Analysis: Comprehensive regulation of the financial reporting ecosystem 

Compliance requires improved scrutiny of the entire ecosystem, particularly in the case of public interest entities and entities with increased technological complexity and cross-border activities.

What is needed is a holistic approach to all the participants in the financial reporting process to prevent corporate failure from happening in the first instance. Currently, there is fragmented legislation regulating some of the participants or some of their activities in the financial reporting process. Ideally, the regulatory framework should extend to all the key role players in the ecosystem in relation to the activity of financial reporting:

• Accountants as the preparers of the financial statements. This includes the CFO and CEO.
• Approvers of the financial statements. In the case of a company the approval rests on the shoulders of the board as a collective in terms of the Companies Act 2008. A director signs off on the financial statements on behalf of the board.
• Those charged with governance, such as the members of the governing body or board and the audit committee, play a pivotal role in the financial reporting process, and also to challenge and ask difficult questions.
• Internal assurance providers such as the internal auditors express an internal opinion over the internal controls of the entity or its compliance with laws and regulations.
• External assurance providers, including external auditors and independent reviewers, are responsible for providing assurance on the financial statements once they have been approved by the board.

The aim of this holistic regulatory approach is to create a consistent, fair, and certain regulatory regime governing the entire financial reporting ecosystem and holding to account all role players within this ecosystem. The current regulatory framework applicable to auditors and directors should remain and be supplemented with a range of overarching measures to fill the gaps in the regulation of accounting officers and preparers of financial information (CEOs and CFOs, accountants), and those charged with governance (boards and audit committees). This may ask for a completely new regulatory regime authorised by overarching legislation. The current regulatory regime unfortunately applies a very light touch to the financial reporting ecosystem as a whole, with an almost exclusive reactive focus on the assurance provider. In the process, it neglects to effectively and proactively oversee the other crucial players in the financial reporting ecosystem.

Preparers of financial statements
Currently accountants are mostly members of voluntary professional associations and member bodies. Professional bodies are not statutory bodies or regulators and do not necessarily have the regulatory authority to enforce conduct and adherence to standards. Membership is underpinned by compliance to professional codes and the membership rules instead of regulation. A consistent regulatory minimum standard for fit and proper and competency requirements for preparers of financial statements may assist to proactively and consistently close the accountability and liability gaps in the financial statements’ preparation process.

Those charged with governance
Board members are jointly and severally liable for all board decisions, including the approval of the financial statements. However, accountability and enforcement are hampered due to fragmentation in the law and a multiple of regulators across the spectrum.

The differing and fragmented requirements for audit committees across sectors and types of entities include for example the Companies Act, JSE Listing Requirements, Banks Act, Public Finance Management Act, King IV, and industry-specific laws such as the Banks Act. These differences relate to membership, qualifications, skill and experience, independence, duties, and disclosures for those charged with governance. The primary responsibility for the management and direction of a company vests in its board of directors and senior management. In discharging their duties, they are subject to strict fiduciary duties and duty-of-care skill and diligence. Directors of state-owned companies are also bound by the Public Finance Management Act. A directorship is not a profession with entrance qualification requirements, and it is absolutely necessary that directors must initially on appointment, and on an ongoing basis, thereafter, be required to undergo education and training on the law in respect of their duties and responsibilities.

With specific reference to the duties of the audit committee, clarity and consistency is needed on the role of the audit committee as it relates to:

• Overseeing the appointment and continuous independence of the external auditor
• Monitoring audit quality
• Overseeing the effective design and implementation of the internal financial controls
• Assurance providers

Unlike internal auditors that affiliate with member bodies and associations, the external auditor is subject to direct regulatory oversight. In terms of the Auditing Profession Act, the Independent Regulatory Board for Auditors (IRBA) is tasked with the registration of auditors and ensuring the adherence to auditing standards and audit quality. This is achieved through periodic inspections and disciplinary action where required. Sanctions may include a pecuniary fine or de-registration.

The scope of the audit as currently framed in terms of the auditing standards remains a concern. There appears to be an expectation gap regarding the financial statement audit − that is, what is required of an audit in terms of the International Standards on Auditing and what the users of financial statements expect an audit to do. Questions in the public interest are being asked about the auditor’s role in, among others, fraud detection and prevention, assurance of internal controls (including internal financial controls), business viability and going-concern status of the business, as well as the company’s performance. The users of financial statements require the auditor’s opinion to provide an informed view on not only the financial statements of the business, but also other matters required to form a holistic view of the soundness of a business.

The IRBA’s authority and functions extend only to the external auditor in the ecosystem. The World Bank published its Report on the Observance of Standards and Codes: Accounting and Auditing (ROSC) in June 2013. One of the key recommendations contained in this report is that appropriate legislation should be enacted to provide for the regulation of both accountancy organisations and an audit regulatory body. While the auditing profession is highly regulated, there is no national supervision over the accountancy bodies or its members.

Conclusion
Perhaps what is needed is to develop a shared orientation to the financial reporting process and create an environment for improved regulatory harmony. This may mean a single overarching regulator or more deliberate co-ordination between various regulators. The aim is ultimately to close accountability and liability gaps in the financial reporting process between the fragmented legislation and various regulators and member bodies. This could be achieved by identifying high-impact practices that have delivered desirable results in some jurisdictions (Sarbanes-Oxley legislation in the US) and by the use of stakeholder forums to move toward consensus regarding a preferred model, discouraging ‘add-on’ interim regulatory measures that do not address the core of corporate failures holistically. The Financial Reporting Council (FRC) in the UK, for example, takes a holistic approach to regulating the UK financial reporting ecosystem by acknowledging the inextricable links across the different players therein. The FRC’s remit spans across investors, companies, auditors, institutes who train individuals to become qualified accountants, and actuaries. It also sets the UK’s Corporate Governance and Stewardship Codes. In line with recommendations from recent reviews, the FRC will soon be replaced by the Audit, Reporting and Governance Authority which will have broader powers.

But will comprehensive regulation of the financial reporting ecosystem eliminate corporate failures? It may for one yield positive results in better assisting law enforcement agencies to prosecute the perpetrators of white-collar crime. It will certainly hone management’s focus on internal controls over financial reporting by elevating the emphasis on fraud in the control environment and propel the audit profession into a state of audit quality, consistent with the views of a former board member of the US Public Company Accounting Oversight Board.

AUTHOR
Carla Budricks, Deloitte Africa Regulatory and Public Policy Lead. Carla has worked in the professional services industry for 17 years, with a specific focus on laws that impact professional services firms, auditors and accountants.