The widening of Public Interest Entities (PIE) criteria under the government’s audit and corporate governance reform will see many new companies fall under the scope, requiring them to meet new transparency requirements in audit and reporting.
“If you fall into that PIE box, you are required to be more full in your disclosures in your financial reporting,” says Franki Hackett, head of audit and ethics at Engine B.
As such, finance functions should prepare for higher audit costs and will be asked for more information from auditors to meet the new reporting requirements, she says.
“PIEs are considered to be a higher risk, so audits tend to be more expensive because there’s more work in them. […] You will find auditors spend much more time reviewing those controls because they now have to report on their review of internal controls,” adds Hackett.
In June, the UK government published its response to the consultation on restoring trust in audit and corporate governance. The consultation is part of a wider plan to reform the audit and corporate governance sector to prevent further audit failings following the collapse of companies including Carillion and BHS.
“Anything that has companies focusing on enhancing their internal control frameworks and assessing and improving components of their fraud risk framework is really important, especially for larger corporates,” says Don Haymes, CFO at Access2Funding.
The current definition of PIEs extends to listed companies, banks, building societies and insurance firms. However, the scope is broadening to include large unlisted companies with more than £750m annual turnover and more than 750 employees.
Such companies will have to set out how they assure the quality and reliability of the information in their annual reports outside the financial statements, including on climate, risk and internal control.
Companies will also have to explain how they are identifying and addressing risks as well as setting out the steps taken to prevent and detect fraud.
The increased audit demands coming down the line for a new wave of companies means they should begin implementing and updating processes to prepare for the new demands, says Hackett.
“This is not a requirement that’s come into force yet but the organisations that start preparing – if they think they’re going to fall into that bracket – are the organisations that are going to be most ready […] when the regulations come into force.”
Consulting with the company’s auditor is “essential” to understand what the changes under the upcoming legislation will mean for the company and to start planning and acting on those, adds Haymes.
Corporate governance overhaul
One of the most highly anticipated requirements from the government’s upcoming reform package – the possible introduction of a UK-style Sarbanes-Oxley (UK SOX) – was noticeably absent.
Market participants were expecting a similar style regime to the 2002 US Act after the Department for Business, Energy, and Industrial Strategy’s (BEIS) whitepaper on audit and corporate governance made several references to introducing a similar structure in the UK.
Implementing “something like SOX” can force corporate governance to become a “checklist” for firms, says Hackett.
“There are some aspects in which checklists can be good, such as for pilots and surgeons, but in corporate governance, there are areas where a checklist isn’t sufficient.”
In the absence UK SOX, the government has created a gap in addressing the “nitty gritty” of corporate governance and providing “strong requirements on organisations,” adds Hackett.
As such, this places more pressure on the new Audit, Reporting and Governance Authority (ARGA) – which will replace the Financial Reporting Council (FRC) – to create the necessary guidance for organisations, says Jon Holt, chief executive of KPMG UK.
“The apparent decision not to include a UK version of Sarbanes-Oxley in primary legislation leaves corporate Britain with no clearly defined framework for internal controls and risks a pick’n’mix approach to reporting and measurement.
“It will result in investors and stakeholders receiving inconsistent information across different companies unless ARGA provides clear guidance going forward,” he says.