozer on doorstep

If you have been wondering where those extra profits that Intel raked in during its best quarter ever came from in Q2, it looks like some of that black ink came right out of the hide of Advanced Micro Devices.?


Google profits swell (only) 24 per cent
Publish Date: Thu, 15 Jul 2010 22:05:38 GMT

UK lag

Google's revenues leapt 24 per cent during the second quarter, and profits rose 24 per cent as well. But that wasn't enough to satisfy the Wall Street guessmen.?


Ellison loses bid for US basketball franchise
Publish Date: Thu, 15 Jul 2010 20:31:07 GMT

Warriors SoNotLarry's

Larry Ellison, as you all know, is accustomed to getting his way. But even the richest billionaire in Silicon Valley can't always get what he wants. And so it is with Ellison's desire to own the Golden State Warriors, where the chief executive officer of Oracle missed the jump ball to a Joe Lacob, a partner at Silicon Valley venture capital hot-shot Kleiner Perkins Caufield & Byers.?


IDC: Second quarter PC sales hit the bull's eye
Publish Date: Wed, 14 Jul 2010 23:18:28 GMT

Consumers wane as corporates wax

The PC market rebounded as expected in the second quarter, according to the latest statistics from market watcher IDC, with PC shipments across all types up 22.4 per cent to 81.5 million units.?


Apple acquisition points to Google Maps divorce
Publish Date: Wed, 14 Jul 2010 19:20:07 GMT

Poly9, playing for time

Apple has acquired the French-Canadian mapping-software firm Poly9 and moved the company's braintrust to the Cupertino mothership.?


Intel calls end to server sales drought
Publish Date: Wed, 14 Jul 2010 00:14:49 GMT

Thanks to Google, Facebook, Amazon, MSN...

From Intel's point of view, the Meltdown is over, and you're to be credited with its recovery ? that is, if you use Google, Facebook, Amazon, or MSN.?


No Bing bang for Microsoft's Yahoo! marriage
Publish Date: Tue, 13 Jul 2010 22:32:32 GMT

Google's Android gets shot of MS

Bing's marriage with Yahoo! will be a phased affair not a big bang, Microsoft has revealed.?


Intel claims 'best quarter ever'
Publish Date: Tue, 13 Jul 2010 21:15:49 GMT

Wall-Street guesstimators beaten

Intel announced its second-quarter earnings today, with numbers that add up to what chief Paul Otellini called "the best quarter in the company's 42-year history."?


IBM employee sparks massive bank outage
Publish Date: Tue, 13 Jul 2010 17:42:30 GMT

Big Blue liveware triggers seven-hour FAIL

Last Monday, one of Singapore's largest banks suffered a seven-hour IT outage that took down everything from back-office services to ATMs. This Tuesday, the flawed component was identified: an IBM employee.?


I own Facebook, claims New York fuel salesman
Publish Date: Tue, 13 Jul 2010 10:34:37 GMT

Next: The Moon

Facebook has branded claims by a New York man that Mark Zuckerberg owes him 84 per cent of the firm "frivolous".?


Bidding for rivals' AdWords can be infringement, sometimes
Publish Date: Mon, 12 Jul 2010 08:07:14 GMT

Ads origin must be clear

A company can stop other companies using its trademarks to trigger search engine adverts if those adverts do not allow a web user to tell which company is behind the ads, the European Court of Justice (ECJ) has said.?


Major Microsoft re-org to avert Windows' cloud cannibalization
Publish Date: Mon, 12 Jul 2010 05:02:02 GMT

Talisker money maker for on-premises Azure

Exclusive Microsoft's $14bn server and tools unit has undergone a major shake up in order to squeeze money from the Windows Azure cloud without cannibalizing Windows Server and tools.?

Free On-Demand Webcast - Virtualizing the Hard Stuff


Business guru tries to silence bloggers over 'misleading' mailshot
Publish Date: Fri, 09 Jul 2010 12:55:04 GMT

ASA aware and investigating

A marketing mailshot, similar to one described as misleading by the Advertising Standards Authority in April, is reappearing in British offices across the country - and bloggers who complain are getting hit with threatening legal letters.?


Android slurps market share from Apple, RIM, Microsoft
Publish Date: Thu, 08 Jul 2010 22:17:12 GMT

Google OS to eclipse Redmond

Android's share of the US smartphone market surged 4 per centage points between February and May, according to research outfit comScore, putting Google on the verge of overtaking Microsoft for the number three spot behind RIM BlackBerry and Apple.?


Facebook buys, kills travel rec site
Publish Date: Thu, 08 Jul 2010 19:47:44 GMT

We want your talent...bitch

Facebook has acquired NextStop, a San Francisco-based startup that let netizens share advice on where to go and what to do.?


SCO rises from the dead (again)
Publish Date: Thu, 08 Jul 2010 17:12:47 GMT

New trial, please

SCO has risen from the grave. Again.?


Financial Director - Audit News


FRC chief calls for audit overhaul
Publish Date:

Neil Hodge, Financial Director, Monday 24 May 2010 at 22:30:00

The financial reporting regulator highlights the issues with audit and calls for debate, reports Neil Hodge

The head of the UK accounting regulator has said that it is time to review the value of audit in the wake of the financial crisis.

Chief executive of the Financial Reporting Council (FRC) Stephen Haddrill says that the crisis, during which the role of auditors came under the spotlight, should lead to the function of audit being re-examined. ?Just when audit is needed more, the impression is growing that it is delivering less,? he adds.

Haddrill made the remarks at the Institute of Chartered Accountants of Scotland?s Aileen Beattie Memorial Event in London at the end of April. ?Audit is a key part of high quality governance,? he told the audience.

?The auditor sees the company?s approach to risk. The auditor challenges management?s judgement on the financials. The auditor reports to shareholders on whether the company is providing a true and fair view of the business. The investor only sees the tip of the iceberg of work. But nevertheless investors are relying on that work being done,? explained Haddrill.

The Treasury Select Committee has heard from various figures within the industry over the past year ? Haddrill included ? in order to ascertain whether there was a failure of oversight on the part of the audit profession during the banking crisis. While no-one has accepted formal responsibility, there has been a general acceptance that audit can tighten its procedures in the hope of avoiding a repeat.

Haddrill also said that the pre-eminence of the City as a financial centre meant

that audit must be seen to provide full oversight in order to reassure international equity investors.

?Overseas investors are taking a larger share in the equity of our markets. So as influence is lost, good corporate reporting and strong auditor oversight become all the more important,? he says.

The FRC expects to publish its thoughts on the subject later in the year. Michel Barnier, the new European Union internal market commissioner, has also said that the role of auditors needs closer scrutiny, and announced the process will start with the publication of an EU green paper on the subject in the autumn. That will most likely be a broad discussion document used in Brussels to pave the way for more specific legislative proposals.

Debate welcome

The Big Four accounting firms said they welcomed the debate on how the audit profession can better serve the needs of investors, especially on a global scale.

John Flaherty, assurance leader for the UK & Ireland at Ernst & Young, said: ?It is clear that there is a desire to explore how audit may be enhanced.?

He added that ?in the same way that regulation needs to have a global approach, a global solution to the future of audit has a much greater chance of meaningful and lasting impact?.

Richard Sexton, head of assurance at PricewaterhouseCoopers, says that ?investors tell us there is a high level of confidence in the audit, although they and we recognise that its current scope is narrow. The time is ripe for a full debate on the whole reporting model and the role the audit should play in it. Pricewaterhouse­Coopers is determined to play a key part in that debate.?

Oliver Tant, UK head of audit at KPMG, believes the the audit model is ?working, but in the light of recent events it may be that the auditor could do more. Rather than talking about restricting the role of the auditor, the debate should be around what more the market can gain from the auditor?s knowledge and skills.?

Recommendations

FRC chief executive Stephen Haddrill made several complaints against the current usefulness of audit. The key faults were:

Accounting standards have allowed management more discretion in the valuation of assets, which means that these values that are hard to pin down for complex instruments.

The role of the auditor has become more confined ? everyone with an oversight role has concentrated on their own job, rather than sharing information with other parties that would best serve a wider objective of financial stability.

The market has not set higher expectations of what it wants from external audit ? instead, it has applauded lower audit fees rather than higher quality.

Haddrill said that the areas he would like to address include:

1 Achieving a strong alignment between the auditor and the interests of the shareholder

2 The question of whether change is needed to make audit reports more useful

3 Considering whether more information about risk needs to be provided at the front of audit reports, and if the auditor should provide greater assurance

4 If auditors can give more help to regulators and avoid conflicts of interest in doing so.

Further reading

To read Stephen Haddrill?s speech in full, click here

The Treasury Select Committee?s recent sessions on the role of audit


Accounting: Examining the role of statutory audit
Publish Date:

Peter Williams, Financial Director, Monday 24 May 2010 at 22:30:00

Is statutory audit worth the money when most European businesses don?t do it?

Statutory audit has become such a natural part of the corporate governance furniture that many have forgotten what it is for. Why not scrap and swap it instead for assurance work, to be led by the demands of the market, not by governments?

Of course, after the financial crisis it may be hard to persuade politicians and regulators that an auditor?s visit should be a matter of choice for companies and their investors.

But audit has lost much of its grip on corporate life ? and does not appear to have been missed that much. In the UK, with only one or two caveats, businesses only need to appoint an auditor if turnover reaches £6.5m or balance sheet values exceed £2.26m. The threshold varies across the European Union (EU) but the net result is that, according to figures from the Association of Chartered Certified Accountants (ACCA), 98.7 percent of European companies are excused a statutory audit. But at the same time, those companies collectively employ almost half of Europe?s workforce. They matter.

If audit has been scrapped for small business, why keep it for large entities? According to Stephen Haddrill, the Financial Reporting Council?s still-new broom, auditors are needed because the shareholders of large companies have become more fragmented, so investors have less power to challenge management. He claims the era of insurance companies and pension funds wielding power is waning. They now own less than 15 percent of the shares on the London market, preferring bonds to equities. Overseas investors are taking a larger equity share and concentrated influence is lost. Auditors are sometimes accused of acting like management, forgetting they are meant to report to shareholders: in this scenario of disappearing investor influence, they are more like surrogate shareholders.

If auditors were forced out from behind the skirts of legal privilege, they would stand on their own two feet, proving their worth and delivering better value. That might lead to a more transparent audit process, and more robust audit reports. Such a move towards privatisation would also help auditors with their long-standing campaign to improve the liability arrangements that are just not working.

Most importantly, such a bold move would reverse the growing impression ? pointed out by Haddrill ? that just when audit is needed more, it is delivering less. He raises two examples of falling value. First, accounting standards have allowed management more discretion in the valuation of assets. This has resulted in a wide range of valuations of the same asset, which makes the audit process look pointless. Second, as was highlighted by the parliamentary investigations of the financial crisis, the role of the auditor has become confined to an oversight role. The wider thinking ? and contact with others in the regulatory framework ? no longer happens.

The EU and its member states are due to re-examine the role of audit with an overhaul of the fourth and seventh accounting directives, due to start at the end of this year or early 2011. The most likely outcome is that member states will be allowed to raise audit thresholds, gradually nibbling away at the hold of statutory audit. But there is little appetite for scrapping the audit law outright: it is seen as a minimum, a lowest common denominator safety net. Keep the statutory minimum, however, and there seems no way to raise quality and aspiration.

One final fact from ACCA?s audit briefing. While under EU law, only 0.3 million audits are required, and 1.4 million are actually performed. There is a host of reasons why non-statutory audits happen, but happen they do. Scrapping the statutory audit may be just the step required to deliver the value from audit that all stakeholders need.

To read more thinking on the future of statutory audit, see Robert Bruce?s column, Corporate Governance: Does governance exist in a world of short-term investment? Peter?s column returns in September


The Non-executive: Understanding the role of the audit committee chair
Publish Date:

Eric Tracey, Financial Director, Monday 26 April 2010 at 22:40:00

Our new columnist ponders the role of the audit committee chairperson in hiring and firing subsidiary FDs

The role of listed company audit committee chairs in the appointment or removal of subsidiary company FDs varies widely. In many cases, possibly the majority, there is no involvement of the audit committee chair at all. But, in my experience, their engagement in such an issue is in the best interest of the business as well as the subsidiary FD.

It is clearly in an audit committee chair?s interest to have sufficient contact with the FDs of major operating subsidiaries ? how much is sufficient is another topic ? not only to enable the audit committee to discharge its duties in relation to reviewing internal controls and assessing the quality of the finance function, but also to facilitate effective two-way communication.

In cases when that is the only time those FDs ever meet the audit committee chair, dialogue is likely to be pretty stilted and, for the FD, may feel more like an inquisition than a meeting. Feeling under interrogation can reduce the effectiveness of their contribution, a contribution that is even more important when that subsidiary FD thinks they may have discovered inappropriate accounting or, worse, by their predecessor, for example.

In those circumstances, that FD may feel at best lonely, insecure and worryingly

uncertain over what to do next, especially if the messages from their group-level executives are not wholly supportive or even consistent. Having someone they can turn to without breaching confidentiality obligations is a godsend if they have not come across such a situation before; that goes for the FD and the board.

It can be difficult for someone in such a situation to assess whether the examination of allegations against them by the board amount to sensible questioning to get to the bottom of the matter, or pressure not to rock the boat. The state of denial people often get into in such circumstances can be quite extreme and very difficult to deal with; the worse the initial suspicions , the greater the chance of ?it cannot be true? becoming the knee-jerk response.

An audit committee chair is likely to have seen this sort of thing before, by virtue of their experience, whether as an FD or as an auditor, for example. The committee will want to know that any allegations of wrongdoing are being properly examined and that evidence is not being lost. It may even have to provide moral support, as well as guidance, to the subsidiary finance director.

This is true whether or not the FD?s initial suspicions turn out to be well-founded. In the latter case, it is important that the FD doesn?t lose confidence in their own judgment and risk failing to properly follow up any future concerns that might crop up.

What if the FD discovers that the audit committee chair is of no help, or not up to it? You might say it is a bit late to discover that after joining the company, and even worse to make such a discovery after a problem has come to light.

That is why any candidate for the role of subsidiary FD should want to meet the audit committee chair as part of the recruitment process, as well as the executives ? typically the subsidiary managing director and group FD ? who run the process. Should you lose out because another candidate made a better, more informed judgment on these relationships, a good headhunter will ensure any messages of no confidence in any of the parties get delivered properly to the company.

That is why the company can also benefit from such an involvement of the audit committee chair in the recruitment process.

Eric Tracey is a chartered accountant and has served as FD for Wembley and Amey. He is a non-executive director, governance adviser and audit committee chair for various listed businesses in the UK and abroad. This column returns in July.


Corporate Governance: Repo accounting and the pressure to massage figures
Publish Date:

Robert Bruce, Financial Director, Monday 26 April 2010 at 18:00:00

Repo 105 is not a scandal ? it?s a revelation of the pressure that companies are under to massage quarterly figures

There are two things that need to be learned from the most recent, and voluminous, report on the collapse of Lehman Brothers. (Whether they will nor not is another matter.) The first is that the report underlines once more, with terrible gravity, that the role of the finance director is not to pull the wool over people?s eyes, though they sometimes do in the line of duty. The second is that US business culture almost insists that good businesses should mislead people.

Back when I wrote a weekly column in The Times, I used to take a shortcut to the newspaper?s central London office through the yacht marina at St Katharine?s Dock, just east of Tower Bridge.

Often, as I walked past one gin palace docked there, I would smile to myself: the boat had the name Fourth Quarter. The name transported me from London to New York ? and summed up the cultural background to US financial reporting.

The fourth quarter is when you pile everything you can into the figures and boost the results, the share price and your remuneration. True, it goes on in any economy. But in the US it is a pivotal part of the cultural swagger of big companies. And this report had it writ large.

Sure enough, that was what was going on at Lehman. We learn this, as if we hadn?t known it in our hearts all along, from the report compiled by Anton Valukas, the lawyer and bankruptcy court-appointed examiner whose job it was to identify anyone involved in the bank?s collapse who can be sued blind for any cash that is going.

It captures just how demanding the needs of quarterly reporting are: it is an endless task to come up with new ways of ensuring that, come the final day of each quarter, the balance sheet looks as wondrous as it can.

Take this quote from the report, from an email which bounced into inboxes around Lehman on 27 March 2008.

?We are very much in need of balance sheet. We must move things off by the end of the quarter. I need you all to go back to clients and offer them discounts to move things off. We have a lot of wood to chop in a short period of time but we can?t afford to fail. If this means leaving profit and loss on the table, so be it. If you have questions get back to me but we HAVE TO DO THIS!!?

The technicalities around how Lehman did it are almost incidental to the lessons to be learned from the affair. And let?s not forget that Repo 105 can hardly be seen as a rare occurrence: it is the kind of financial engineering that we know is commonplace and not always looked down on.

Even so, there will be much arguing in courts to come: the likelihood is that, under US accounting rules, Repo 105 was OK, while, though the ruse was conducted under the auspices of UK regulation and international financial reporting rules, it may still not have actually been lawful in the UK. Judging by the 2,000-page report, we could be looking at cases that roll through the courts for years ? or that take years just to get to court.

The emphasis within the report is more about who can be sued than the specifics of financial reporting rules. It is just as much of a smokescreen to argue that this is about accounting rules as it is to suggest that it is an auditing issue.

The essential point is that businesses are run by directors, not by the setters of accounting standards or by auditors. None of this great scandal would have come about if directors, in particular the three CFOs named and shamed in the report, who often claim that they are the conscience of the board, had done so. Their essential task should have been telling it like it is. They did not.

Robert Bruce is a leading commentator on accountancy issues

Repo accounting is to be reviewed ? read more here


Financial Director's Auditor Relationships Survey
Publish Date:

Lucy Quinton, Financial Director, Wednesday 24 March 2010 at 21:03:00

The upheaval of a new auditor ? or better use of an existing one? Lucy Quinton sifts through the results of our survey on auditor relationships and uncovers where FDs can maximise on those To download a full PDF of the survey, click here

Preparing a company for an audit has been said to be about as much fun as root canal surgery or a coast-to-coast red eye flight. However, while the relationship between the company?s board, its finance director, its auditors and its audit committee has never been a particularly harmonious one, it is more pivotal than ever as everything from what companies pay for audit services, to what all stakeholders get back is under unprecedented scrutiny.

In the past year, we have seen significant scrutiny of auditors undertaking non-audit services for auditing clients ? consultation on this is currently being run by the Audit Practices Board (APB) ? while influential bodies such as the Association of Chartered Certified Accountants say they do not believe a separation of audit and non-audit services is either possible or desirable.

Weighing in for business, The Hundred Group of Finance Directors, in its response to the APB?s consultation, simply called for greater transparency ? but no rules stopping their auditors undertaking non-audit work for them.

Committee strength

The audit committee, meanwhile, is in an evermore powerful position, not just in terms of assigning non-audit work to an auditor but in its ability to recommend and choose the auditor from the beauty parade that usually ensues when the incumbent?s term is coming to a close. As smaller audit firms gain ground and fight on price, the Big Four have to prove their worth more than ever before.

Perhaps it is these pressures on the sell side that explain the headline result from a survey on how happy FDs are with the service they get from their auditors, which Financial Director ran in association with KPMG. Of the 200-odd FDs who responded (from our readership and picked at random by us, not by KPMG) most tell us their relationships with auditors and their audit committee have improved in the past year.

The fundamental reason behind it, the survey says, was increased communicatio n between the FD, the auditor and the audit committee and a heightened sense of working to a common goal. As a result, there has also been an improvement in the understanding of business, compliance and risk issues by audit committee members. The 84.5 percent who said their relationship with their auditor had either improved or significantly improved in the last year indicates how well these relationships have been managed on the whole.

?Auditors cannot afford to create blocks,? Oliver Tant, head of audit at KPMG, told Financial Director in response to the survey.

That does not mean all is rosy. Some 15 percent of FDs say they are unhappy with their current auditor with specific reference from respondents to the increasingly excruciating level of detail in the audit process. Others found errors in accounts the auditor had missed or found a general drop in the quality of the audit performed. One found their auditor sending staff over that the client had previously made complaints about.

As shareholders have lost confidence, the auditor?s role has become more challenging. When it comes to the beauty parade, competition between the large auditors is tough and the traditional areas in which they joust ? cost and reputation of the firm as well as the lead auditor that will head up the team sent in to undertake the audit process ? have been added to of late. FDs who responded to our survey say the most important qualities an auditor should offer now are speed ? the time it takes a firm to respond to the client in need of accounting guidance, which nearly 15 percent of respondents say is a headline issue for them. In addition, 19 percent of respondents tell us that insight into emerging markets is near the top of their wishlist for auditors to improve, more than those who were asked in the same question if they wanted to see more fees become more competitive.

Title challenge

Of course, the dominance among FTSE-100 companies of the Big Four as auditor remains strong. But all this could be about to change, according to David Evans, senior partner at Mazars. Commenting on the results of a survey on audit quality run recently by the publisher of Financial Director and revealed in our sister title Accountancy Age, Evans says that mid-tier firms ?punch way above their apparent weight and can more than match up to the perceived performance of this group?. This means that FDs can look forward to increased levels of competition from audit providers ? which could also increase standards in the areas in which they wish to see an improvement.

Compliance fears

The majority of participants want greater assurance in two areas: compliance with industry regulatory bodies and compliance with the whims of the taxman. Not surprising given the amount of regulatory movement post-recession. That said, nearly half say they did not anticipate expenditure on that to rise: so either they will be looking for a cheaper, more effective auditor, or they will be squeezing their current one to do more for less.

We also asked FDs to tell us about the relationship they had with their audit committee and how the relationship might have changed in the past two years. Sixty-three percent say it has stayed the same ? but another 25 percent say it had improved somewhat. Only 5.1 percent report it as having deteriorated. Many report their audit committees are now better acquainted with their business on the ground and have a greater respect for the job of the FD as a result of better communication.

Comments from FDs include: ?In-depth understanding and a realistic approach to impairment?; ?supportive and providing good quality advice during poor economic environment?; ?greater understanding of our industry and prompt guidance from the auditor on ethical issues?; ?good communication and learning curve on both sides?; and ?there is trust and professionalism in our dealings and mutual respect.?

This year is certainly shaping up to be an interesting one, particularly in terms of the outcome of the conversation over the award of non-audit work to auditors and where the boundaries should lie.

Whatever else the results have revealed, we have found that FDs now have an opportunity to review what they pay their auditor and what they get for their money; and whether their current auditor can be haggled with ? or whether it is time to look for a fresh, perhaps more economically competitive view.

You can read the analysis of the recent study on audit quality here


Regulator consults on code
Publish Date:

Neil Hodge, Financial Director, Saturday 19 December 2009 at 10:00:00

Director accountability and risk management under greater scrutiny as the FRC begins consultation on reform

The Financial Reporting Council (FRC), the UK?s corporate reporting regulator, has launched a consultation on its proposals to reform the UK?s Combined Code on Corporate Governance in the wake of the current financial crisis.

While the FRC has not found evidence of serious failings in the governance of British business outside the banking sector, it believes that the proposed changes to the Code are ?sensible improvements? that would benefit governance in all major businesses. The new Code ? which will be renamed ?The UK Corporate Governance Code? to avoid confusion among overseas investors ? will also apply to foreign companies operating in the UK if they apply for premium-listed status only available to equity securities issued by trading companies, closed or open-ended investment equities.

The main proposals put forward by the FRC are;

  • The annual re-election of the chairman or the whole board. The FRC also recommends that the board should set out for shareholders why they make those recommendations, in papers accompanying a resolution to elect a non-executive director
  • New principles on the leadership of the chairman
  • New principles on the role, skills and independence of non-executive directors and the level of time commitment to ensure the board is well balanced and challenging. The FRC wants the Code to mandate the board to appoint a non-executive director to act as a senior independent director, providing a sounding board for the chairman and to serving as an intermediary for the other directors when necessary
  • Evaluation of the board to be externally facilitated at least every three years, while the chairman should hold regular development reviews with each director
  • The FRC proposes that the board is ?responsible for defining the company?s risk appetite and tolerance? and that the board ?should maintain a sound system of risk management and internal control to safeguard shareholders? investment and the company?s assets?. However, the regulator wants to add a new provision based on the Turnbull guidance, which states that the board ?should satisfy itself that appropriate systems are in place to identify, evaluate and manage the significant risks faced by the company?
  • An emphasis that performance-related pay should be aligned to the long-term interests of the company and its policy on risk.

In line with Sir David Walker?s report on the corporate governance of banks and financial institutions, the FRC has proposed a number of other changes to the code extending its remit, including:

  • The FRC taking responsibility for a Stewardship Code for institutional investors, as recommended by Sir David Walker;
  • Considering options for producing practical guidance on good practice engagement between companies and investors;
  • Carrying out during 2010 a limited review of the Turnbull Guidance on Internal Control, on which there will be separate consultation, while
  • The FRC has commissioned Institute of Chartered Secretaries and Administrators to work with others on its behalf to update the good practice guidance from the 2003 Higgs Report which addresses, for example, the roles of the chairman and non-executive directors.

In addition, the FRC may propose limited changes to its existing guidance to audit committees, depending on the outcome of work being undertaken by the FRC?s Auditing Practices Board on the provision of non-audit services and audit partner rotation.

Well received

The FRC?s proposals have been largely welcomed, though with some reservations.

Margaret Cassidy, director of corporate governance at PricewaterhouseCoopers, says the FRC ?has introduced a welcome change to the focus of the code, away from the box-ticking approach driven by provisions to a more thoughtful one centred around enhanced principles.?

She adds that the proposals ?cast a spotlight on the pivotal role of the chairman, whose leadership style can be expected to come under greater challenge from investors in future. In addition, greater clarity around the board?s responsibility for risk management should lead to a more rigorous application of the existing Turnbull guidance for directors on internal controls.?

Richard Wilson, audit partner and leader of the independent director programme at Ernst & Young, says he very much welcomes the introduction of a Stewardship Code, which he believes ?should help to improve further the engagement of shareholders in influencing the governance of companies?.

Peter Montagnon, director of investment affairs at the Association of British Insurers, says the proposed amendments ?highlight some important issues, including director accountability, board evaluation and risk management?. However, he adds that the institutional investor ?has expressed reservation about the annual election of chairmen alone, because this can be too-blunt an instrument.?

Consultation on the draft revised Code ends on 5 March 2010. Subject to the outcome of consultation and the necessary changes to the London Stock Exchange Listing Rules, the FRC intends that the revised Code should apply to all listed companies with a premium listing for financial years beginning on or after 29 June 2010.

Useful links

Copies of the FRC?s report, the consultation document containing the draft revised code and other documents relating to the review are available at www.frc.org.uk/corporate/reviewCombined.cfm

Responses to the consultation on the draft revised code are requested by 5 March 2010 and should be sent to codereview@frc.org.uk


Accounting ? Letter of intent: Don't blame the auditors
Publish Date:

Peter Williams, Financial Director, Monday 23 March 2009 at 18:30:00

An open letter to Treasury Select Committee chairman John McFall says auditors aren?t to blame for the crisis

Dear John,

In investigating the banking crisis from every angle, you have called many eminent witnesses, including representatives of the auditing profession. They will forgive the comment, but they are all from the Establishment, so it may benefit the Committee to hear from a different perspective: that of Financial Director, whose editors and journalists have, for the last 25 years, been commenting on, inter alia, financial reporting and auditing issues.

You will have established that this banking crisis was not spawned primarily by an auditing crisis, though weaknesses in the system of auditing, regulation and supervision exacerbated the problems caused by your favourite people, the bankers. You will also have established that banks are incredibly complicated organisations, both in sheer size and by way of the many different businesses and business models existing behind the façade ­ further complicated by the lack of business model homogeneity in the sector. Auditors are expected to get their heads around the business and pass opinion? well, on what, exactly?

Re-reading the evidence from your audit panel session, perhaps you may have felt somewhat frustrated by the lectures you got on what audit was and was not designed to do, roles, you are told, laid down by parliament. This is defensive and unhelpful. Forget the talk of watchdogs and bloodhounds: in essence, auditors have one definite role and one possible one. The definite ?do it now? role is to comment on the financial report at a particular moment in time. This brings its own problems: you try valuing complex derivative products. The other possible role for a statutory audit is to see whether a bank has enough capital and reserves to see it through a financial or economic shock. But it is, as you may have gathered, not a burden the auditors want to shoulder. They believe it is the work of the board or the regulator. Why do auditors fight shy of extending their remit? Well, one part of a bank may have 10,000 models for 100,000 transactions.

At the moment, auditors look at the bank systems and controls and how they generate the model. In other words, the audit is about the reliability of the processes rather than whether individual models are giving the right answer. To go to this level of detail you would have to increase the audit resource several fold. Moreover, while ?going concern? may look at particular funding questions, concerns about future risk do not currently lie within the auditor?s remit.

Another intractable problem you should be aware of is the scarcity of bank auditors. The best of them probably number only hundreds across the globe. The idea that one can just magically conjure up bank auditors is fanciful, made worse by the size and scale of multinational banks, meaning that audit work is, in reality, the sole preserve of the Big Four. Conflicts of interest abound and if one of their number collapsed, it would render bank sector auditing near impossible.

Even allowing for this difficult backdrop, given the scale of the crisis, the audit profession can and should help. Your Committee could ask government to engage the Financial Reporting Council to take the lead on examining key aspects of bank auditing and involve external stakeholders such as bankers, regulators and investors.

There is an obvious agenda in the working group. The first task should be to start reviewing the Auditing Practices Board?s practice note 19, on the audit of banks and building societies in the UK. Updating may not be possible yet, but it will have to happen. The FRC should work with the Bank of England and the Financial Services Authority to review the relationship between auditors, regulators and banks to ensure there are no gaps in regulation and that auditors have the freedom they need to express their views and concerns on banking clients.

The FRC?s Audit Inspection Unit should re-examine all the audit files of the banks to ensure the work is of sufficient quality, relevance and consistency. Finally, the Financial Reporting Review Panel is examining the banking sector as a priority, but explicitly, they should review all banks? accounts, no sampling here. You may want to ask them to furnish you with a report before your inquiry ends later this year, focusing on the requirements for companies to comply with the business review, where the Companies Act 2006 has introduced two important changes. The review is now meant to help shareholders assess how the directors have performed their statutory duty to promote the company?s success. All business reviews must contain a description of the principal risks and uncertainties facing the company. Business reviews are required to refer to the main trends and factors likely to affect the future development and performance of the company: banks should be doing this, too.

That?s a substantial and important to-do list for starters, which the auditing profession should be encouraged to adopt.

Yours in hope,

Peter Williams


HMRC audits fail importers
Publish Date:

Neil Hodge, Financial Director, Monday 24 November 2008 at 15:30:00

Attempts to reduce bureaucracy on importing goods has left importers facing uncertainty and potential financial loss

The UK?s spending watchdog has found that British import businesses are worried HM Revenue and Customs? attempt to ease some of the administrative burden on shipping and receiving goods could potentially put them at financial risk.

In its report The Control and Facilitation of Imports, the National Audit Office (NAO) found that by reducing the number of audits and inspections it does, HMRC may not only be miscalculating tax revenue, but also putting importers at risk because they could be liable to pay back taxes at a future date for filing incorrect reports.

While HMRC?s strategy to limit the number of checks carried out at the border has brought benefits, it has also brought some uncertainty about whether they are paying the right amount of tax and duty, and the risk of sizeable back duty demands if they make a mistake.

Error count

Indeed, the watchdog found that while the frequency of importer audits is decreasing, error is actually increasing. In particular, new importers appear to have difficulty in complying, with this group experiencing error rates of nearly 50%. Furthermore, according to the NAO, while HMRC checks traders? documents for more than 280,000 imports each year, nearly one in five of these checks are not carried out correctly.

It is an area of real concern. The NAO found these businesses welcome audits because they provide some assurance they are correctly complying with their obligations. But feedback suggests they view this as an area where HMRC does not perform strongly. One of the main criticisms raised is importers find it frustrating to take assurance from a successful audit only for errors to be discovered in subsequent audits and back duty demands issued.

Such faults are partly a result of how the responsibility for managing customs activity is divided among various directorates and that international trade is a minor function for most of them. The NAO found that accountability and reporting lines are blurred and that there is limited control of the end-to-end process.

Importers also find the burden of audit increases when customs staff lack an understanding of the industry sector and the skills and knowledge appropriate to carry out an efficient and effective audit. Increased bureaucracy and changing regulations are also causing headaches for traders, as well as costing them money. Big Four auditor KPMG estimates that the administrative burden for UK business of complying with customs regulations is about £800m.

As part of their normal business, traders carry out their own checks, and may discover under or over payments. But under EU legislation, traders have to correct errors on an entry-by-entry basis, so they have to submit separate schedules for under and over payments rather than a single schedule. HMRC has initiated discussions with the European Commission to allow a single schedule. There are differences in the processes for correcting under-and over-payments, hence importers regard applying for repayments as one of the more onerous areas.

Descriptions of goods can also be a source of frustration. Currently, for each import, traders have to complete a declaration including classifying the goods by commodity code. Every commodity has a unique ten digit code based on its description and composition which determines the duty rate and any restrictions; at present there are some 16,000 commodity codes.

But classifying goods can be difficult because one item may potentially come under more than one code. For example, a trader applied to HMRC for a commodity code for an Easter snow globe made of glass with a polyresin base, containing a depiction of bunnies and spring and playing music. HMRC considered that it could fall under four categories (including the definition of a ?glass? item and a ?festive item?) and the issue was sent to the EU for clarification. This all takes time.

Speeding up processes

The EU and HMRC have tried to speed up the process. As permitted under EU legislation, HMRC runs the Customs Freight Simplified Procedures which allow businesses to complete a simplified declaration at time of import and submit a supplementary declaration by the fourth working day of the following month. Traders are authorised to use the procedures subject to meeting specified criteria and having a good compliance record. The procedures minimise the formalities at the border, allowing customs to focus resources on high-risk traders, while facilitating compliant businesses. In 2007-08, 84% of imports by volume and 30% by value were imported under these procedures. The EU average by volume is 70%. In total, 29,000 traders use the procedures.

Customs also operate a number of EU duty relief and suspension regimes which allow these businesses to take advantage of reduced rates of duty or defer payment of duty. There are 12 main regimes in operation, but the NAO found that because of their complexity, it can be difficult for traders to identify the appropriate regime. They also complain it is difficult to find complete information about how to comply with the requirements of the regimes.

In January 2008, the EU introduced a new initiative called Authorised Economic Operator (AEO). Traders can obtain AEO status after the completion of a full audit to show their systems and processes meet certain security standards. This will entitle them to speedier clearance at the border.

But there are concerns that the audits are resource intensive for the trader and that the benefits in obtaining AEO status minimal.

They have also raised concerns that HMRC does not have adequate resources to carry out audits to the level required by the EU, which means they could potentially face financial penalties for non-compliance. As of April 2008, fewer than 100 import businesses had applied against HMRC?s predictions of 2,000 during 2008-09.


Fed up
Publish Date:

Melanie Stern, Financial Director, Thursday 31 January 2008 at 00:00:00

This month: Fed rate slash; Northern Rock bail-out; predictions of US recession, and more...

US Federal Reserve chairman Ben Bernanke announced a 75 basis points cut in interest rates to 3.5% on 22 January.

Commentators were shocked by the Fed?s reaction, unprecedented for coming a week ahead of the scheduled rate-setting meet, and because the last time it made emergency cuts was in the days following the 9/11 attacks. Moreover, it has been 26 years since such a big cut.

The Fed pointed to tightening credit markets, a housing slump and rising unemployment ­ but no one was left in doubt as to what the message was: that recession is too close for comfort.

Bank of England Governor Mervyn King, speaking at an Institute of Directors dinner in Bristol the evening the Fed made the cuts, indicated no copycat move from the BoE and said that he thought it was the job of the markets to correct themselves, not central banks. But we?ll soon see if the UK follows the US off the contagion cliff.

Con Bonds?

Alistair Darling is waiting on the FSA to approve his plan to convert £25bn in Northern Rock debt from the Bank of England, into bonds that the stricken mortgage lender hopes will guarantee a quick sale. Northern Rock shares rose a whopping 46% on news of the offer ­ though were still about 90% below their value at the start of the year.

Davos doom

The US is definitely in for a long, hard recession, a panel of world-leading business heads decided at the annual Davos jolly in Switzerland. The BBC quoted New York-based economist Nouriel Roubini saying a ?severe recession" could last as long as a year. Stephen Roach, chairman of Morgan Stanley Asia, concurred and thought that Asia, especially China, would be hard hit by the slump.

Eastern promise

Gordon Brown attended the launch of the London Stock Exchange's new office in Beijing as part of his drive to attract more Chinese business to the UK. The LSE is already home to more Chinese companies than any other major exchange globally. The office is inside Beijing's Winland International Finance Centre, its logical home with neighbours such as HSBC, Goldman Sachs, UBS, and shortly a branch of the Tokyo Stock Exchange.

Fitch likes Fair

Ratings agency Fitch has said it expects fair value management to remain the central accounting focus for analysts and investors in 2008, in light of the unravelling fallout from the credit and liquidity crunches on sub-prime mortgage-related assets, it said. The firm was to publish a report on fair value accounting as we went to press.

Enron evils

A lawsuit by investors seeking to recover around £40bn from Merrill Lynch, Barclays and Credit Suisse First Boston, following the Enron collapse, had their case rejected by the US Supreme Court, after an earlier ruling that limits the right of shareholders to pursue third parties involved in deals that involved the bankrupt energy firm.

Beyond pensions

BP will not make any contributions to its pension scheme in 2008 because, under its scheme rules, it is permitted to stop making payments once funding to cover liabilities is more than 115% ­ it is now 135%, the company says. BP is the second large oil firm to make such a move, following Royal Dutch Shell.

TECHNICAL UPDATE

Taxation

The government had another stab at taking the pain out of capital gains tax by offering an ?entrepreneurs? relief?, which effectively reduces the 18% CGT rate announced in the last pre-Budget report to 10% for the first £1m of lifetime capital gains. The new rates are expected to come into effect from April 2008.

www.hm-treasury.gov.uk

The House of Lords ruled that the three-year time bar on Condé Nast?s underclaimed VAT should be disallowed under EU law. The Law Lords said that the 1995 UK time limit regulations had been introduced without transitional arrangements. DLA Piper tax disputes partner Hartley Foster says that, as total claims from other litigants against HM Revenue & Customs may amount to £1bn, the government is likely to act swiftly. Taxpayers now have ?a small window of opportunity? to submit claims to HMRC.

www.dlapiper.com/uk

Listing rules

A Financial Services Authority consultation paper on the London Stock Exchange Listing Rules suggests that it might be appropriate for international companies with a primary listing in London to abide by the same Combined Code ?comply or explain? requirements as UK companies and that they should also have to comply with a pre-emption rights regime equivalent to that followed by UK companies under UK company law.

www.fsa.gov.uk


In proportion
Publish Date:

Sarah Perrin, Financial Director, Thursday 31 January 2008 at 00:00:00

Any company that tries to agree an auditor liability cap that is based on any formula other than proportionality may find it has bitten off more than it can chew, if it can?t get buy-in from shareholders

Official guidance is currently being developed to help companies and their auditors contractually agree a degree of limited auditor liability. However, institutional investor groups have made it clear that, for listed companies at least, one of the options included in the draft guidance will not be deemed acceptable.

The draft guidance in question has been developed by the Financial Reporting Council and is based on the Companies Act 2006, which makes it possible for contractual agreements to limit auditor liability to be entered into from April this year. It explains that there are a number of options available for companies and auditors:

? A limit based on the auditor?s proportionate share of the responsibility for any loss;

? A limit set purely by reference to a ?fair and reasonable? test, as decided by the courts;

? A monetary cap (a set figure or an amount based on some formula, such as a multiple of audit fees); or

? A combination of some or all of these options.

Shareholders must vote in favour of any such contracts if they are to be valid.

Investor dissent

Although all the options outlined by the FRC are allowable by law, institutional investors have long opposed the idea of a fixed monetary cap. The Association of British Insurers has now said that it will issue ?red top? alerts when listed companies seek shareholder approval for contracts to limit liability using fixed monetary caps. Such alerts are designed to flag up to investors situations which the ABI does not consider best practice in terms of corporate governance.

The ABI is not alone in its views. The National Association of Pension Funds? voting guideline, issued in November 2007, says: ?Investors should consider voting against resolutions which propose any form of liability limitation other than proportional liability unless there are compelling reasons why that is not appropriate??

Michael McKersie, the ABI?s assistant director of investment affairs, stresses that his organisation does not oppose reform of joint and several liability. ?Joint and several causes difficulties for those with deep pockets, such as auditors,? he says. However, it does oppose the fixed monetary cap option. ?A fixed cap will bear little or no relation to the damage that could potentially be done by auditors,? McKersie says. ?It is an arbitrary amount. But we are happy to contemplate proportionality. Proportionality is the right conceptual approach, though it is quite complex.?

The audit profession appears to accept that proportionate liability will be the option that works in practice, at least for listed companies. ?When a company has to put a resolution to its shareholders, if it knows a fixed cap will be turned down and proportionality accepted, that?s the way it will work,? says Ernst & Young partner Gerald Russell. ?The legislation has allowed caps because not all companies are the same. Ernst & Young agreed a cap with its own auditors a long time ago. But I think with big listed companies, caps are unlikely to prevail.?

Far from ideal

This isn?t to say that all parts of the audit profession think agreements based on proportionality are ideal. As Russell points out, a major firm could still go bust if on the receiving end of a catastrophic claim. ?From a professional point of view, it?s a bit of a shame [that proportionality will prevail], because proportionality is fine, but it could bust a firm,? Russell says. ?That?s not in anyone?s interest.?

However, mid-tier firms seem likely to oppose fixed caps. This is because they would probably be unable to agree caps as large as those agreed by Big Four auditors, thus making themselves potentially less attractive to clients.

Jeremy Newman, managing partner at BDO, is opposed to fixed monetary caps. He feels that most interested parties accept agreements based on proportionality as the way forward. He would like the FRC?s final guidance to give a clear steer on the types of agreement that would be most appropriate for particular situations or clients. ?You would hear applause from the investment community, major accounting firms and I think from corporates, because they would be clear what was regarded as acceptable practice,? he says. ?There is a danger that given ambiguous guidance, people will be scared to do anything.?

A consensus does seem to be emerging that the FRC?s final guidance should come out in favour of proportionality as the preferred basis for agreements between listed companies and their auditors.

The ABI?s McKersie says, ?All interested parties, certainly in the area we look at ­ quoted companies ­ would welcome a clear indication that a proportionate approach is deemed to be the acceptable basis that companies can reasonably rely on shareholders supporting.?

E&Y?s Russell agrees: ?If we know that institutional shareholders are only going for one option [for plcs], then it would be better to have one option. It will save endless individual negotiation if everybody can just pick up the suggested agreement.?


Accounting: Playing low-ball
Publish Date:

Peter Williams, Financial Director, Thursday 12 July 2007 at 00:00:00

The Big Four have a stranglehold over the audit market and it?s a position they are not about to relinquish easily

The Big Four say they welcome the idea of more audit choice for large companies. But do they mean what they say? After all, the concept of greater audit choice for big business implies that the top firms would lose audits, market share and profit.

In this debate, the subject of low-balling has always been the elephant in the corner: something that is really obvious, but which is never properly discussed. The ultimate purpose of predatory pricing is to sell goods or services at artificially low prices with the intent of driving competitors out of the market, or to create a barrier to entry into the market for potential new competitors. If other firms cannot sustain equal or lower prices without losing money, they go out of business. The predatory pricer then has fewer competitors or even a monopoly, allowing it to raise prices above the level that the market would otherwise bear. Audit choice and low-balling are two sides of the same coin.

It is not in the interest of any of the major players to want to open up the question of predatory pricing. The Big Four audit firms don?t want to discuss it, nor do finance directors. So the audit trail on low-balling goes cold. While some accept low-balling as an absolute fact of life, others deny that it ever happens.

Certainly, the documented evidence on low-balling is rare, but every few years there is a low-balling tale or accusation from someone who ought to know. And this keeps alive the idea that absence of evidence does not equate to evidence of absence. The latest explosion came from Jeremy Newman, managing partner of BDO Stoy Hayward, who is leading a sustained assault on the Big Four. A clearly exasperated Newman has put into the public domain the story of a due diligence job for which his firm quoted. Despite the fact that the maximum fee level that BDO Stoy Hayward asked for was a third of the initial price of the company?s auditors, the work eventually ended up being performed by the i ncumbent for around 10% more than BDO Stoy Hayward?s top quote.

It is tempting to dismiss the tale as an example of a canny finance director using a different supplier as a stick with which to beat the incumbent ? and presumably favoured auditor ? into providing the service at a more reasonable price. Or is it, as Newman suggests, predatory pricing designed to force out his firm from competing in certain segments of the marketplace? Significantly, Newman also claims that the Big Four firms are increasingly targeting the clients of BDO Stoy Hayward ? and presumably the other second-tier firms ? by promising significantly reduced fees, which the incumbent is forced to at least match, or risk losing the work. Even smaller independent firms feel the threat of low-balling. These independents find their biggest clients ? significant private companies, but not quoted entities ? are regularly targeted by the Big Four.

One way in which the incidence of low-balling could decrease would be if clients made it clear that being the auditor gave a professional firm no advantage when it came to bidding and winning other work. The downside of that step is, why should FDs bother? It?s convenient to work with professionals who know about your business and can swiftly start to do the task required of them.

The BDO complaint on low-balling has to be seen in the wider context of the overall trends in the audit market. Jeremy Newman chose to release his tale about low-balling at the time that the Financial Reporting Council ? among other roles, the UK?s audit regulator ? is consulting on audit concentration (see www.financialdirector.co.uk).

Part of the recommendations of the Market Participants Group should have an impact on the possibility of low-balling. For instance, the recommendation that audit firms disclose the financial results of their work on statutory audits and directly related services on a comparable basis should ensure relevant information emerges over time about audit firms? current pricing policies. In particular, this may start to illuminate the issue of cross-subsidisation of audit services by non-audit services. The Association of British Insurers suggested to the FRC at the start of its consultation on audit choice in 2006 that there is a risk that large firms, which can afford to sustain such subsidies, can use this device to create a barrier to entry by smaller firms. While companies and shareholders don?t want to be overcharged for poor-quality audit services, the ABI described it as ?simple common sense? that a fair price for audit is a prerequisite for the maintenance of both choice and quality.

The question at the heart of the debate on increasing choice in the audit market is how hard the Big Four firms are prepared to fight to hold on to the market share they have carefully gathered over the years, both through merger and through organic development. All the evidence suggests the answer to that question is easy: very hard indeed.


'Fourget' choice
Publish Date:

Sarah Perrin, Financial Director, Thursday 31 May 2007 at 00:00:00

Despite attempts to promote choice and competition, the Big Four still has a stranglehold on the audit market

Auditing is back on the agenda, though this time not because of a major audit failure or the collapse of a Big Four firm. Not yet, anyway. But recent proposals to encourage more competition for large company audits, increased auditor liability and revisions to international auditing standards could all have an impact on the market for business assurance services.

The debate about how to improve audit choice for larger companies rumbles on, most recently stimulated by another report issued under the auspices of the Financial Reporting Panel. The interim recommendations of the FRC?s Market Participants Group form a package of suggestions directed at regulators, accountancy firms, investor groups and companies. For example, companies, it is suggested, could be required to give more information to shareholders on the auditor reselection process. Similarly, boards could be forced to disclose any contractual obligations to appoint certain types of audit firms.

Same difference

Could such recommendations make a difference to the rather limited auditor choice available to large companies? ?There?s no one thing in the recommendations that will make a difference,? says Richard Everett, director of group finance at Friends Provident. ?Even taken collectively, I don?t think the package of recommendations will make a significant difference in the short term.? Nevertheless, he sees a benefit in keeping the debate about choice in the audit market going.

Although not very concerned about the restricted choice of auditors for large companies, Everett says: ?The root of our concern is that the current situation doesn?t give audit firm incumbents a particularly good incentive to improve services, innovate or improve quality.? Friends Provident?s audit choice is essentially limited to the Big Four. ?It?s a very specialised area of audit and the skills to do that are concentrated in the Big Four,? Everett says. ?It would take a bold move for the mid-tier to invest in these skills.?

Nevertheless, Everett believes large companies can make effective use of mid-tier firms ? if those firms promote themselves properly. ?Speaking from previous experience, in a different organisation we used a mid-tier firm for some specialised gap filling within our finance function and that was working extremely well. There are things firms could do for bigger companies, and that way they could gain their confidence and build up relationships.? he says.

The lack of global presence remains a major stumbling block for mid-sized firms which want to audit large companies. ?We have had approaches from some of the mid-tier firms suggesting they can provide services,? says Ken Lever, FD of Tomkins. ?The problem is that they don?t have the global reach of the major firms.? That said, Lever is sceptical about the truly global nature of the services offered even by the Big Four. ?I think the only firm that did operate truly internationally was Andersen,? he says.

Lever also suggests that the quality of personnel in firms outside the Big Four may be more variable. ?They do have some very good quality people, but the consistency of quality across these firms tends not to be as great as in the larger firms,? he says.

Like Everett, Lever suggests mid-tier firms could provide specialist services to large companies. ?They might look to concentrate on providing internal audit or Sarbanes-Oxley services,? he says, ?but they would have to buy in that resource.?

Perceived quality

He also suggests that market perceptions still encourage large companies to go with the Big Four. ?A lot of what?s going on from an audit perspective is driven by the demands of investors,? he says, adding that it is ?no accident? that the vast majority of the FTSE-350 have Big Four auditors. ?It?s almost seen as the wrong thing to do to have somebody other than the Big Four.? As Lever notes: ?Pioneers get arrows in their backs. Most audit committees are understandably conservative. Most take persuading that there should be any change at all. But why would they be anything other than conservative in their choice??

If there are some lingering perceptions that quality may be better in the Big Four firms, Trevor Dighton, CFO at Group 4 Securicor, would challenge that. Baker Tilly used to be Securicor?s auditors, before it merged with Group 4. ?We were large for them in client terms, and we got a very good service,? Dighton says. ?The level of service and attention to detail you get from the second tier could conceivably be better than from a large firm.?

Now Group 4 Securicor is audited by KPMG, which Dighton says is ?great?. During the tender process which KPMG won, all Big Four firms and Baker Tilly were invited to compete. However, in future Dighton suspects that the choice may be limited to the Big Four. ?We do have a very broad international footprint,? he says. ?We are in 100 countries.? Dighton finds it hard to see how the second tier can close the gap in the near future, whether by organic growth or merger. ?There?s such a big gap between number five and number four,? he says.

Audit fees

But audit choice aside, how about audit fees? ?They are quite high,? Dighton says. ?I would be concerned if they went up much more. It could be something to worry about, with the dominance of the big players.?

Fees have gone up, driven partly by the change to International Financial Reporting Standards. Unfortunately for FDs, some further fee rises may be on the horizon if Ernst & Young?s fears about the impact of the new criminal liability risk facing auditors are realised. Under the recent Companies Act it becomes an offence for auditors if they ?knowingly or recklessly cause a report to include any matter which is misleading, false or deceptive in a material particular?.

As Gerald Russell, a senior partner at E&Y, points out, the term ?reckl essly? is not that well understood in law. ?We are worried this has the effect of criminalising negligence,? he says. ?It may make auditors become more circumspect, which may mean they have to spend more time on certain areas. Auditors faced with criminal sanctions will spend a lot of time on the minutiae of accounts, and time is money.? Even now, with the reams of disclosure required under IFRS, auditors are having to spend more time on such detail and less time on considering the business itself. ?More time is being spent on the accounts package, rather than kicking the tyres,? Russell says.

Separately, it is unclear whether revisions currently being made to International Standards on Auditing (ISAs) as part of the International Auditing and Assurance Standards Board?s clarity and improvements project might also translate into higher audit fees ? or at least auditors trying to negotiate fees up. What is clear is that the future clarified ISAs will be more specific than their predecessors that have already been adopted in the UK. Although the UK?s Auditing Practices Board has been trying hard to stem the tide of rule-based standards, there is only so much one body can do in an international context. Securities regulators internationally appear to support greater specification in ISAs.

What happens for the UK?s auditors depends on the European Commission?s endorsement ? or otherwise ? of the clarified ISAs. With the IAASB around half-way through its clarity project and aiming to finish by 2008, this is something for auditors, and their clients, to keep an eye on for the future.

FDs on their auditors

In the middle of May, we asked Financial Director readers what they thought of the audit market and, indeed, their own auditors. Their responses give much cause for concern.

Respondents to our survey came from across British industry ? from businesse s with turnover of less than £25m up to those with turnover in excess of £1bn. Nearly half said they were audited by a Big Four firm, while about a third are audited by a mid-sized/national firm.

On almost every issue, companies that are Big Four clients scored their auditors lower than did those who use mid-sized or local firms. When asked, 'What value do you attach to the audit over and above compliance with statutory requirements??, 60% scored their auditors at five out of 10 or less ? and that figure rose to 69% for Big Four clients.

The responses almost exactly mirror the results we found when we conducted a similar survey in 1999 ? and in some cases, companies are even more disenchanted with their auditors than they were eight years ago.

Back then, for example, the single biggest gripe among clients of the then Big Five was the quality of junior staff: 51% of them cited this as a problem they had with their auditors. Today, 55% of the Big Four clients make the same complaint.

But fees have leapfrogged up the table of complaints: in 1999, 44% of all companies and 42% of Big Five clients had problems with their auditors' fees; today, 54% of all companies and 61% of Big Four clients cite fees as problem.

One consolation for auditors is that quality of service is less of an issue, though still around a third of respondents today are unhappy with the service provided by their auditors. ?I'm not sure I would use 'service' and 'auditors' in the same sentence,? said one FD. ?Auditors often talk about adding value to my business, in reality they are an inconvenience and have so little commercial understanding that they cannot hope to offer me anything extra,? said another FD.

The full survey report will be available soon. To receive a copy, send an email with the words "Audit survey" in the subject field and your name, company and job title to editor@financialdirector.co.uk and it will be sent to you as soon as it becomes available.


Search to quantify quality
Publish Date:

Peter Williams, Financial Director, Thursday 4 January 2007 at 00:00:00

If the FRC wants to ensure audit quality, it must first define a standard against which performance can be assessed

The Financial Reporting Council (FRC) is on a mission to discover whether the quality of audits is being maintained and improved within the existing legal and regulatory framework. And if audit quality is slipping, it wants to know what should be done about it.

In a discussion paper, Promoting Audit Quality , the FRC has identified the drivers it feels are central to the maintenance and enhancement of audit quality, and examined whether those drivers are under threat.

The FRC has an objective of promoting and maintaining confidence in the audit process and the resulting audit report. It sees this as a key component of the corporate reporting and governance regimes and as a way of promoting an effective capital market.

It defines the achievement of audit quality by stating that users of financial reports must be able to rely on an audit report to give ?a robust and objective opinion? and that the financial statements should give:

? A true and fair view; and

? Have been prepared in accordance with the applicable accounting framework and the relevant legal requirements.

Lacking confidence

While there have been a number of significant developments in the audit process over the past few years, mostly as a result of the Enron scandal, there are still issues that impact confidence in the audit process. These issues include:

? Complexity of financial reporting, which is increasingly reliant on estimates and valuations;

? The possibility that audits will not detect management fraud;

? The relationship between executive management and auditors;

? A lack of transparency of the work of auditors and the judgements they make; and

? The effect of an increasingly prescriptive approach to audit.

Agreed definition

An unanswered question remains over how to determine audit quality. The problem for both auditors and for those interested in the audit product is that there is no single agreed definition of audit quality that can be used as a standard against which actual performance can be assessed. An auditor?s opinion as to whether the financial statements are true and fair is subjective. Different views may be held as to the extent and nature of audit evidence required to support the opinion.

Despite all the changes in company law, corporate governance, the regulation of audit firms and auditing standards, there is limited transparency of the work that audit firms actually do on individual audits and that makes an assessment of audit quality difficult. The audit report ? which although extended in recent years ? is essentially boiler plate and does not provide users with enough information to assess the underlying quality of the audit.

While audit committees have taken a greater role in corporate governance over recent years, users continue to play a limited to non-existent role in appointing and instructing the auditor.

However, despite the difficulties, the FRC has defined four main drivers of audit quality:

? The culture within the firm;

? The skills and personal qualities of the audit partners and staff;

? The quality of the audit process; and

? The reliability and usefulness of audit reporting.

A number of attempts have been made at defining audit quality. The ICAEW?s audit faculty said in its publication, Audit Quality: ?At its heart [audit quality] is about delivering an appropriate professional opinion supported by the necessary evidence and objective judgements.?

The Audit Quality Inspections report from the Audit Inspection Unit adds: ?A quality audit involves appropriate and complete reporting by the auditors, which enables the Audit Committee and Board properly to discharge their responsibilities.?

The FRC says that based on the AIU?s inspection it believes firms do attach considerable importance to quality orientated cultures and do invest in promoting audit quality.? But there are threats to that culture. The FRC says that economic pressures change and that a firm?s culture is threatened by:

? The leaders of the audit function having too little input into the firm?s management decisions;

? Too much emphasis on winning and keeping audits;

? Too much emphasis on non-audit services and related under-investments in audit;

? Excessive cost cutting ? such as reducing partners and staff ? in downturns; and

? Internal training that focuses on client service at the expense of investment in technical competence.

Threats to skills and personal qualities include lack of effective mentoring, failure to retain staff with the necessary experience and expertise, allocating capable staff to prestige clients rather than on the basis of audit risk and insufficient or ineffective training.

An effective audit process is threatened by increased use of computerised audit methodologies that may distance auditors from the company and switch focus to coping with technology rather than evidence gathering.

The FRC also says that over-prescriptive standards and regulations can inhibit judgement and stop audit procedures being tailored to specific circumstances. There is also the danger of client capture where the auditor is too close to the client.

In terms of the reliability and usefulness of audit reporting, some have questioned whether auditors are properly fulfilling their legal responsibilities to consider the adequacy of companies? accounting records and whether auditors? reports should be more informative about key audit issues.

Audit quality is not all down to auditors ? management, audit committees, shareholders, litigation, regulators and the accelerating reporting regime all play their part. Auditors are likely to tell the FRC that all is well. What FDs and others will say is much harder to predict.


Ouside the box: Transparency is key to accounting
Publish Date:

Peter Williams, Financial Director, Thursday 28 September 2006 at 00:00:00

Auditors must show that they have the systems in place to provide objective, transparent reports

When accounting systems started to transfer from manual to computerised in the 1980s, auditors had a problem. For a time, until it became unfeasible, auditors attempted to audit around the IT, relying on the manual controls rather than the IT ones. Many auditors and finance directors will remember that the auditors? systems diagrams used to chart companies? accounting systems showing a box with data going in and data coming out.

Such black box auditing now seems laughable. But in the same way that auditors adopted a black box approach to computerised accounts, stakeholders have accepted a similar attitude to the governance of the auditing profession. As a society we have regulated the edges of the auditing profession by demanding certain standards, but auditors have been under little pressure to prove to the investment community and beyond, through published information, that they have the systems in place to ensure they perform a quality audit.

Despite the auditing profession?s best efforts, this privileged black box approach to their professional life has been steadily eroded over the years as they have been forced by politicians and regulators to increasingly open up to the public gaze.

The latest example of this scrutiny is statutory transparency reporting by auditors of listed companies. This legislation is driven by the European 8th Company Law Directive on the regulation of auditors, which was agreed in June and the measures have to be in place by the end of June 2008.

Transparency reports will cover three areas: financial information; governance/organisation; and quality, and will cover the entire firm, not just the audit practice. According to the Professional Oversight Board (POB) ? the part of the Financial Reporting Council (FRC) responsible for audit regulation ? the idea is to help investors to understand the strengths of particular audit firms. Clear information, says the POB, on a firm?s processes and practices for audit quality provides an incentive for all within the firm to live up to both the spirit and letter of what the firm has promised publicly.

As the POB points out, audit firms enjoy a privileged status in that they alone can act as statutory auditors. And the Big Four firms have an even more privileged position in that they all but dominate the lucrative quoted company sector.

Under this directive, firms will have to explain and prove that they have the skills and necessary processes in place to enable them to conduct audits objectively and effectively. A few years ago, under the auspices of the Audit and Assurance Faculty, the firms produced a substantial report on audit quality aimed mainly at the profession itself. One of the most fascinating elements of the process of producing the report was the discussions between the firms about what constitutes a quality audit and what are the various firms? approaches, tolerance and definitions of doing a good job. As a result of legislation, regulation and auditing standards there is a tendency to think that all audit firms produce the same audit. But this is not a homogenous product. The firms produce noticeably varying audits, yet ones which those responsible would label quality audits. This issue of audit quality is being explored by the POB and the APB and they are developing a public consultation on the drivers of audit quality.

Setting out the drivers of audit quality may assist the audit firms to cope with enforced transparency. When the firms respond to the POB?s consultation, many could claim that they provide much of this information in other reports that are in the public domain.

Until a few years ago, most audit firms published little information about themselves, aside from incomparable and limited figures released to the press, so that league tables could be constructed. Two specific factors have driven a more sunshine policy. First, most firms turned themselves into limited liability partnerships (LLPs) in recent years. The privilege of LLP status came at the price of producing sensible reports and accounts. Second, the UK Government?s 2003 review of auditing in the wake of Enron decided that there was a legitimate public interest in public information of firms that audit public entities. In response, 13 of the 20 largest firms gave a voluntary undertaking to meet government proposals for transparency reporting. This they have done. However, the presentation is currently scattered and is as much promotional as information. Often, it is not couched in specific enough terms for those seeking to make a judgement about audit quality.

Transparency reports will provide public information on issues such as the firms? processes and practices for quality control, for ensuring independence, for partner remuneration and on their governance and network arrangements. This is no longer just a job for the firms? PR departments. The audit profession needs to see the transparency regulations of the 8th Directive as its Combined Code. The time for proper corporate governance of the auditing profession is arriving ? and not before time.


Friends Provident reviews its OFR
Publish Date:

Anthony Harrington, Financial Director, Thursday 28 September 2006 at 00:00:00

As the government ponders plans to introduce a business review, many companies believe that the operating and financial review is still an invaluable report for stakeholders

The government may have got cold feet over the idea of forcing public companies to produce a full-blown operating and financial review, but political jitters have had little impact on some plcs. Friends Provident, in particular, has pushed the boat out on the OFR and believes that the document will form an invaluable part of its reporting to all stakeholders in future.

As Friends Provident?s finance director and CEO-elect, Phillip Moore (pictured), argues, if you believe that stakeholders will benefit from the OFR, then it should be done regardless of the difficulty.

In fact, Moore argues that, while compiling a good OFR is time consuming, it is not that difficult. ?The OFR is basically information that we have internally anyway. It is the strategic thinking and context setting that informs every board meeting. Why shouldn?t we share this with our stakeholders?? he says. Clearly you do not share commercially confidential information, but no one is asking for that, he says.

Am I bothered?

Two things about OFR reporting bother Moore, though not enough to stop Friends Provident from publishing one. The first is the idea that in an increasingly litigious world, some investor, somewhere, will start a class action law suite based on the OFR.

?If you share your strategic thinking with people and then circumstances change, they have to be adult enough to realise that the best laid plans sometimes come to grief. We need some protection, so that we can share information without giving hostages to fortune,? he says.

UK law has no equivalent of the US safe harbour provisions, which allow a company to make forward-looking utterances, in context, without opening themselves to huge claims for damages.

The second thing that bothers him is the inescapable fact that when you combine the OFR and the annual report and accounts you have a document that is too long to be properly informative. ?What we need is for the government to introduce primary legislation that will allow companies to file their report and accounts electronically, and put the full report on their website.

?But the document we send to shareholders and stakeholders, together with the OFR, should strive to be no more than 60 pages long. Not many people want a 200-page brick thudding through their letter box,? he says.

So what does he think about the business review that the government is now thinking of substituting for the OFR? ?If we go back to first principles, our desire is to communicate clearly and responsibly. We welcome any guidance, be it from government, regulators or our stakeholders, as to the sort of information they would like to see in our reports. If a business review moves us towards a greater level of clarity, then that is a good thing,? he says.

Same difference

If the rules change, Friends Provident will simply call the document it currently entitles its OFR, a business review. ?I hear some people saying that the proposed business review is neither fish nor fowl, but it is, nevertheless, a move in the right direction, beyond purely financial reporting,? he says.

David Phillips, head of corporate reporting at PricewaterhouseCoopers agrees with Moore that opponents to the OFR ? and the CBI has been less than enthused about the idea ? tend to overplay the additional workload and expense it would entail.

In fact, he argues, PwC research shows that companies that opt for OFR reporting tend to find that they benefit from greater market understanding of the company?s longer term challenges and opportunities.

?We have done a lot of work on what the base information is that investors need in order to make decisions. It turns out that what investors want is not so much the financial outputs in the annual report and accounts, as the OFR, which helps to explain how these financial outputs are achieved,? he says.

Competitive edge

Piers Evelegh, creative director of Flag, a specialist accounts design consultancy, worked with Phillip Moore on Friends Provident?s OFR report. ?It looked at what its competitors were doing and this was seen as a way of differentiating itself in the market,? he says.

The Friends Provident OFR was well rated by the market when it appeared and the key to its success, Evelegh says, is that it was presented in a way that made a vast amount of information easily accessible to readers who were not necessarily expert users of financial reports. That, in a nutshell, is what the OFR is all about.

Anthony Harrington won the print category in the Business and Financial Journalist Awards, presented by the Institute of Financial Accountants at its 90th birthday celebration, for his work in Financial Director and other magazines. The winner in the TV category was Adrian Chiles of Working Lunch, while the BBC's Evan Davies won the radio category.


Computer Weekley - IT Management News


Difference Engine completes first phase
Publish Date: Fri, 30 Jul 2010 16:11:00 GMT
The UK tech incubator set up last year to transform technology ideas into businesses has completed its first intake with investments already being made into the companies that have emerged.


HSBC saves $1m in energy costs by turning off computers
Publish Date: Fri, 30 Jul 2010 15:35:00 GMT
HSBC has saved more than $1m in energy costs after rolling out technology that shuts down 300,000 PCs during evenings and weekends.


STA Travel signs Azzurri for global wide area network
Publish Date: Fri, 30 Jul 2010 14:59:35 GMT
STA Travel has awarded service provider Azzurri...


UK is largest spender on utilities industry IT
Publish Date: Fri, 30 Jul 2010 14:56:38 GMT
The UK spends more on utilities IT than any other Western European country, according to research by IDC Energy Insight. The report, covering market...


Lunchtime surfers put strain on company bandwidth
Publish Date: Fri, 30 Jul 2010 13:34:58 GMT
Heavy internet usage during...


IT suppliers back coalition government?s IT strategy
Publish Date: Fri, 30 Jul 2010 13:32:07 GMT
The IT industry largely supports the new coalition government's IT strategy - including cost cutting, claims a report by analyst firm TechMarketView. Based...


Prepare for dip in IT jobs market, warns recruitment specialist
Publish Date: Fri, 30 Jul 2010 13:28:56 GMT
The IT jobs market is heading for a dip following recent unprecedented growth in vacancies in the financial...


Tech start-up community thrives in Scotland
Publish Date: Fri, 30 Jul 2010 13:24:12 GMT
A high turnout of IT SMEs is expected to attend Scotland's first Startup Weekend in Glasgow next month. The...


Google is top malware distributor among search engines, report reveals
Publish Date: Fri, 30 Jul 2010 12:58:59 GMT
Google turns out more than twice as much malware as Bing, Twitter and Yahoo combined, according to the Barracuda Labs 2010...


Steria profits rise
Publish Date: Fri, 30 Jul 2010 11:56:53 GMT
French IT service provider Steria announced an increase in sales and profits for the first six months of this year...


Black Hat: GSM hacking tools now available
Publish Date: Fri, 30 Jul 2010 10:53:00 GMT
Security researcher Karsten Nohl has unveiled a suite of tools at the Black Hat hacker convention that hackers can use to listen to GSM mobile phone calls.


Could FiReControl be the next IT project to go?
Publish Date: Fri, 30 Jul 2010 09:56:00 GMT
The government has spent the last couple of months casting a critical eye over large-scale IT projects, and it's looking increasingly likely that FiReControl could be next to be hit.


Millions download suspicious Android wallpaper
Publish Date: Fri, 30 Jul 2010 09:33:00 GMT
Up to 4.6 million users of the Android smartphone operating system have downloaded a suspicious wallpaper app that collects and transmits user data to a site in China


Oracle accused of defrauding US federal government
Publish Date: Fri, 30 Jul 2010 08:54:00 GMT
The US Department of Justice has filed a civil suit in a federal court against Oracle, accusing the company of defrauding the federal government by overcharging for software.


Facebook list highlights need for education and responsibility, say security experts
Publish Date: Fri, 30 Jul 2010 08:50:00 GMT
Privacy groups are up in arms about the publication of a list of more than 100 million Facebook users, containing their names, unique IDs and links to their Facebook profiles.


UK business outsourcing spending plummets
Publish Date: Fri, 30 Jul 2010 07:46:00 GMT
Commercial outsourcing spend in the UK plummeted during the first half of 2010, according to research. A total of ?3bn was spent on private sector...


CW+: Quocirca Report: A gift from IT to the business
Publish Date: Thu, 29 Jul 2010 16:43:00 GMT
IT managers that fail to embrace on-demand services will hold back the organisation they are supposed to be supporting.


CW+: Quocirca Report: Building a case for datacentre infrastructure management
Publish Date: Thu, 29 Jul 2010 16:23:00 GMT
The datacentre is a major cost-base for the majority of organisations, and requires constant changes to be implemented alongside the installation of new hardware and software.


Apple iPhone jailbreaking is 'okay under EU law'
Publish Date: Thu, 29 Jul 2010 15:46:00 GMT
Jailbreaking Apple iPhones to bypass code aimed at limiting the applications and carriers owners can use is unlikely to violate EU copyright laws, say legal experts.


Case Study: How to lower IT support for non-core systems
Publish Date: Thu, 29 Jul 2010 15:35:00 GMT
IT departments often spend a significant amount of time looking after non-core IT equipment. Is there a better way? Jenny Williams investigates how to reduce the time spent on maintaining meeting-room technology.


Computer Weekley - Security News


Millions download suspicious Android wallpaper
Publish Date: Fri, 30 Jul 2010 09:33:00 GMT
Up to 4.6 million users of the Android smartphone operating system have downloaded a suspicious wallpaper app that collects and transmits user data to a site in China


Blackberry faces ban in India
Publish Date: Thu, 29 Jul 2010 08:48:00 GMT
Research In Motion's Blackberry service may be banned in India if the company does not resolve government concerns over security.


Security zone: Cultivating the secure mindset for systems development
Publish Date: Tue, 27 Jul 2010 15:24:00 GMT
In speaking at the inaugural IT Decisions conference held in Birmingham last month, I asked delegates to consider how we can tackle the issue of software security with better decision making and what would be required to make this possible, writes Alessandro Moretti, executive director and head of risk central services at UBS.


Cloud-based phishing kit hacks the hackers
Publish Date: Tue, 27 Jul 2010 09:36:00 GMT
Security firm Imperva has uncovered a new, automated, cloud-based phishing kit.


Stuxnet threat to Windows could get worse
Publish Date: Wed, 21 Jul 2010 14:31:00 GMT
Security firms have identified a new variant of a USB-based zero-day attack that exploits a vulnerabiltiy in Microsoft Windows, including Windows 7.


Mandatory data breach notifications: an opportunity for change
Publish Date: Tue, 20 Jul 2010 14:54:00 GMT
Disclosure of data breaches will be mandatory for all UK organisations within a few years, but data privacy experts say this will be a good thing only if it is done with the right objectives.


Case Study: EasyJet flies to the cloud to up e-mail security and down costs
Publish Date: Mon, 19 Jul 2010 12:35:00 GMT
Budget airline EasyJet has achieved a 35% savings over three years by switching to a cloud-based software-as-a-service e-mail security system.


Skills shortage leaves critical US military systems at risk
Publish Date: Mon, 19 Jul 2010 09:55:00 GMT
US industry, government and military computer systems are at risk of attack, analysts warn.


White paper: Cloud Computing
Publish Date: Mon, 19 Jul 2010 00:00:00 GMT
We are now on the cusp of a significant evolution in information technology: cloud computing has the potential to completely change how organisations? IT is provisioned, managed and protected.


White paper: Cloud Security
Publish Date: Mon, 19 Jul 2010 00:00:00 GMT
For all the talk of cloud computing, a number of concerns persist in the minds of executives considering the adoption of this technology. Towards top of the list of concerns is the question of information security.


Cybercriminals combine Java and Flash to thwart security
Publish Date: Thu, 15 Jul 2010 09:16:00 GMT
The latest report from M86 Security, a company specialising in real-time web and e-mail threat protection, has found hackers are using multiple attacks to get around IT security.


CSF to launch IT security support programme for UK non-profit sector
Publish Date: Tue, 13 Jul 2010 09:48:00 GMT
The Charities Security Forum (CSF) has announced a mentoring programme to enhance IT security knowledge and practice in the UK non-profit sector. The programme was developed because many in the UK non-profit sector lack dedicated information security resource and access to expertise.


Microsoft?s July Patch Tuesday to fix zero-day vulnerabilities
Publish Date: Tue, 13 Jul 2010 08:51:00 GMT
Microsoft's monthly Patch Tuesday security update due for release on 13 July is small with only four bulletins. Two are aimed at addressing flaws in the Windows operating system and two for the Microsoft Office suite of productivity software.


iTunes hack could affect thousands, say experts
Publish Date: Mon, 12 Jul 2010 09:59:00 GMT
The 400 iTunes accounts Apple admitted were hacked by a rogue developer to boost his ratings may be just the tip of the iceberg, say experts.


New phishing attack disguised as a PDF reader update
Publish Date: Fri, 09 Jul 2010 11:04:16 GMT
Malicious e-mail attacks that look like PDF reader updates have been increasing in volume since the middle of June, says Symantec Hosted Services. The...


Hacker accesses details of four million Pirate Bay users
Publish Date: Fri, 09 Jul 2010 08:57:00 GMT
Three hackers claim to have accessed the database containing the details of more than four million users of the controversial Pirate Bay website.


Phishing scams jump as HMRC tax deadlines close
Publish Date: Wed, 07 Jul 2010 12:57:42 GMT
Criminals are likely to target UK taxpayers with phishing e-mails as tax and tax credit deadlines loom in July, warns security firm Trusteer....


Apple tightens security after rogue developer is banned from App Store
Publish Date: Wed, 07 Jul 2010 08:59:00 GMT
Apple has banned a Vietnam-based developer from its online applications store for manipulating sales figures to boost his ranking.


Botnet malware targets Symbian smartphones
Publish Date: Wed, 07 Jul 2010 08:53:00 GMT
New botnet malware is attacking Nokia, Samsung and Sony Ericsson smartphones running Symbian operating systems?


Gartner Research: The impact of cloud computing on suppliers in banking
Publish Date: Mon, 05 Jul 2010 10:55:00 GMT
Banks are adopting cloud services, with SaaS being the most-widely deployed form, mainly in peripheral, non-core solution areas, such as collaboration, customer relationship management (CRM) and HR, but exceptions do exist. Adoption varies by banking segment, with more small-tier and large-tier banks adopting SaaS than banks in the mid-tier segment. Driven by the need for agility, speed to solution and lower, more-flexible cost structures, banks plan to increase their spending on cloud services. There is a growing interest and adoption in the cloud as an infrastructure utility. Most examples to date are in private cloud services in large-tier banks.


 



   
Auditing Security and IT Systems
Copyright 2006-2008. All Rights Reserved. Something missing on this page? Let us know