ISB’s Conceptual Framework for Auditor Independence
By Mark Myring and Robert Bloom
Lessons to Learn?
The authors examine the purpose and scope of the Conceptual Framework for Auditor Independence developed by the Independence Standards Board (ISB). The ISB predicated its framework on an approach that identified threats to auditor independence that could be mitigated by safeguards to reduce the independence risks associated with these threats. The SEC effectively rejected this framework when in November 2000 it adopted its own auditor independence rules that did not include the threats and safeguards approach. Subsequently, the Sarbanes-Oxley Act of 2002 placed further restrictions on auditors’ provision of nonaudit services. In spite of its lack of appeal to U.S. regulators and lawmakers, both the International Federation of Accountants and the European Commission have relied on core ISB concepts in creating their own frameworks.
The importance of a well-defined conceptual framework is clearly understood by the accounting profession. A sound conceptual framework serves as a foundation for standards setting and enhances standards consistency over time. A conceptual framework also provides guidance in solving emerging practical problems.
Auditor independence is one of the most important issues in accounting practice today. Independence increases the effectiveness of the audit by providing assurance that the auditor will plan and execute the audit objectively. High-quality audits enhance the reliability of the financial reporting process by investors and other users, facilitating optimal allocation of capital. Because of the importance of auditor independence to audit quality, the SEC has engaged in substantial rulemaking in this area without a conceptual framework.
The Independence Standards Board (ISB) was created in 1997 by joint agreement of the AIPCA and the SEC. Its mission was “to establish independence standards applicable to audits of public entities in order to serve the public interest and to protect and promote investors’ confidence in the securities markets. The ISB planned to achieve its mission through the issuance of independence standards addressing auditor independence and the development of a conceptual framework for independence. The ISB issued independence standards on discussions with audit committees, mutual fund audits, and employment with audit committees. Several standards developed by the ISB were implemented by the SEC in its Auditor Independence Rules enacted in November 2000.
In addition, the ISB issued a report titled A Conceptual Framework for Auditor Independence (CFAI). The SEC declined to adopt CFAI, principally because it disagreed with the threats and safeguards approach developed by the ISB. With the November 2000 SEC rules, all involved parties agreed that “the ISB has largely fulfilled its mission and that there is no longer a need for a group with the composition and structure of the ISB.” It was formally disbanded on July 31, 2001.
Conceptual Framework Background
CFAI was issued as a staff report rather than a concepts statement because the ISB was unable to complete the due process necessary before it was dissolved. The ISB approved and issued an exposure draft, but did not complete the review of comments received prior to dissolution. However, CFAI represents the views of ISB staff and three academic consultants that used ISB deliberations as reflected in both a discussion memorandum (DM) and an exposure draft (ED) on the conceptual framework, comments from respondents to the DM and ED, and comments from project and ISB task forces.
Purposes and Definition
CFAI serves four primary purposes:
Although CFAI does not contain specific rules on auditor independence, its adoption would have provided a foundation for future authoritative statements on auditor independence. Moreover, it provides guidelines to assist auditors in analyzing and reaching conclusions regarding independence issues absent authoritative guidance. In sum, the report lays the groundwork for enhancing audit independence and, thus, audit quality.
CFAI covers four primary areas: definition and goals of auditor independence; threats to auditor independence; safeguards of auditor independence; and applications. Auditor independence includes two main elements: “independence of mind” and “independence in appearance.” Independence of mind is “freedom from the effects of threats to auditor independence that would be sufficient to compromise an auditor’s objectivity.” CFAI prefers independence of mind to the widely used term “independence in fact,” under the rationale that independence cannot be established as a fact or objectively measured. Independence in appearance is the absence of activities, relationships, or other circumstances that would lead well-informed investors and other users of financial information to conclude that an unacceptably high risk exists of an auditor lacking independence of mind.
Threats to Independence
Threats to auditor independence represent pressures or other factors impairing an auditor’s objectivity. To be independent, an auditor must be able to overcome the threats that compromise objectivity. Identifying sources of threats helps to illuminate their nature and impact on the auditor’s independence. CFAI illustrates five potential threats:
Both the probability and materiality of each threat should be evaluated. The foregoing threats encompass two familiar concepts: “acting in the capacity of management” and “having a mutuality of interests with the client.” Auditors must not act as managerial decision makers. Auditors must not favor their clients’ interests or goals. Instead, they must be watchdogs for the public.
Safeguards of Independence
Auditor independence safeguards represent controls mitigating the effects of threats, providing greater incentives for auditors to make appropriate independence decisions. ISB identifies five types of safeguards, each of which may lessen one or more threats. Additionally, safeguards may be effective individually and in combination. These safeguards may be characterized in terms of:
While the benefits of safeguards are difficult to quantify, such benefits include all indirect consequences, such as those accruing to society at large. The following are examples of indirect benefits:
Application of Framework
The first step in applying this framework is for the auditor to determine the tolerable level of independence risk, which is the likelihood that an auditor’s objectivity would be compromised or would reasonably appear compromised to well-informed investors and other users. In evaluating the level of independence risk, the views of investors and other parties having an interest in the integrity of financial reporting are considered. Independence risk may be cumulative across activities, so an aggregate independence risk should be assessed in addition to the individual independence risk of each activity. For example, an auditor may be subject to self-interest risk and self-review risk. While each of these risks might be below the tolerability threshold, their combined impact could produce an unacceptable level of independence risk. Independence risk increases with the presence of independence threats, and decreases with safeguards. If the independence risk is acceptable, additional safeguards may not be necessary. If the level of independence risk for a particular activity is higher than acceptable, additional safeguards ought to be used to reduce the risk.
The decision to apply additional safeguards to reduce independence risk involves a cost–benefit analysis. Safeguards should be applied when the benefits of reduced independence risk exceed their costs. This includes direct costs (e.g., developing and maintaining safeguards) and indirect costs (e.g., unintended effects on audit quality).
Comparison with Other Conceptual Independence Standards
The United States is not alone is recognizing the importance of developing a framework for auditor independence. In 2000, the International Federation of Accountants (IFAC) released an exposure draft on independence that outlined a conceptual framework. That same year, the European Union (EU) released a consultative paper (similar to an exposure draft) titled Statutory Auditors’ Independence in the EU: A Set of Fundamental Principles. Both proposed frameworks are strikingly similar to CFAI.
IFAC defines independence of mind and independence in appearance in a way similar to CFAI. Similar definitions of threats and safeguards are also furnished. The discussion of safeguards is substantially more detailed. IFAC posits three broad categories of safeguards: safeguards created by the profession, legislation, or regulation; safeguards within the client; and safeguards within the firm’s own system and procedures. IFAC’s conceptual framework concludes with a detailed review of applications to specific situations, providing auditors with a foundation for application of this standard.
The EU conceptual framework on auditor independence also examines many of the same issues as its U.S. counterpart. The concepts of independence of mind and independence in appearance are similar to CFAI, as are the threats to independence. The EU framework contains aspects of independence not addressed in CFAI. For example, the EU framework includes a description of a network of individuals associated with the auditor to which independence rules also apply. The EU framework provides a more detailed overview of safeguards protecting auditors’ independence than does CFAI.
Competing Views on Auditor Independence
Elliott and Jacobson set the groundwork for a conceptual framework of auditor independence in their April 1998 CPA Journal article. Unlike the ISB focus on threats and safeguards, they use a more general cost–benefit approach. The benefits of greater auditor independence are more reliable financial information for investment and credit decisions. Greater reliability of information means lower information risk and thus a lower cost of capital. The costs of securing a higher degree of independence include compliance, quality controls, safeguards, and compensation for opportunities lost by adherence to prohibitions. Related to the cost–benefit framework of Elliott and Jacobson is the role of materiality of independence impairments. In general, the materiality concept of independence implies that a low level of independence impairment would have an immaterial impact on auditor judgment. The cost–benefit concept used here is substantially different from the ISB threats and safeguards framework.
Within the framework of cost–benefit analysis and materiality, Elliott and Jacobson define auditor independence as “an absence of interests that create an unacceptable risk of material bias with respect to the reliability of financial statements.” Auditors’ independence is materially impaired if their interest presents a risk of impaired objectivity with a likelihood so high and an impairment of such dimension that the interest can reasonably be assumed to affect the outcome of the audit. In contrast to current independence standards, which treat potential impairments to independence differently, this framework treats all potential biases in a similar fashion.
A key difference between CFAI and Elliott and Jacobson lies in the area of hypothetical parties used to assess independence risk. After a detailed analysis of three potential parties—a prudent person, a regulator’s judgment, and an investor’s opinion—Elliott and Jacobson conclude that the regulator’s judgment is the ideal means for assessing auditors’ independence. By contrast, the ISB chooses to use the views of the well-informed investor as a measure of independence impairment. Elliott and Jacobson argue against the informed investor on the grounds that such a person is typically not aware of independence issues, rules, or controls to maintain independence.
The question of the relationship between the appearance of independence and audit quality remains unresolved. What are investors’ and creditors’ evaluations of independence? If investors and creditors consider the appearance of independence in assessing the quality of financial reporting, then rules to enhance appearance may be effective. However, if investors and creditors do not use the appearance of independence, the purpose of rules exclusively designed to enhance the appearance of independence is questionable. Elliott and Jacobson believe this issue should be fully explored before independence in appearance is included in the conceptual framework. Independence in appearance is included in CFAI with little discussion or justification.
SEC Independence Requirements and the ISB
In November 2000, the SEC issued a new rule for independence of auditors of SEC registrants. This rule, which modifies current independence requirements, addresses four issues: financial and employment relationships with the client; nonaudit services; quality controls; and disclosure of nonaudit services. This rule allows more audit staff to have financial interests in the client as long as the staff members have no relationship to the engagement team. The rule also permits a greater number of family members of auditors and ex-auditors to be employed by the client without raising independence issues. The SEC enumerates nonaudit services that it views as impairing audit independence: bookkeeping; financial information systems design or implementation; appraisal services; actuarial services; internal audit outsourcing; human research services; and legal services. The SEC rule calls for companies to note in their proxy statements nonaudit services provided by the auditor, the corresponding fees, and whether the audit committee considered the independence impact of providing those nonaudit services.
The relationship between CFAI and the SEC independence standard is slight. There is no direct reference to CFAI in the SEC document. Additionally, changes in the independence rule are justified by the SEC using a cost–benefit analysis rather than a threats and safeguards approach. In instances where independence issues are not addressed in CFAI, the SEC requires the auditor to consider whether the relationship or the provision of service: creates a mutual or conflicting interest between the accountant and the audit client; places the accountant in the position of auditing his or her own work; results in the accountant acting as management or an employee of the client; or places the accountant in a position of being an advocate for the audit client.
Subsequently, the Sarbanes-Oxley Act of 2002 adopted more extensive prohibitions on auditors providing nonaudit services to audit clients:
The registrant’s audit committee must preapprove all nonaudit services, including tax work.
Even though the ISB did not use CFAI in setting standards, it remains a legacy for future standards setters. By not using a conceptual framework, any subsequent changes in this ruling by the SEC would be ad hoc and difficult to explain or justify. On the other hand, a conceptual framework like CFAI lays the groundwork for evaluating existing rules or standards and provides the foundation for setting new standards.
©2006 The CPA Journal. Legal Notices
Visit the new cpajournal.com.