Commission Recommendation of 16 May 2002 — Statutory Auditors' Independence in the EU: A Set of Fundamental Principles (Text with EEA relevance) (notified under document number C(2002) 1873)
Official Journal L 191 , 19/07/2002 P. 0022 - 0057
Commission Recommendation of 16 May 2002 Statutory Auditors' Independence in the EU: A Set of Fundamental Principles (notified under document number C(2002) 1873) (Text with EEA relevance) (2002/590/EC) THE COMMISSION OF THE EUROPEAN COMMUNITIES, Having regard to the Treaty establishing the European Community, and in particular Article 211, second indent thereof, Whereas: (1) The independence of statutory auditors is fundamental to the public confidence in the reliability of statutory auditors' reports. It adds credibility to published financial information and value to investors, creditors, employees and other stakeholders in EU companies. This is particularly the case in companies which are public interest entities (e.g., listed companies, credit institutions, insurance companies, UCITS and investment firms). (2) Independence is also the profession's main means of demonstrating to the public and regulators that statutory auditors and audit firms are performing their task at a level that meets established ethical principles, in particular those of integrity and objectivity. (3) Council Directive 84/253/EEC(1) on "the approval of persons responsible for carrying out the statutory audits of accounting documents" establishes the minimum qualifications required of persons who are allowed to carry out statutory audits. (4) Articles 24 and 25 of this Directive require EU Member States to prescribe that statutory auditors do not carry out statutory audits, either in their own right or on behalf of an audit firm, if they are not independent. Article 26 of the Directive requires Member States to ensure that statutory auditors are liable to appropriate sanctions when they do not carry out a statutory audit in an independent manner. Furthermore, Article 27 of the Directive requires Member States to ensure, at a minimum, that the members and shareholders of an audit firm do not intervene in the conduct of statutory audits in any way which jeopardises the independence of the natural persons performing the statutory audit on behalf of that audit firm. This requirement also applies to those members of the administration, management and supervisory body of the audit firm who are not personally approved as statutory auditors. (5) Member States' national rules on statutory auditors' independence currently differ in several respects such as: the scope of persons to whom independence rules should apply, both within an audit firm and outside the firm; the kind of financial, business or other relationships that a statutory auditor, an audit firm or an individual within the firm may have with an audit client; the type of non-audit services that can and cannot be provided to an audit client; and the safeguards which need to be put in place. This situation makes it difficult to provide investors and other stakeholders in EU companies with a uniformly high level of assurance that statutory auditors perform their audit work independently throughout the EU. (6) At present there is no internationally accepted ethics standard for statutory auditors' independence that could be used as a benchmark for national independence rules throughout the EU. (7) The issue of statutory auditors' independence was addressed by the Commission's 1996 Green Paper(2) on "The Role, Position and Liability of the Statutory Auditor in the EU" that received the support of the Council, the Economic and Social Committee and the European Parliament. As a result of the Commission's 1998 Communication "The Statutory Audit in the European Union, the way forward"(3) the EU Committee on Auditing was created. This Committee established statutory auditors' independence as one of their priorities. Finally, the Commission's Communication "EU Financial Reporting Strategy: the way forward"(4) underlines the importance of a statutory audit carried out to uniformly high levels across the EU, including a common approach to professional ethics standards. (8) The scope of this initiative on statutory auditors' independence applies to the EU statutory audit profession as a whole. It aims at setting a benchmark for Member States' requirements on statutory auditors' independence throughout the EU. (9) Agreement was reached in the Committee on Auditing that each Member State should provide statutory auditors, regulators and the interested public with a common understanding of the independence requirement by the application of fundamental principles. This will bring about consistency in interpreting and addressing facts and circumstances which threaten a statutory auditor's independence throughout the EU. The existence of such principles should also help to provide a level playing field for the provision of statutory audit services within the single market. The principles should be comprehensive, rigorous, robust, enforceable and reasonable. They should be consistently interpreted and applied by professional bodies, supervisors and regulators, as well as by statutory auditors, their clients and other interested parties. (10) Agreement was also reached in the Committee on Auditing to build on this initiative in order to develop common independence standards. This will contribute to the creation of a single EU capital market as outlined by the Financial Services Action Plan(5) and endorsed by the Stockholm European Council(6). However, whilst work to achieve harmonisation continues, the setting of national independence rules that are complementary to EU fundamental principles is to be left to the discretion of Member States. Such rules would apply in particular to statutory audits of companies operating in regulated industries. Member States may also decide to require the application of the same independence standards to unlisted companies as applicable to listed companies. (11) A principles-based approach to statutory auditors' independence is preferable to one based on detailed rules because it creates a robust structure within which statutory auditors have to justify their actions. It also provides the audit profession and its regulators with the flexibility to react promptly and effectively to new developments in business and in the audit environment. At the same time, it avoids the highly legalistic and rigid approach to what is and is not permitted which can arise in a rules-based regime. A principles-based approach can cater for the almost infinite variations in individual circumstances that arise in practice and in the different legal environments throughout the EU. Consequently, a principles-based approach will better serve the needs of European capital markets, as well as those of SMEs. (12) The benefits of safeguarding the statutory auditors' independence include efficiencies and other positive effects that, ultimately, contribute to the overall efficiency of the capital markets. On the other hand, maintaining statutory auditor independence creates a variety of additional costs that have to be borne by various parties. These include the costs that are related to developing, maintaining, and enforcing safeguards to independence. When seeking to impose a certain safeguard on statutory auditors, Member States and regulators need to take into account the anticipated costs and benefits in particular circumstances. For example, a particular safeguard may bring substantial public benefits at a modest cost when applied to the audits of public interest entities. But if applied to the audit of a small company with relatively little public interest, the same safeguard may result in costs that are disproportionate to the associated benefits to the users of this company's financial statements. (13) Establishing fundamental principles is not in itself sufficient to ensure public confidence that the EU statutory auditor applies proper standards of integrity and independence. Appropriate systems of quality assurance are necessary in order to check that the principles are properly applied by EU statutory auditors. In this regard the Commission Recommendation on "Quality Assurance for the Statutory Auditor in the EU"(7) provides for external quality reviews of statutory auditors, including a review of compliance with independence standards. Such quality assurance systems are subject to public oversight. (14) This Recommendation is an important step towards assuring audit quality. Further steps may be necessary. The Commission intends to come forward with a broader strategy on auditing which will address issues such as the use of International Standards on Auditing (ISAs), the establishment of a public oversight on the audit profession and the role of audit committees. (15) This Recommendation emphasises the responsibility of the audit profession to uphold auditor independence. If this Recommendation does not bring about the desired harmonisation, the Commission will review the situation three years after the adoption of this Recommendation taking into account international developments. This review will specifically address the question to what extent this Recommendation has had an impact on auditor independence where auditors have provided non-audit services to audit clients. (16) There is general agreement in the EU Committee on Auditing and in the Contact Committee on the Accounting Directives on the fundamental principles of this Recommendation. (17) This Recommendation provides a framework within which all of the general issues of statutory auditors' independence are considered. Its Section A sets out the overarching independence requirements for statutory auditors and discusses the scope of persons to whom independence rules should apply. Section B then reviews a range of specific circumstances in which threats to independence could arise and provides guidance on the measures a statutory auditor should take to mitigate such threats in relation to a particular statutory audit. It is to be noted that Section B is not intended to provide an exhaustive list of all the circumstances where threats to auditor independence might arise, but that statutory auditors should be alert to any such threat and take whatever action is necessary in accordance with the principles and guidance in this Recommendation. The basic principles in Section A and the essential safeguards that are provided in Section B for specific circumstances are supported by an annex, which provides related explanations and guidance. Important terms are defined in the Appendix, HEREBY RECOMMENDS: That rules, standards and/or regulation on statutory auditors' independence in the Member States of the European Union should implement the following set of fundamental principles: A. FRAMEWORK When carrying out a Statutory Audit(8), a Statutory Auditor(9) must be independent from his Audit Client(10), both in mind and in appearance. A statutory auditor should not carry out a Statutory Audit if there are any financial, business, employment or other relationships between the statutory auditor and his client (including certain non-audit services provided to the audit client) that a reasonable and informed third party would conclude compromise the statutory auditor's independence. 1. Objectivity, integrity and independence 1. Objectivity and professional integrity should be the overriding principles underlying a statutory auditor's audit opinion on financial statements. The main way in which the Statutory Auditor can demonstrate to the public that a Statutory Audit is performed in accordance with these principles is by acting, and being seen to act, independently. 2. Objectivity (as a state of mind) cannot be subjected to external verification, and integrity cannot be evaluated in advance. 3. Principles and rules on statutory auditors' independence should allow a reasonable and informed third party to evaluate the procedures and actions taken by a Statutory Auditor to avoid or resolve facts and circumstances that pose threats or risks to his objectivity. 2. Responsibility and scope 1. It is the responsibility of the Statutory Auditor to ensure that the requirement for statutory auditors' independence is complied with. 2. The independence requirement applies to: (a) the Statutory Auditor himself; and (b) those who are in a position to influence the outcome of the Statutory Audit. 3. Those in a position to influence the outcome of the Statutory Audit are: (a) all persons who are directly involved in the Statutory Audit (the Engagement Team(11)), including (i) the Audit Partners(12), audit managers and audit staff (the Audit Team(13)); (ii) professional personnel from other disciplines involved in the audit engagement (e.g., lawyers, actuaries, taxation specialists, IT-specialists, treasury management specialists); (iii) those who provide quality control or direct oversight of the audit engagement; (b) all persons, who form part of the Chain of Command(14) for the Statutory Audit within the Audit Firm(15) or within a Network(16) of which the firm is a member; (c) all persons within the Audit Firm or its Network who, due to any other circumstances, may be in a position to exert influence on the Statutory Audit. 3. Independence threats and risk 1. Statutory auditors' independence can be affected by different types of threats, including self-interest, self-review, advocacy, familiarity or trust, and intimidation. 2. The level of risk that a Statutory Auditor's independence might be compromised will be determined by reference to the significance of these threats, either individually or in combination, and their impact on the Statutory Auditor's independence. This determination will need to consider the specific circumstances that relate to the Statutory Audit concerned. 3. A Statutory Auditor's independence risk assessment should have due regard to both: (a) the services provided to the Audit Client in recent years and the relationships that existed with that Audit Client before the appointment as Statutory Auditor; and (b) the services provided to, and the relationships that exist with, the Audit Client during the course of the Statutory Audit. 4. Systems of safeguards 1. Different types of safeguards - including prohibitions, restrictions, other policies and procedures, and disclosures - have to be established in order to mitigate or eliminate threats to statutory auditors' independence (see A. 3). 2. The existence and the effectiveness of various safeguards affect the level of independence risk. 4.1. Audited entities' safeguards 4.1.1. Governance structure's impact on independence risk assessment The Statutory Auditor should consider whether the governance structure of the audited entity provides safeguards to mitigate threats to his independence and how these safeguards are operated. Such safeguards include: 1. the appointment of the Statutory Auditor by persons other than the audited entity's management; and 2. oversight and communications within the audited entity regarding the Statutory Audit and other services provided to it by the Audit Firm or its Network. 4.1.2. Involvement of the Governance Body 1. Where a Public Interest Entity has a Governance Body (see A. 4.1.1), the Statutory Auditor should at least annually: (a) disclose to the Governance Body, in writing: (i) the total amount of fees that he, the Audit Firm and its Network members have charged to the Audit Client and its Affiliates for the provision of services during the reporting period. This total amount should be broken down into four broad categories of services: Statutory audit services; further assurance services(17); tax advisory services; and other non-audit services. The category of other non-audit services should be further broken down into subcategories so far as items in them differ substantially from one another. This break-down into subcategories should at least provide information on fees for the provision of financial information technology, internal audit, valuation, litigation and recruitment services. For each (sub-)category of service, the amounts charged and contracted for, as well as existing proposals or bids for future services contracts should be separately analysed; (ii) details of all relationships between himself, the Audit Firm and its Network member firms, and the Audit Client and its Affiliates(18) that he believes may reasonably be thought to bear on his independence and objectivity; and (iii) the related safeguards that are in place; (b) confirm in writing that, in his professional judgement, the Statutory Auditor is independent within the meaning of regulatory and professional requirements and the objectivity of the Statutory Auditor is not compromised, or otherwise declare that he has concerns that his independence and objectivity may be compromised; and (c) seek to discuss these matters with the Governance Body of the Audit Client. 2. Where Audit Clients other than Public Interest Entities have a Governance Body, the Statutory Auditor should consider whether similar measures are appropriate. 4.2. Quality assurance Quality assurance systems which meet the minimum requirements of the Commission Recommendation on "Quality Assurance for the Statutory Audit in the EU"(19) are required mechanisms contributing to safeguard statutory auditors' compliance with the independence requirement at a Member State level. 4.3. The Statutory Auditor's overall safeguards 4.3.1. Ownership of and control over Audit Firms If the Statutory Auditor is an Audit Firm, at least the majority of the firm's voting rights (50 % plus one vote) must be held by persons who are authorised to perform Statutory Audits within the European Union (statutory auditors(20)). The Statutory Auditor's legal statutes should contain provisions to ensure that a non-auditor owner could not gain control over the Audit Firm(21). 4.3.2. The Audit Firm's internal safeguarding system 1. A Statutory Auditor should set up and maintain a safeguarding system that is an integral part of his firm-wide management and internal control structure. 2. The functioning of such a system should be documented so that it can be subject to quality assurance systems (see A. 4.2). 3. Generally, the safeguarding system of an Audit Firm would include: (a) written independence policies which address current independence standards, threats to independence, and the safeguards related thereto; (b) active and timely communication of the policies, and any changes to them, to each Partner, manager and employee, including regular training and education thereon; (c) appropriate procedures to be applied by Partners, managers and employees in order to meet independence standards, both on a regular basis and in response to particular circumstances; (d) designation of top-level audit professionals (Partners) responsible for updating the policies, timely communication of those updates, and overseeing the adequate functioning of the safeguarding system; (e) documentation for each Audit Client that summarises the conclusions that have been drawn from the assessment of threats to the Statutory Auditor's independence and the related evaluation of the independence risk. This should include the reasoning for these conclusions. If significant threats are noted, the documentation should include a summary of the steps that were, or are to be, taken to avoid or negate the independence risk, or at least reduce it to an appropriate level; and (f) internal monitoring of compliance with safeguarding policies. 5. Public disclosure of fees 1. Where a Statutory Auditor or, if the Statutory Auditor is a natural person, a firm of which he is a member or Partner has received fees from an Audit Client for (audit and non-audit) services provided during the client's reporting period, all these fees should be publicly and appropriately disclosed. 2. Member States or their regulatory bodies should require this disclosure to the extent that an Audit Client's audited financial statements have to be published in accordance with their national law. 3. The total fee income should be broken down by four categories: statutory audit services; further assurance services; tax advisory services; and other non-audit services. The fees for other non-audit services should be further broken down into subcategories so far as items in them differ substantially from one another. This break-down into subcategories should at least provide information on fees for the provision of financial information technology, internal audit, valuation, litigation and recruitment services. In respect of each (sub-)category item, the figure relating to the corresponding (sub-)category item for the preceding reporting period should be shown as well. Furthermore, a percentage break-down for the (sub-)categories should be provided. 4. Where a Statutory Audit of consolidated financial statements is concerned, the fees received by the Statutory Auditor and his Network members for the services they provided to the Audit Client and its consolidated entities should be disclosed accordingly. B. SPECIFIC CIRCUMSTANCES 1. Financial interests 1. An actual or impending, direct or indirect financial interest in the Audit Client or its Affiliates, including any derivative directly related thereto, may threaten the Statutory Auditor's independence, if it is held by the Statutory Auditor or any other person being in a position to influence the outcome of the Statutory Audit (any person within the scope of A. 2). The Statutory Auditor has to assess the significance of any such threat, identify whether any safeguards would mitigate the independence risk it presents, and take any action necessary. This may include refusal of, or resignation from, the audit engagement or exclusion of the relevant person from the Audit Team. Where applicable, and especially with regard to Public Interest Entity clients, the Statutory Auditor should seek to involve the Governance Body in this process. 2. Financial interest in the Audit Client or its Affiliates will be incompatible with the Statutory Auditor's independence, if: (a) the Statutory Auditor, the Audit Firm, or any member of the Engagement Team or the Chain of Command, or any Partner of the firm or its Network who is working in an "Office"(22) which participates in a significant proportion of an audit engagement, holds (i) any direct financial interest in the Audit Client; or (ii) any indirect financial interest in the Audit Client which is significant to either party; or (iii) any (direct or indirect) financial interest in the client's Affiliates which is significant to either party; (b) any other person within the scope of A. 2, holds any (direct or indirect) financial interest in the Audit Client or its Affiliates which is significant to either party. Accordingly, the persons concerned should not hold any such financial interests. Where such an interest is acquired as a result of an external event (e.g. inheritance, gift, merger of firms or companies) it must be disposed of as soon as practicable, but no later than one month after the person has knowledge of, and the right to dispose of, the financial interest. In the meantime, additional safeguards are needed to preserve the Statutory auditor's independence. These could include a secondary review of the relevant person's audit work or exclusion of the relevant person from any substantive decision making concerning the Statutory Audit of the client. 3. The Statutory Auditor's independence may also be threatened by an apparently insignificant financial interest in an Audit Client or its Affiliates. The level of threat will be higher, and likely to be unacceptable, if the interest is neither acquired or held on standard commercial terms nor negotiated on an arm's length basis. It is the responsibility of the Statutory Auditor to assess the level of risk that such an interest presents and to ensure that any necessary mitigating action is taken. 2. Business relationships 1. Business relationships between the Statutory Auditor, the Audit Firm or any other person being in a position to influence the outcome of the Statutory Audit (any person within the scope of A. 2) on the one hand, and the Audit Client, its Affiliates, or its management on the other hand, may cause self-interest, advocacy or intimidation threats to the Statutory Auditor's independence. 2. Business relationships, or commitments to establish such relationships, should be prohibited unless the relationship is in the normal course of business and insignificant in terms of the threat it poses to the independence of the Statutory Auditor. Where applicable, and especially with regard to Public Interest Entity clients, the Statutory Auditor should seek to discuss with the Governance Body of the Audit Client any cases where doubt arises whether or not a business relationship is in the normal course of business and insignificant in relation to his independence. 3. Paragraphs 1 and 2 above do not apply to the provision of statutory audit services. However, neither the Audit Firm nor any of its Network member firms should provide statutory audit services to: (a) any owner of the Audit Firm; or (b) an Affiliate of such an owner where the owner may be in a position to influence any decision-making of the Audit Firm which affects its statutory audit function; or (c) an entity where any individual who has a supervisory or managerial role in that entity may be in a position to influence any decision-making of the Audit Firm which affects its statutory audit function(23). 3. Employment with the Audit Client 1. Dual employment of any individual who is in a position to influence the outcome of the Statutory Audit both in the Audit Firm (a person within the scope of A. 2) and in the Audit Client or its Affiliates should be prohibited. Loan staff assignments(24) to an Audit Client or any of its Affiliates are also regarded as dual employment relationships. Where an Audit Firm's employee has worked with an Audit Client under a loan staff assignment and is to be assigned to the audit Engagement Team of that client's Statutory Audit, this individual should not be given audit responsibility for any function or activity that he was required to perform or supervise during the former loan staff assignment (see also B. 5 below). 2. Where a member of the Engagement Team is to leave the Audit Firm and join an Audit Client, policies and procedures of the Audit Firm (see A 4.3) should provide: (a) a requirement that members of any Engagement Team immediately notify the Audit Firm of any situation involving their potential employment with the Audit Client; (b) the immediate removal of any such Engagement Team member from the audit engagement; and (c) an immediate review of the audit work performed by the resigning or former Engagement Team member in the current and/or (where appropriate) the most recent audit. This review should be performed by a more senior audit professional. If the individual joining the client is an Audit Partner or the Engagement Partner, the review should be performed by an Audit Partner who was not involved in the audit engagement. (Where, due to its size, the Audit Firm does not have a Partner who was not involved in the audit engagement, it may seek either a review by another statutory auditor or advice from its professional regulatory body.) 3. Where a former Engagement Team member or an individual within the Chain of Command has joined an Audit Client, policies and procedures of the Audit Firm should ensure that there remain no significant connections between itself and the individual. This includes: (a) regardless of whether the individual was previously involved in the audit engagement, that all capital balances and similar financial interests must be fully settled (including retirement benefits) unless these are made in accordance with pre-determined arrangements that cannot be influenced by any remaining connections between the individual and the Audit Firm; (b) that the individual does not participate or appear to participate further in the Audit Firm's business or professional activities. 4. A Key Audit Partner leaving the audit firm to join the audit client for a Key Management Position(25), would be perceived to cause an unacceptably high level of independence risk. Therefore, a period of at least two years should have elapsed before a Key Audit Partner can take up a Key Management Position. 4. Managerial or supervisory role in Audit Client 1. An individual who is in a position to influence the outcome of the Statutory Audit (a person within the scope of A. 2) should not be a member of any management body (e.g. board of directors) or supervisory body (e.g. audit committee or supervisory board) of an Audit Client. Also, he should not be a member of such a body in an entity which holds directly or indirectly more than 20 % of the voting rights in the client, or in which the client holds directly or indirectly more than 20 % of the voting rights. 2. When a former member of the Engagement Team takes a managerial or supervisory role in an Audit Client, B. 3(3) and (4) will apply. 5. Establishing employment with Audit Firm Where a director or manager of the Audit Client has joined the Audit Firm, this person should not become a member of the Engagement Team at any time in the two year period after leaving the Audit Client. If the person is a member of the Chain of Command, he should not take part in any substantive decisions concerning an audit engagement with this client or with one of its Affiliates at any time in the two year period after leaving the Audit Client. This requirement also applies to a former employee of the Audit Client unless the responsibilities he held and the tasks he performed at the Audit Client were insignificant in relation to the statutory audit function. 6. Family and other personal relationships 1. An individual who is a Statutory Auditor should not accept an audit engagement if one of his close family members: (a) holds a senior management position with the Audit Client; (b) is in a position to exert direct influence on the preparation of the Audit Client's accounting records or financial statements; (c) has a financial interest in the Audit Client (see B. 1) unless it is insignificant; or (d) has a business relationship with the Audit Client (see B. 2) unless it is in the normal course of business and insignificant in terms of the threat it poses to the independence of the Statutory Auditor. 2. Within an Audit Firm or Network an individual should not be assigned to the Engagement Team if one of his close family members meets any of the criteria under (1)(a) to (d) above, nor should an Audit Partner who is working in an "Office" where any of the other Partners in it has a close family member who meets these criteria. Appropriate safeguards should ensure that a member of the Chain of Command does not participate in any decisions that directly relate to the audit engagement if one of his close family members meets any of the criteria under (1)(a) to (d) above, or if he is working in an "Office" where any of the Partners in it has a close family member who meets these criteria. 3. The Statutory Auditor should consider whether he or any other individual in the Engagement Team or Chain of Command, or any person working in an "Office" which includes himself or such an individual, has any other close personal relationships where similar safeguards would be needed. 4. Assessment of the facts of a relevant individual's close personal relationship should be based upon the knowledge of the Statutory Auditor and the individual concerned. The individual should be responsible for disclosing to the Statutory Auditor any fact and circumstance which might require safeguards to mitigate an unacceptable level of independence risk. 7. Non-audit services 7.1. General 1. Where a Statutory Auditor, an Audit Firm or one of its Network member firms provides services other than statutory audit work (non-audit services) to an Audit Client or to one of its Affiliates, the overall safeguarding system (A 4.3) of the Statutory Auditor has to ensure that: (a) the individuals employed by either the Audit Firm or its Network member firm neither take any decision nor take part in any decision-making on behalf of the Audit Client or one of its Affiliates, or its management while providing a non-audit service; and (b) where an independence risk remains due to specific threats which may result from the nature of a non-audit service, this risk is reduced to an acceptable level. 2. Even if not involved in the decision-making of the Audit Client or any of its Affiliates, the Statutory Auditor should consider, amongst others, which of the following safeguards in particular may mitigate a remaining independence threat: (a) arrangements to reduce the risk of self-review by compartmentalising responsibilities and knowledge in specific non-audit engagements; (b) routine notification of any audit and non-audit engagement to those in the Audit Firm or Network who are responsible for safeguarding independence, including oversight of ongoing activities; (c) secondary reviews of the Statutory Audit by an Audit Partner who is not involved in the provision of any services to the Audit Client or to one of its Affiliates; or (d) external review by another statutory auditor or advice by the professional regulatory body. 3. Where applicable, and especially with regard to Public Interest Entity clients, the Statutory Auditor should seek to discuss the provision of non-audit services to an Audit Client or to one of its Affiliates with the client's Governance Body (see A. 4.1.2). 7.2. Examples - analysis of specific situations 7.2.1. Preparing accounting records and financial statements 1. A self-review threat exists whenever a Statutory Auditor, an Audit Firm, an entity within a Network of firms or a Partner, manager or employee thereof participates in the preparation of the Audit Client's accounting records or financial statements. The significance of the threat depends upon the spectrum of these persons' involvement in the preparation process and upon the level of public interest. 2. The significance of the self-review threat is always considered too high to allow a participation in the preparation process unless the assistance provided is solely of a technical or mechanical nature or the advice given is only of an informative nature. 3. However, where Statutory Audits of Public Interest Entity clients are concerned, the provision of any such assistance other than that which is within the statutory audit mandate would be perceived to cause an unacceptably high level of independence risk, and should therefore be prohibited. 7.2.2. Design and implementation of financial information technology systems 1. The provision of services by the Statutory Auditor, the Audit Firm or an entity within its Network to an Audit Client that involve the design and implementation of financial information technology systems (FITS) used to generate information forming part of the Audit Client's financial statements may give rise to a self-review threat. 2. The significance of the self-review threat is considered too high to permit a Statutory Auditor, an Audit Firm or one of its group member firms to provide such FITS services unless: (a) the Audit Client's management acknowledges in writing that they take responsibility for the overall system of internal control; (b) the Statutory Auditor has satisfied himself that the Audit Client's management is not relying on the FITS work as the primary basis for determining the adequacy of its internal controls and financial reporting systems; (c) in the case of an FITS design project, the service provided involves design to specifications set by the Audit Client's management; and (d) the FITS services do not constitute a "turn key" project (i.e., a project that consists of software design, hardware configuration and the implementation of both), unless the Audit Client or its management explicitly confirms in the written acknowledgement required under (a) that they take responsibility for (i) the design, implementation and evaluation process, including any decision thereon; and (ii) the operation of the system, including the data used or generated by the system. These provisions shall not limit the services a Statutory Auditor, an Audit Firm or a member of its Network performs in connection with the assessment, design, and implementation of internal accounting controls and risk management controls, provided these persons do not act as an employee or perform management functions. 3. In cases not prohibited under (2) the Statutory Auditor should consider whether additional safeguards are needed to mitigate a remaining self-review threat. In particular whether services that involve the design and implementation of financial information technology systems should only be provided by an expert team with different personnel (including engagement partner) and different reporting lines to those of the audit Engagement Team. 7.2.3. Valuation services 1. A self-review threat exists whenever a Statutory Auditor, an Audit Firm, an entity within a Network or a Partner, manager or employee thereof provides the Audit Client with valuation services that result in the preparation of a valuation that is to be incorporated into the client's financial statements. 2. The significance of the self-review threat is considered too high to allow the provision of valuation services which lead to the valuation of amounts that are material in relation to the financial statements and where the valuation involves a significant degree of subjectivity inherent in the item concerned. 3. In cases not prohibited under (2) the Statutory Auditor should consider whether additional safeguards are needed to mitigate a remaining self-review threat. In particular, where a valuation service should only be provided by an expert team with different personnel (including engagement partner) and different reporting lines to those of the audit Engagement Team. 7.2.4. Participation in the Audit Client's internal audit 1. Self-review threats may arise in certain circumstances where a Statutory Auditor, an Audit Firm or an entity within a Network provides internal audit services to an Audit Client. 2. To mitigate self-review threats when involved in an Audit Client's internal audit task, the Statutory Auditor should: (a) satisfy himself that the Audit Client's management or Governance Body is at all times responsible for (i) the overall system of internal control (i.e., the establishment and maintenance of internal controls, including the day to day controls and processes in relation to the authorisation, execution and recording of accounting transactions); (ii) determining the scope, risk and frequency of the internal audit procedures to be performed; and (iii) considering and acting on the findings and recommendations provided by internal audit or during the course of a Statutory Audit. If the Statutory Auditor is not satisfied that this is the case, neither he, nor the Audit Firm nor any entity within its Network should participate in the Audit Client's internal audit. (b) not accept the outcomes of internal auditing processes for statutory audit purposes without adequate review. This will include a subsequent reassessment of the relevant statutory audit work by an Audit Partner who is involved neither in the Statutory Audit nor in the internal audit engagement. 7.2.5. Acting for the Audit Client in the resolution of litigation 1. An advocacy threat exists whenever a Statutory Auditor, an Audit Firm, an entity within a Network or a Partner, manager or employee thereof acts for the Audit Client in the resolution of a dispute or litigation. A self-review threat may also arise where such a service includes the estimation of the Audit Client's chances in the resolution of litigation, and thereby affects the amounts to be reflected in the financial statements. 2. The significance of both the advocacy and the self-review threat is considered too high to allow a Statutory Auditor, an Audit Firm, an entity within a Network or a partner, manager or employee thereof to act for an Audit Client in the resolution of litigation which involves matters that would reasonably be expected to have a material impact on the client's financial statements and a significant degree of subjectivity inherent to the case concerned. 3. In cases not prohibited under (2) the Statutory Auditor should consider whether additional safeguards are needed to mitigate a remaining advocacy threat. This could include using personnel (including engagement Partner) who are not connected with the audit Engagement Team and who have different reporting lines. 7.2.6. Recruiting senior management 1. Where a Statutory Auditor, an Audit Firm, an entity within a Network or a Partner, manager or employee thereof is involved in the recruitment of senior or key staff for the Audit Client, different kinds of threats to independence may arise. These can include self-interest, trust or intimidation threats. 2. Before accepting any engagement to assist in the recruitment of senior or key staff, the Statutory Auditor should assess the current and future threats to his independence which may arise. He should then consider appropriate safeguards to mitigate such threats. 3. When recruiting staff to key financial and administrative posts, the significance of the threats to the Statutory Auditor's independence is very high. As such, the Statutory Auditor should carefully consider whether there might be circumstances where even the provision of a list of potential candidates for such posts may cause an unacceptable level of independence risk. Where Statutory Audits of Public Interest Entities are concerned the independence risk would be perceived to be too high to allow the provision of such a short-list. 4. In any case, the decision as to who should be engaged should always be taken by the Audit Client. 8. Audit and non-audit fees 8.1. Contingent fees 1. Fee arrangements for audit engagements in which the amount of the remuneration is contingent upon the results of the service provided raise self-interest and advocacy threats which are considered to bear an unacceptable level of independence risk. It is therefore required that: (a) audit engagements should never be accepted on a contingent fee basis; and (b) in order to avoid any appearance of contingency, the basis for the calculation of the audit fees must be agreed each year in advance. This should include scope for variation so as to take account of unexpected factors in the work. 2. Threats to independence may also arise from contingent fee arrangements for non-audit services which the Statutory Auditor, the Audit Firm or an entity within its Network provides to an Audit Client or to one of its Affiliates. The Statutory Auditor's safeguarding system (see A. 4.3.2) should therefore ensure that: (a) such an arrangement is never concluded without first assessing the independence risk it might create and ensuring that appropriate safeguards are available to reduce this risk to an acceptable level; and (b) unless the Statutory Auditor is satisfied that there are appropriate safeguards in place to overcome the independence threats, either the non-audit engagement must be refused or the Statutory Auditor must resign from the Statutory Audit to allow the acceptance of the non-audit work. 8.2. Relationship between total fees and total revenue 1. The rendering of any (audit and non-audit) services by a Statutory Auditor, an Audit Firm or a Network to one Audit Client or its Affiliates should not be allowed to create a financial dependency on that Audit Client or client group, either in fact or in appearance. 2. A financial dependency is considered to exist when the total (audit and non-audit) fees that an Audit Firm, or a Network receives or will receive from one Audit Client and its Affiliates make up an unduly high percentage of the total revenues in each year over a five-year period. 3. The Statutory Auditor should also consider whether there are certain fee relationships with one Audit Client and its Affiliates which may appear to create a financial dependency in respect of a person who is in a position to influence the outcome of the Statutory Audit (any person within the scope of A. 2). 4. In any case, the Statutory Auditor, the Audit Firm or the Network should be able to demonstrate that no financial dependency exists in relation to a particular Audit Client or its Affiliates. 8.3. Overdue fees Where fees for audit or other work become significantly overdue and the sum outstanding, or that sum together with fees for current assignments could be regarded as a significant loan (see also B. 2), the self-interest threat to independence is considered to be so significant that a Statutory Auditor should not accept reappointment or, where appropriate and practicable, should resign from the current audit engagement. The situation should be reviewed by a Partner not involved in the provision of any services to the client. Where such a review cannot be performed, the situation should be subjected to an external review by another statutory auditor. Alternatively, advice should be sought from a professional regulatory body. 8.4. Pricing A Statutory Auditor must be able to demonstrate that the fee for an audit engagement is adequate to cover the assignment of appropriate time and qualified staff to the task and compliance with all auditing standards, guidelines and quality control procedures. He should also be able to demonstrate that the resources allocated are at least those which would be allocated to other work of a similar nature. 9. Litigation 1. Both a self-interest and an advocacy threat may arise where litigation takes place, or appears likely to take place, between the Statutory Auditor, the Audit Firm or any other person being in a position to influence the outcome of the Statutory Audit (any person within the scope of A. 2) and an Audit Client or its Affiliates. All of the audit and non-audit services provided to the client have to be considered in order to assess these threats. 2. Where the Statutory Auditor sees that such a threat my arise, he should discuss the case with the Audit Client's Governance Body or, where such a body does not exist, with his professional regulatory body. The threats to the Statutory Auditor's independence are likely to become significant where there is a serious likelihood of litigation which is material to any of the parties involved, or of litigation which calls into question a prior Statutory Audit, or where material litigation is in progress. The Statutory Auditor should cease to act as soon as such circumstances become evident, subject to the requirements of national law. 10. Senior personnel acting for a long period of time 1. Trust or familiarity threats may arise where certain members of the Engagement Team work regularly and for a long period of time on an Audit Client engagement, particularly where Public Interest Entity Audit Clients are concerned. 2. To mitigate these threats, where the audit of a Public Interest Entity is concerned, the Statutory Auditor is required: (a) as a minimum to replace the Key Audit Partners(26) of the Engagement Team (including the Engagement Partner) within 7 years of appointment to the Engagement Team. The replaced Key Audit Partners should not be allowed to return to the Audit Client engagement until at least a two years period has elapsed since the date of their replacement; and (b) to consider the independence risk which may arise in relation to the prolonged involvement of other Engagement Team members, and to adopt appropriate safeguards to reduce it to an acceptable level. 3. Where Audit Clients other than Public Interest Entities are concerned, it is preferable that the procedures set out at (2) above should also apply. However, where the Audit Firm is unable to provide for rotation of Key Audit Partners, the Statutory Auditor should determine what other safeguards should be adopted to reduce the independence risk to an acceptable level. This Recommendation is addressed to the Member States. Done at Brussels, 16 May 2002. For the Commission Frederik Bolkestein Member of the Commission (1) OJ L 126, 12.5.1984, p. 20. (2) OJ C 321, 28.10.1996, p. 1. (3) OJ C 143, 8.5.1998, p. 12. (4) COM (2000) 359, 13.6.2000. (5) COM (1999) 232, 11.5.1999. (6) Presidency Conclusions, Stockholm European Council, 23 and 24 March 2001. (7) C (2000) 3304, 15.11.2000. (8) Defined in the glossary. (9) Defined in the glossary. The term "statutory auditor" refers to all natural or legal persons, or other types of company, firm or partnership who, in accordance with the provisions of the 8th Company Law Directive (84/253/EEC), are approved by the authorities of the Member States to carry out Statutory Audits. (10) Defined in the glossary. (11) Defined in the glossary. (12) Defined in the glossary. (13) Defined in the glossary. (14) Defined in the glossary. (15) Defined in the glossary. (16) Defined in the glossary. (17) Defined in the glossary. (18) Defined in the glossary. (19) C (2000) 3304, 15.11.2000. (20) For the purpose of this section in particular, the term "statutory auditors" refers to all natural or legal persons, or other types of company, firm or partnership who, in accordance with the provisions of the 8th Company Law Directive (84/253/EEC), are approved by the authorities of the Member States to carry out Statutory Audits. (21) This paragraph does not apply to an Audit Firm for which the relevant Member State, in accordance with Article 2.1 (ii) 2nd phrase of the 8th Directive, does not require a majority of voting rights to be held by statutory auditors, and of which all the shares are registered and can be transferred only with the agreement of the firm and/or with the approval of the national authority competent for the approval of statutory auditors. (22) Defined in the glossary. (23) Paragraph 3 lit. (a) and (b) do not apply to an Audit Firm for which the relevant Member State, in accordance with Article 2.1 (ii) 2nd phrase of the 8th Directive, does not require a majority of voting rights to be held by statutory auditors, and of which all the shares are registered and can be transferred only with the agreement of the firm and/or with the approval of the national authority competent for the approval of statutory auditors; provided that an Audit Client of such an Audit Firm is not in a position to influence any decision making of the firm which affects its statutory audit function. (24) An individual who is engaged under a loan staff agreement, works under the direct supervision of the client and does not originate any accounting transaction or prepare original data that is not subject to review and approval by the client. (25) Defined in the glossary. (26) Defined in the glossary. ANNEX The following comments provide additional guidance for the interpretation of the fundamental set of principles set out in the Recommendation. A. FRAMEWORK The basic test for the effectiveness of the approach adopted by a statutory auditor to mitigate threats and risks to his independence in respect of a particular audit engagement is whether a reasonable and informed third party, knowing all the relevant facts and circumstances about a particular audit engagement, will conclude that the statutory auditor is exercising objective and impartial judgement on all issues brought to his attention. The statutory auditor should have a clear understanding of what is meant by objectivity, which is a state of mind, and independence as a matter of both fact and appearance. Accordingly, when addressing the issue of whether he can conduct an objective and independent audit, he should consider a wide range of factors and issues. These should include: the range of persons, besides himself, who may influence the result of the audit in question; whether there are any existing or potential threats or risks which a reasonable and informed third party might regard as compromising his independence; and what system of safeguards would eliminate or mitigate any such threat or risk and demonstrate his independence. In some cases, the only safeguard certain to demonstrate his independence will be to decline certain relationships with the audit client. 1. OBJECTIVITY, INTEGRITY AND INDEPENDENCE Public understanding of the ethical requirements that apply to statutory auditors is a prerequisite for the public confidence in the public interest role of statutory audits, the reliability of audited financial statements, and the ability of the audit profession to play its proper part in the audit process. This also includes an understanding of the ways in which compliance with such requirements can be monitored. It is therefore important that there should be a common understanding of what is meant by the "statutory auditor's independence requirement"(1), how it relates to the ethical requirements of "objectivity" and "integrity"(2), and how, and to what extent, compliance with these requirements can be objectively assessed. The ultimate goal of the Statutory Audit is to express an objective audit opinion. The main means by which the Statutory Auditor demonstrates that he can express such an opinion is by demonstrating that he performs the audit process in an objective manner. To achieve this he must act with fairness, intellectual honesty, integrity (which implies fair dealing and truthfulness) and without any conflict of interest which might compromise his independence. Neither objectivity nor integrity can easily be tested or subjected to external verification. As such, the Member States and the audit profession have developed rules and guidance that both uphold the pre-eminence of these principles and clarify the ethical responsibilities of statutory auditors. The requirement that a Statutory Auditor should be independent addresses both: - independence of mind, i.e. the state of mind which has regard to all considerations relevant to the task in hand, but no others; and - independence in appearance, i.e. the avoidance of facts and circumstances which are so significant that a reasonable and informed third party would question the Statutory Auditor's ability to act objectively. The concept of statutory auditor independence requires a test which looks first at the relevant circumstances in which the Statutory Auditor finds himself, especially at any relationship or interest which has any relevance to his task. Independence is not an absolute standard which Statutory Auditors must attain, free from all economic, financial and other relationships that could appear to entail dependence of any kind. Such a state is manifestly impossible as everyone has some dependency or relationship with another person. Nevertheless, it is possible objectively to test a Statutory Auditor's compliance with the concept of independence through a monitoring process: This would look first at the relevant circumstances in which the Statutory Auditor finds himself, and especially at any relationship or interest that he may have with respect to his task. Secondly, it would look at whether such an interest or relationship would cause a reasonable and informed third party, knowing all these circumstances, to conclude that the Statutory Auditor is independent, i.e. is capable of exercising objective and impartial judgement on all issues encompassed within the statutory audit engagement. In this sense, independence could be seen as a proxy for integrity and objectivity and be verified by a reasonable and informed third party. 2. RESPONSIBILITY AND SCOPE Responsibility It is the responsibility of statutory auditors, whether natural or legal persons, generally to comply with national law and national professional rules in respect of Statutory Audits. This includes rules on independence. In the case of a particular Statutory Audit, it is the appointed Statutory Auditor who is responsible for ensuring that the requirement for statutory auditors' independence is complied with. This requirement applies not only to himself and to the organisational entity forming the Audit Firm (assuming it is not the same legal person as the Statutory Auditor), but also to any other person who is in a position to influence the outcome of the Statutory Audit. A Statutory Auditor, or - if the Statutory Auditor is an individual - the Audit Firm that carries out the audit work, should have adequate systems to take all reasonable steps to ensure that individuals within the firm comply with its independence policies and procedures (see also A. 4.3). These systems could encompass, among others, such matters as internal organisation, employment contracts and sanctions. If a Statutory Auditor is a member of a Network, he should take all reasonable measures to ensure that, in as far as they are in a position to exert influence on the Statutory Audit, the entities within this Network, their owners, shareholders, partners, managers and employees all comply with the independence rules that apply in the jurisdiction where the audit opinion is to be issued. This could, for example, be achieved by: - contractual agreements which allow the Statutory Auditor to impose independence rules on his Network member firms, their Partners(3), managers and employees with regard to his particular Audit Clients, including inter-firm quality review procedures, and external quality assurance access; - providing his Network member firms with regular information on Audit Clients, and requiring these firms to provide regular information on their own business and financial relationships with such clients. This two-way flow of information is necessary to identify all relationships that his network member firms may have with an Audit Client and its Affiliates that might be affected by the Statutory Auditor's independence policies; - obligatory intra-firm consultation procedures in any case where there are doubts as to whether the Statutory Auditor's independence could be compromised by his Audit Client's relationship with one of the Network member firms. These instruments may also be appropriate to safeguard independence in situations where subcontractors or agents of the Statutory Auditor or the Audit Firm are involved in the audit, other than its Network member firms. For any particular audit engagement where the Statutory Auditor is an Audit Firm, the responsibility for determining the scope of persons to whom the independence requirement applies, and what instruments and rules it may be appropriate to apply to them, generally lies with the audit Engagement Partner(4). This individual will need to exercise adequate professional judgement in order to fulfil this task since it is his responsibility to assess whether or not the independence requirement is complied with. He should also be informed of any audit and non-audit relationship which the Statutory Auditor, the Audit Firm or the Network has with the client (see also "Audit Firm's Independence Policies" under A. 4.3.2). Determination of the scope A Statutory Auditor must recognise that threats to his independence may arise not only from his own relationships with the Audit Client but also from other direct or indirect relationships with other individuals and firms within his practice and in the audit environment. The Statutory Auditor has to assess actual and potential threats arising from client relationships with the natural and legal persons within the Engagement Team, within the Audit Firm and any Network of which it is a member. He also has to consider relationships with other persons, such as sub-contractors or agents for the Audit Firm or the Audit Client, including those engaged on non-audit matters, with relationships to another. In summary, he has to identify any person who is in a position to influence the outcome of the Statutory Audit. When considering the range of persons to whom independence requirements should apply, the Statutory Auditor must be sensitive to a variety of factors. These can include the size and legal and organisational structure of the Audit Client, the size, structure and internal organisation of the Audit Firm and of any of the Networks of which it is a member. The Statutory Auditor should also consider the volume and nature of services provided to the Audit Client by the Audit Firm or any of its Network member firms. For example, for a small Audit Firm of four or five Partners which is the Statutory Auditor to a company with three branches all in the same Member State, the independence rules would usually apply to: - the Engagement Partner, the Audit Team, and any Partner in their Chain of Command; - any Partner with responsibility for non-audit services to the same client; and - any other person within the firm who is, or might be seen to be, in a position to influence the outcome of the Statutory Audit. However, when the Statutory Auditor of a medium-sized multinational company is one firm in a Network, the scope of the rules might extend to: - the Engagement Partner and Audit Team in the Statutory Auditor; - any Partner and Audit Team member in the same firm or in another firm in the Network who participates in the audit of the client's overseas entities, including any in centralised services or specialist discipline units which contribute to such work; - any Partner in the same firm or in another firm in the Network who participates in the provision non-audit services to the client; - any Partner in the Chain of Command (either in the jurisdiction where the audit opinion is to be delivered or in an overseas country where audit or non-audit work is done for the Audit Client); and - any other person within the firm or another firm in the Network who is in a position to influence the outcome of the Statutory Audit. In either case, the independence requirements apply equally to everyone falling within their scope; the difference lies in the number of people the Statutory Auditor may need to consider for inclusion within it. Persons other than members of the Engagement Team or the Chain of Command The Statutory Auditor should give further consideration to other persons who, even if they are not part of the Engagement Team or the Chain of Command, might influence the outcome of the Statutory Audit. These might include: - owners or shareholders of the Audit Firm with potential influence by virtue of the significance of their voting rights. Where, for example, there are only a few owners or shareholders of an Audit Firm, every owner or shareholder might be considered as being in a position to influence the outcome of the Statutory Audit; - individuals who have supervisory or direct management responsibility for the audit function at successive levels in any location where members of the Audit Team are employed; - other audit and non-audit Partners with potential influence by virtue of their working relationship with a member of the Audit Team. Depending on factors such as the size and the internal organisation of an office, practice unit, Audit Firm, or even Network, all Partners of such an entity might be considered as being in a position to influence the outcome of the Statutory Audit. The Statutory Auditor must also consider whether, there might be persons outside the Audit Firm or its Network who, due to their relationship with persons within the firm or group, have or appear to have an ability to influence the outcome of the Statutory Audit. Examples might include: - family members or other close personal contacts of members of the Engagement Team or Chain of Command who hold significant financial interests in the Audit Client or who hold a key position with the client or an entity with significant interests in it (see B. 6); or - individuals or entities with financially significant commercial relationships with either the Statutory Auditor and his firm or the Audit Client. These could include major suppliers, customers or contractors. The Statutory Auditor will need to identify those individuals in the Audit Firm or the Network whose involvement in the audit engagement might be affected by such an external influence, either in fact or in appearance, taking into account the fact that he would not be able to impose his independence rules on persons outside the Audit Firm or its Network. 3. INDEPENDENCE THREATS AND RISK In order to avoid or resolve facts and circumstances that might compromise a Statutory Auditor's independence, it is essential firstly to identify the threats to independence which arise in specific circumstances. Secondly, one must evaluate their significance so as to determine the level of risk that a Statutory Auditor's independence may be compromised. The more clearly a Statutory Auditor is able to identify the nature of the threats, the more clearly he can judge the level of risk to his independence that they create. Based on their general nature the following types of threats to independence have been recognised: - Self-interest threat: the Statutory Auditor's independence may be threatened by a financial or other self-interest conflict (e.g., direct or indirect financial interest in the client, over-dependence on the client's audit or non-audit fees, the desire to collect outstanding fees, fear of losing the client); - Self-review threat: relates to the difficulty of maintaining objectivity in conducting self-review procedures (e.g., when taking decisions, or taking part in decisions, that should be taken wholly by the Audit Client's management; or when any product or judgement of a previous audit or non-audit assignment performed by the Statutory Auditor or his firm needs to be challenged or re-evaluated to reach a conclusion on the current audit); - Advocacy threat: the Statutory Auditor's independence may be threatened if the Statutory Auditor becomes an advocate for, or against, his client's position in any adversarial proceedings or situations (e.g. dealing in or promoting shares or securities in the client; acting as an advocate on behalf of the client in litigation; when the client litigates against the auditor); - Familiarity or trust threat: a risk that the Statutory Auditor may be over-influenced by the client's personality and qualities, and consequently become too sympathetic to the client's interest through, for example, too long and too close relationships with client personnel, which may result in excessive trust in the client and insufficient objective testing of his representations. - Intimidation threat: covers the possibility that the auditor may be deterred from acting objectively by threats or by fear of, for example, an influential or overbearing client. The significance of a particular threat depends on a variety of (quantifiable and non-quantifiable) factors such as its force, the status of the person(s) involved, the nature of the matter causing the threat, and the overall audit environment. When evaluating the significance of a threat the Statutory Auditor also has to consider that different kinds of threats may arise in one set of circumstances. With regard to one certain set of circumstances a threat can be considered significant if, considering all of its quantitative and qualitative aspects, both alone and in combination with others, it increases the level of independence risk to an unacceptably high level. 4. SYSTEMS OF SAFEGUARDS Where threats to statutory auditors independence exist, the Statutory Auditor should always consider and document whether safeguards are appropriately applied to negate or reduce the significance of threats to acceptable levels. The safeguards to be recognised relate to different responsibilities in the audit environment, including the governance structure of the Audit Client (see A. 4.1), the entire system of self-regulation, public regulation and oversight of the audit profession including disciplinary sanctions (see A. 4.2), and the Statutory Auditor's system of internal quality control (see A. 4.3). Level of independence risk The level of independence risk can be expressed as a point on a continuum that ranges from "no independence risk" to "maximum independence risk." Although it cannot be measured precisely, the level of independence risk for any specific activity, relationship, or other circumstance that may pose a threat to a Statutory Auditor's independence can be described as being within, or at one of the endpoints, on the independence risk continuum. The Statutory Auditor and any other person involved in a decision concerning the independence of the Statutory Auditor in relation to his client (e.g., regulatory bodies, other statutory auditors who are consulted for advice) need to evaluate the acceptability of the level of independence risk that arises from specific activities, relationships, and other circumstances. That evaluation requires these independence decision makers to judge whether existing safeguards eliminate or adequately mitigate threats to independence posed by those activities, relationships, or other circumstances. If they do not, a further decision has to be made on which additional safeguard (including prohibition) or combination of safeguards would reduce independence risk, and the corresponding likelihood of compromised objectivity, to an acceptably low level. 4.1. Audited entities' safeguards 4.1.1. Governance structure's impact on independence risk assessment When analysing governance responsibilities in the Audit Client which may help to safeguard its Statutory Auditor's independence, it is appropriate to differentiate between the governance structure of a Public Interest Entity client(5) and that of an Audit Client with relatively little public interest. This differentiation is relevant both to the corporate governance task, which is to particularly protect actual and potential investors, and to the appearance of the Statutory Auditor's independence. Audit Clients of public interest With regard to the appearance of independence in relation to a Public Interest Entity(6) client, the Statutory Auditor has to consider the whole variety of possible perceptions of the national, regional or even international public. In this respect corporate governance plays an important role in safeguarding statutory auditors' independence. Statutory auditors are formally appointed by a majority vote of the shareholders at the Annual General Meeting. Shareholders often appoint the Statutory Auditors recommended to them by management. This is particularly the case if no additional approval is required by any Governance Body(7) of the Audit Client other than management (e.g. supervisory board, non-executive directors, audit committee) or by any regulatory body (e.g. regulatory authority of a certain industry)(8). This does not necessarily protect the interests of minority shareholders or potential investors, nor does it contribute to the safeguarding of statutory auditors' independence. Accordingly, governance structures within an entity being audited should ensure that the appointment of the Statutory Auditor is made in the interests of its shareholders, and that during the engagement the Statutory Auditor performs his work in the same interests. If, for example, a supervisory board or an audit committee is to be effective in accomplishing its task of over-seeing the financial reporting process, it must rely in part on the work, guidance and judgment of the Statutory Auditor. Integral to this reliance is the requirement that the Statutory Auditor performs his service independently. In order to determine the significance of a threat to independence and to evaluate the level of the independence risk (see A. 3 and A. 4), the Statutory Auditor should carefully consider whether the audited entity's governance structure provides an appropriate infrastructure to generally safeguard its statutory auditors independence. The analysis of such an infrastructure may include issues such as: - the involvement of a Governance Body in the Statutory Auditor's appointment (e.g., formal approval of management's recommendation only or. active participation in negotiations with the potential Statutory Auditor); - the duration of the Statutory Auditor's appointment (one audit vs. long-term contract); - the involvement of a Governance Body in commissioning non-audit services from the Statutory Auditor, the Audit Firm or from any entity within the Network of which it is a member (e.g., no involvement or active participation when negotiating significant engagements); - the existence of oversight and communications regarding the Statutory Audit and other services provided to the audited entity by the Statutory Auditor, the Audit Firm or its Network, and the frequency of such communications with the Statutory Auditor. Other Audit Clients When auditing clients other than Public Interest Entities, the Statutory Auditor should still analyse whether the governance infrastructure of the Audit Client provides general safeguards to his independence. Where the client has no Governance Body, the Statutory Auditor should analyse whether the Audit Client's management policies provide safeguards to his independence and whether there are specific threats which could be addressed by appropriate policies within the entity. Such policies might include internal procedures for objective choice in commissioning non-audit services. The Statutory Auditor should also consider the quality and quantity of staff in the Audit Client. This may be particularly relevant when assessing the risk of taking managerial decisions on behalf of the client. For example, where the client has an insufficient number of staff, the Statutory Auditor may find himself taking such decisions without meaning to. 4.1.2. Involvement of the Governance Body As stated under A. 4.1.1, to some extent it is the responsibility of the Audit Client to safeguard the independence of its Statutory Auditor. Discussions between the Statutory Auditor and the Governance Body of the client are the main means to establish a link between the Statutory Auditor's own safeguards and those of the Audit Client. To protect himself and to allow the quality assurance regime (see A. 4.2) to verify his compliance with this requirement, whenever deemed necessary, but at least annually the Statutory Auditor should initiate the process by writing to the Audit Client to invite him to discuss these issues. Disclosure of fees The disclosure to the Governance Body of fee relationships between the Statutory Auditor, the Audit Firm and its Network members and the Audit Client and its Affiliates will help the Governance Body to evaluate the impact of these relationships on the Statutory Auditor's independence. If necessary, the Governance Body may require additional measures to safeguard the independence of the Statutory Auditor. In this regard, the disclosure should be made on a regular basis, but at least annually, before the audit engagement is accepted or renewed. In addition, the disclosure should be more detailed and wider than required for publication purposes (see A. 5). In particular, it should extend to the amounts charged and contracted for, to the value of outstanding service contracts or arrangements, to current proposals or bids for future service engagements, and to compensation received or expected from contingent fee arrangements on non-audit services (see B. 8.1), each broken down by type of service. 4.2. Quality assurance To ensure that Statutory Auditors comply with professional standards, including the independence requirement, a control or enforcement system is needed. Safeguards and procedures to be considered include the effectiveness of the overall control environment. This starts with a professional approach towards matters of quality and ethics and takes account of the levels of assurance provided by a regularly monitored and evidenced control system. One way to enforce independence requirements is the Member State system for quality assurance on Statutory Audits. The Commission Recommendation on "Quality Assurance for the Statutory Audit in the EU" recommends that statutory auditors' compliance with ethical principles and rules, including independence rules, should be subjected to quality review procedures. As the recommended systems of quality assurance include public oversight, they are also able to address the public perception of independence issues. 4.3. The Statutory Auditor's overall safeguards 4.3.1. Ownership of and control over Audit Firms Need to safeguard control over the Audit Firm For an Audit Firm to be authorised to carry out Statutory Audits, Article 2.1 b) ii) of the 8th Company Law Directive requires the majority of the Audit Firm's voting rights to be held by statutory auditors. These persons must be approved by a competent authority of any of the EU Member States, i.e., natural persons or firms who satisfy at least the minimum conditions of that Directive. Without any further restrictions, this would allow Audit Firms to raise capital on capital markets by either private or public offerings. Some Member States regard such funding as raising serious concerns about statutory auditor independence. As a result, they have imposed more restrictive rules on the ownership of Audit Firms (e.g. allowing a maximum of 25 % ownership by individuals who are not statutory auditors, or restricting minority ownership to members of certain regulated professions only). There is a concern as to whether holding majority voting rights is sufficient to ensure that statutory auditors control the firm. For example, if one non-auditor held 49 % of the voting rights and the other 51 % were divided amongst a number of statutory auditors, the non-auditor owner could have effective control of the Audit Firm. In this respect, careful attention should be paid to the resulting threats to statutory auditors independence. Consideration should also be given to the safeguards needed to avoid such situations. These might include, for example, limiting the voting rights of a single non-auditor owner to 5 % or 10 % of the whole. Where only a few statutory auditors hold the majority of the voting rights in an Audit Firm, it may be appropriate to allow certain individuals to hold a higher proportion than this. In particular, this may be appropriate if these individuals are members of a regulated profession (e.g., lawyers, notaries), or other persons (e.g., management or other professional consultants) whose professional activities rest with the Audit Firm or with one of its Network members. The risks that relationships between the Statutory Auditor, the Audit Firm and a non-auditor owner of the Audit Firm and an Audit Client might compromise the Statutory Auditor's independence should be addressed by reference to A. 2, which sets out the scope of persons to which the independence requirement applies, and B. 1 and B. 2, which consider the financial and/or business links which may exist between them. 4.3.2. The Audit Firm's internal safeguarding system As far as the Statutory Auditor is concerned, he has to comply with independence standards, regardless of whether those are imposed by law or regulators, or by professional bodies as part of a self-regulatory regime, or adopted voluntarily by the Audit Firm as part of its own policies. In order to ensure his compliance the Statutory Auditor needs to set up a system of related safeguards, or - if the Statutory Auditor and the Audit Firm are not identical legal persons - at least require the Audit Firm to do so. Audit Firm's independence policies An Audit Firm should develop independence policies covering activities that are acceptable and not acceptable when performed for Audit Clients or their Affiliates. Regardless of the way in which detailed independence standards are developed, the objective is to enforce appropriate implementation and maintenance of Statutory Auditors' safeguards and to encourage their continuous improvement. Accordingly, an Audit Firm's independence policies should be flexible enough to allow for their regularly update. Such an update could arise due to changing circumstances and facts or when independence standards themselves change due to a change in public expectations. The design and documentation of the Audit Firm's independence policies should reflect the immediate practice environment (e.g., size and organisational structure of the Audit Firm). It should also reflect the audit environment (e.g., client and business portfolio of the Audit Firm and others outside the Audit Firm who are involved in Audit Firm's assignments). An Audit Firm must have appropriate policies and procedures in place to ensure that the relevant Engagement Partner is notified of any other relationship which exists between the firm and its Network member firms, and the Audit Client and its Affiliates. This includes the requirement that the Engagement Partner has to be consulted prior to acceptance of any assignment from the Audit Client or its Affiliates. It is then the responsibility of the Engagement Partner to assess whether any such relationship may reasonably be thought to affect the independence of the Statutory Auditor. For practical reasons, particularly with regard to group audit situations, this assessment may be partially delegated to other Audit Partners. For example, an Audit Partner of the Audit Team in a particular country should be notified of, and should assess the impact of, all (existing and potential) relationships in that country. However, the Engagement Partner should always be involved in the independence risk assessment of any significant relationship. In cases where the Audit Client has a Governance Body (see A. 4.1), it will be appropriate to involve that body in the process of assessing the independence risk. Where persons other than the Audit Firm, its Partners, managers and employees are involved with the Audit Client or in the audit assignment (e.g.; subcontracted specialists, Network member firms), the Audit Firm's independence policies should also address requirements and consultation processes needed to prevent these persons from causing an unacceptable level of independence risk for the Statutory Auditor. In order to ensure that its Partners, managers and employees comply with its independence policies, the Audit Firm will need to communicate its policies appropriately, and to train these individuals on a regular basis. This should also include informing them about sanctions for independence policy violations. Procedures to be applied In accordance with the independence policies adopted by an Audit Firm and depending on its size, the procedures to be applied by Partners, managers and employees may vary. For a small Audit Firm it might be appropriate to consider its independence only on a case by case basis, and then to decide on certain procedures to mitigate the independence risk. However, for a large Audit Firm it might be necessary to establish routine procedures in order to detect even hypothetical threats to the Statutory Auditor's independence. For example, to detect a self-interest threat resulting from financial or business relationships, it might be necessary for such an Audit Firm to maintain a regularly updated database (e.g., restricted entity list). Such a database could provide all Partners, managers and employees with information on all Audit Clients that may give rise to a self-interest threat if they fulfil certain criteria. This database should be available to anyone within the Audit Firm who may be in a position to influence the outcome of any Statutory Audit. The operation of this safeguarding system will require these individuals to regularly provide the Audit Firm with certain personal and client information. Depending on its size and structure, it might also be appropriate for an Audit Firm or Network to establish internal procedures to ensure that there is appropriate consultation across the firm or Network about any client where the significance of an independence threat is unclear. This consultation would involve experienced Partners who are not involved in the Audit Client's affairs and who are not impacted by the independence threat in question. Documentation of independence assessment The main purpose of the Statutory Auditor's documentation of his independence assessment on a certain Audit Client is to provide evidence that he performed his assessment properly. It is appropriate for such documentation to be included in the audit files. Internal monitoring of compliance The monitoring of compliance with the Audit Firm's independence policies should be an integral function of the Audit Firm's quality review structure. Large Audit Firms may designate this task to quality control specialists, or even independence specialists. This may not be appropriate for small and medium sized Audit Firms which generally only assess their independence on a case by case basis. However, such firms should at least have their individuals' compliance reviewed by a Partner who is not a member of the particular Engagement Team. In the case of sole practitioners and of small partnerships where either all Partners are in the Engagement Team or the involvement of any other Partner outside the Engagement Team would increase the level of independence risk (e.g., when this Partner provides significant non-audit services to the Audit Client), the Statutory Auditor should either seek advice from his professional regulatory body or ask for a review by another statutory auditor. 5. PUBLIC DISCLOSURE OF FEES A Statutory Auditor should be able to demonstrate that his independence has not been compromised by providing non-audit services to an Audit Client for which the remuneration he receives is disproportionate to the fees he was paid for the Statutory Audit. This should also be in the interest of the relevant Audit Client (see also A. 4.1.2), since it will add credibility to its published financial information. Public disclosure requirements imposed by Member States through national law or their relevant regulatory bodies should enable a reasonable and informed third party to take a view on the extent of any imbalance between statutory audit and other fees. To assist such assessment, the fees received for other than statutory audit services should be broken down into three broad categories (further assurance, tax advisory and other non-audit services) reflecting the different kinds of services which may have been provided. Regarding the category other non-audit services, at least the minimum information about the provision of financial information technology, internal audit, valuation, litigation and recruitment services should be given. It may also be appropriate to identify particular engagements which make up a significant proportion of a particular (sub-)category. B. SPECIFIC CIRCUMSTANCES 1. FINANCIAL INTERESTS The term "financial interest" would usually comprise the whole variety of financial interests that the Statutory Auditor himself, his Audit Firm or any other person within the scope of section A. 2 may have in an Audit Client or in any Affiliate of the client. The term includes "direct" and "indirect" financial interests such as - direct or indirect shareholding in the Audit Client or its Affiliates, - holding or dealing in securities of the Audit Client or its Affiliates, - accepting pension rights or other benefits from the Audit Client or its Affiliates. Commitments to hold financial interests (e.g. contractual agreements to acquire a financial interest) and derivatives which are directly related to financial interests (e.g., stock options, futures, etc.) should be dealt with in the same way as would an already existing financial interest. Direct financial interests When a person who is directly involved in the conduct of the statutory audit (the Statutory Auditor, the Audit Firm, an individual in the Engagement Team or within the Chain of Command) holds a direct financial interest in the Audit Client, such as shares, bonds, notes, options, or other securities, the significance of the self-interest threat is considered to be too high to enable any safeguards to reduce the Statutory Auditor's independence risk to an acceptable level. In such a case the Statutory Auditor either has to withdraw from the engagement or, if an individual of the Audit Firm holds the direct financial interest, has to exclude this individual from the engagement. Where a direct financial interest in the Audit Client is held by a Partner of the Audit Firm or its Network who works in an "Office" the perception of self-interest is considered as being too high to allow this situation to be maintained. Indirect financial interests The term "indirect financial interest" refers to situations where, for example, a person within the scope of A. 2 has investments in non-client entities that have an investment in the Audit Client, or in companies in which an Audit Client also has invested. A person within the scope of A. 2 should not hold such an indirect financial interest where the self-interest threat resulting from this financial involvement is significant. This is particularly the case when an indirect shareholding in the Audit Client allows or appears to allow that person to influence management decisions of the Audit Client (e.g., by significant indirect voting rights), or when the direct shareholder due to any circumstance could or appears to be able to influence the outcome of the Statutory Audit. In addition, an unacceptable level of independence risk can also arise in situations where the Statutory Auditor or any other person within the scope of A. 2 serves as a voting trustee of a trust or executor of an estate containing securities of an Audit Client. However, this will only be the case when there are no appropriate safeguards to mitigate this risk such as supervision and control by beneficiaries, governmental authorities or courts. On the other hand, the potential self-interest threat to the Statutory auditor's independence may be regarded as insignificant to the independence risk if, for example, when holding indirect financial interests in the Audit Client - the financial interest is directly held by an investment fund, pension fund, UCITS or an equivalent investment vehicle, and - the person holding the indirect interest is not directly involved in the audit of the fund manager, nor able to influence the individual investment decisions of the fund manager. External events If a financial interest is acquired as a result of an external event (e.g. inheritance, gift, merger of firms or companies) and a further holding of that interest would create a significant threat to the Statutory Auditor's independence, it must be disposed of as soon as practicable, but no later than one month after the person has knowledge of and the right to dispose of the financial interest. Where the interest is in a listed company and has been acquired by way of inheritance, for example, the shares should be sold within a month after having both the knowledge of the inheritance and the right to sell the shares in accordance with applicable stock exchange regulations that govern the disposal or sale of shares by those with insider knowledge. Until the financial interest is disposed of, additional safeguards are needed to preserve the Statutory Auditor's independence. For example, where a Statutory Auditor becomes aware that a member of the Engagement Team has acquired shares in a client as the result of inheritance, that individual should not continue to be a member of the Engagement Team until the shares have been sold. He should also be excluded from any substantive decision making concerning the Statutory Audit of the client until the shares have been sold. Inadvertent violations There will be occasions where the Statutory Auditor becomes aware that an individual in his Audit Firm inadvertently holds a financial interest in an Audit Client or in one of its Affiliates which, in general, would be regarded as a violation of independence requirements. Such inadvertent violations will not compromise the Statutory Auditor's independence with respect to an Audit Client, provided that the Statutory Auditor - has established procedures that require all professional personnel to report promptly any breaches of the independence rules resulting from the purchase, inheritance or other acquisition of a financial interest in an Audit Client by such individuals (see also A. 4.3.2); - promptly notifies the individual to dispose of the financial interest at the earliest opportunity after the inadvertent violation is identified; and - takes particular care when reviewing the relevant audit work of this individual. Where it proves impossible to compel the individual to dispose of the financial interest, the individual should be removed from the Engagement Team. Where an individual other than a member of the Engagement Team inadvertently holds a financial interest that may compromise the Statutory Auditor's independence, this individual should be excluded from any substantive decision making concerning the Statutory Audit of the client. Whatever financial involvement exists, it is primarily the Statutory auditor's safeguarding system (see A. 4.3) which should provide evidence that the threats to independence have been identified and investigated. Where appropriate, the evidence should also refer to the involvement of the client's Governance Body in this process. In addition, wherever a decision has been taken about whether or not the threats are significant, the reasons behind that decision should be recorded. 2. BUSINESS RELATIONSHIPS Business relationships Business relationships are relationships that involve a commercial or financial common interest between the Statutory Auditor, the Audit Firm or any other person being in a position to influence the outcome of the Statutory Audit (any person within the scope of A. 2) on the one hand and the Audit Client, an Affiliate of the client, or the management thereof on the other. The following are examples of such relationships that would, if significant to the auditor or conducted outside the normal course of business, cause a self-interest, advocacy or intimidation threat: - having a financial interest in a joint venture with the Audit Client, or with an owner, managing director or other individual who performs senior management functions of that client; - having a financial interest in a non-audit client that has an investor or investee relationship with the Audit Client; - giving a loan to the Audit Client or guarantees for the Audit Client's risks; - accepting a loan from an Audit Client or having borrowings guaranteed by the Audit Client; - providing services to a managing director or another individual performing a senior management function of the Audit Client in respect of the personal interest of such individual; - receiving services from the Audit Client or its Affiliates which concern underwriting, offering, marketing or selling of securities issued by the audit firm or one of its group member firms. Commitments to establish such relationships should be dealt with in the same way as an already established relationship. In the normal course of business In the normal course of its business, a Statutory Auditor may not only provide audit or non-audit services to the Audit Client or to its Affiliates, but may also purchase goods or services from these entities. Examples could include insurance and bank services, commercial loan agreements, the purchase of office equipment, EDP software, or company cars. If these transactions are performed at arm's length (as between third parties), they generally do not threaten the Statutory Auditor's independence (e.g. purchase of goods which are offered under normal wholesale discount terms, and are available to the whole of the client's other customers). However, the Statutory Auditor should carefully consider the risk that even an arm's length transaction could reach a magnitude which threatens his independence by creating financial dependencies, either in fact or at least in appearance. Accepting any goods or services on favourable terms from an Audit Client is not considered to be within the normal course of business, unless the value of any benefit is insignificant. Significance of independence risk Whether a business relationship should be regarded as a significant threat to the Statutory Auditor's independence depends on whether a reasonable and informed third party would assume that such a relationship could have an influence on the outcome of the Statutory Audit. Objective criteria are therefore needed in order to evaluate the significance of a relationship to the Statutory Auditor, as well as to the Audit Client. With regard to the financial statements and the audit task, the relationship should not result in the Statutory Auditor, the Audit Firm or one of its Network members being able to influence management decisions of the Audit Client. Conversely, the relationship should not enable the Audit Client, or one of its Affiliates to influence the outcome of the Statutory Audit, either in fact or in appearance. Whatever business relationship exists, it is primarily the Statutory auditor's safeguarding system (see A. 4.3) which should provide evidence that the threats to independence have been identified and investigated. Where appropriate, the evidence should also refer to the involvement of the client's Governance Body in this process. In addition, wherever a decision has been taken about whether or not the threats are significant, the reasons behind that decision should be recorded. Provision of statutory audit services The threat to independence is considered too high to permit a Statutory Auditor, an Audit Firm or any member of its Network to provide statutory audit services to an owner of the Audit Firm. The provision of audit services to an Affiliate of such an owner is also considered incompatible with the independence requirement when that owner is, or appears to be, in a position to influence any decision-making of the Audit Firm that impacts on its statutory audit function. Such an influence may arise, for example, due to the percentage of the voting rights that the owner holds in the Audit Firm. It could also arise due to the nature of the position held by the owner or one of the owner's representatives in the Audit Firm. A position of potential concern might include a director or senior manager of the owner being a member of the Audit Firm's supervisory board. Furthermore, the Statutory Auditor should also consider whether the provision of audit services to those clients could compromise his independence where the clients officers, directors or shareholders either hold a significant amount of voting rights of the Audit Firm or, otherwise, are, or appear to be, in a position to influence the firm's decision-making with regard to its statutory audit function. 3. EMPLOYMENT WITH THE AUDIT CLIENT Dual employment and loan staff agreements The risk to the Statutory Auditor's independence is considered too high to permit a person within the scope of A. 2 who is employed by the Audit Firm and/or its Network member firm to also be employed by the Audit Client and/or one of its Affiliates. The Statutory Auditor's policies and procedures (see A. 4.3.2) should provide for adequate measures to identify any instance of such dual employment. The Statutory Auditor should also carefully consider those situations where an individual employed by the Audit Firm or a Network member firm works under any loan staff agreement with the Audit Client or one of its Affiliates. A loan staff agreement means an engagement where an employee of the Audit Firm or Network works under the direct supervision of the client and does not originate any accounting transaction or prepare original data that is not subject to review and approval by the client. Such an assignment may be acceptable, provided that the individual does not take a position where he can influence the outcome of the Statutory Audit. If an individual is to be assigned to the Engagement Team having completed such a loan staff engagement, he should not be given audit responsibility for any function or activity that he was required to perform or supervise during the former loan staff assignment (see also B. 5 below). Engagement team member joining the Audit Client The overall safeguarding system of the Audit Firm (see A. 4.3) should include policies and procedures that can be adapted to suit the specific circumstances. These will, for example, depend upon a number of factors such as: - the position of the departing individual at the Audit Firm (e.g. Partner vs. senior or other professional), - the circumstances which lead to the departure (e.g. retirement, termination, voluntary withdrawal), - the position the departing individual is taking at the client (e.g., managerial position vs. position with insignificant influence on the financial statements), - the length of time that has passed since the individual left the Audit Firm, and - the length of time that has elapsed since the departing individual performed services related to the audit engagement. Second Partner's review In cases, where the individual leaving the Audit Firm was an Engagement or Audit Partner, the required review by another Audit Partner should also consider the risk that the former partner might have been influenced by the client during the previous audit. In addition, the former partner may have established close relationships with other Audit Team members which might threaten the independence of those staying on the Audit Team. Finally, the former partner could use his knowledge of the current audit approach and testing strategy to circumvent the audit designs. It might be appropriate for a small Audit Firm which is not able to perform a second Partner's review either to have a similar review performed by another statutory auditor or, at least, to seek advice from its professional regulatory authority. 4. MANAGERIAL OR SUPERVISORY ROLE IN AUDIT CLIENT The acceptance of a managerial or supervisory role in an Audit Client is not the only potential concern with regard to intimidation and self-review threats. Such threats can also arise when an individual within the scope of A.2 becomes a member of a managerial or supervisory body of an entity that is not an Audit Client (non-client entity), but is either in a position to influence the Audit Client or to be influenced by the Audit Client. In these cases, the level of independence risk is unacceptably high. The acceptance of such positions should therefore be prohibited. Where national law requires members of the audit profession to undertake supervisory roles in certain companies, safeguards must ensure that such professionals do not have any responsibility with regard to the Engagement Team. B.4 (2) recognises that a former member of an Engagement Team who leaves the Audit Firm, whether to retire or to take up a post with a non-client entity, might be invited to take a non-executive post on a management or supervisory body of the Audit Client. In such cases, the Audit Firm will need to ensure that the requirements of B. 3(3) and (4) are met. 5. ESTABLISHING EMPLOYMENT WITH AUDIT FIRM When a director or manager of an Audit Client joins the Audit Firm, the self-review threat is considered as too high to be mitigated by any safeguard other than the prohibition of such a person from becoming a member of the Engagement Team or from taking part in any substantive decisions concerning the client's audit for a two-year period. Where a former employee of the Audit Client joins the Audit Firm, the significance of the self-review threat will relate to the responsibilities and tasks this employee had at the Audit Client and those he is going to take at the Audit Firm. For example, if the former employee prepared accounts or valued elements of the financial statements, the same safeguards would apply as for a director or manager; on the other hand, when the former employee held, for example, a non-management position in a branch of the Audit Client, the self-review threat may be mitigated if his activities as a member of the Engagement Team do not relate to that branch. 6. FAMILY AND OTHER PERSONAL RELATIONSHIPS The Statutory Auditor must be able to assess the risk to his independence when he or any member of the audit Engagement Team or the Chain of Command, or any Partner in an "Office" which includes himself or such an individual, has any close family member or any other close personal relationship with anyone who meets the criteria under 1(a) to (d). His consideration of the facts should be based on his knowledge of the circumstances of all relevant individuals within the Audit Firm or its Network. Policies and procedures should be in place that require such individuals to disclose to the best of their knowledge, on which the Statutory Auditor would then rely, any fact or circumstance which need to be taken into account. The Statutory Auditor should evaluate all such information, determine whether any of the criteria are met and take any necessary mitigating action within a reasonable period of time. This might include refusal of the engagement, or exclusion of an individual from the Engagement Team or the "Office". The Audit Firm's policies and procedures should make it clear that it is the responsibility of individuals in the Engagement Team or Chain of Command or "Office" to assess to the best of their knowledge who are, or might appear to be, their close family members and close non-family contacts. They should disclose any relevant facts or circumstances in respect of a particular Audit Client to the Audit Partner in charge of the engagement. Close family members The term "close family member" normally refers to parents, siblings, spouses or cohabitants, children and other dependants. Depending on the different cultural and social environments in which the audit takes place, the term may extend to other family members who may have less immediate but not necessarily less close relationships with the relevant individual. These could include former spouses or cohabitants and the spouses and children of family members. Close non-family relationships Close relationships other than family ones are hard to define, but could include a relationship with any person other than a family member which entails frequent or regular social contact. Inadvertent violations There will be occasions where the Statutory Auditor becomes aware that an individual in his Audit Firm inadvertently has not reported to the firm a family or other personal relationship with an Audit Client which, in general, would be regarded as a violation of independence requirements. Such inadvertent violations will not compromise the Statutory Auditor's independence with respect to an Audit Client, provided that the Statutory Auditor - has established procedures that require all professional personnel to report promptly any breaches of the independence rules resulting from changes in their family or other personal relationships, the acceptance of an audit sensitive position by their close family members or other close persons (i.e., those falling within the scope of (1)(a) and (1)(b) above), or the purchase, inheritance or other acquisition of a significant financial interest in an Audit Client by such family members or persons; - promptly removes the individual from the Engagement Team, or if the individual is not a member of the Engagement Team, excludes him from substantive decisions concerning the Statutory Audit of the relevant client. In the case of a significant financial interest, he should notify the individual to ensure that the financial interest is disposed of at the earliest opportunity after the inadvertent violation is identified; and - takes particular care when reviewing the relevant audit work of this individual. 7. NON-AUDIT SERVICES 7.1. General Independence from Audit Client's decision-making The self-review threat is always considered too high to allow the provision of any services other than statutory audit work that involves the Statutory Auditor in any decision-making of either the Audit Client, any of its Affiliates, or the management of such an entity. Therefore, if the Statutory Auditor or a member within his Network intends to provide non-audit services to an Audit Client or to one of its Affiliates, the Statutory Auditor has to ensure that any individual acting for or on behalf of the Audit Firm or its Network member does not take any decision for, nor take part in any decision-making on behalf of, the Audit Client, any of its Affiliates or the management of such an entity. Any advice or assistance related to any service provided by the Statutory Auditor or the Audit Firm should give the Audit Client, a client's Affiliate or the management of such an entity the opportunity to decide between reasonable alternatives. This does not prevent the Statutory Auditor, Audit Firm or one of its Network members from making recommendations to the Audit Client. However, such advice should be justified by objective and transparent analyses in the expectation that the Audit Client will review the recommendations before reaching any decision. If the Audit Client is seeking advice where, due to legal or regulatory provisions, only one solution is available, the Statutory Auditor should ensure that his documentation refers to these provisions (e.g. quotes the relevant law, includes advice from external professionals). 7.2. Examples - analysis of specific situations Business and financial markets are evolving continuously and information technologies are changing rapidly. These developments have significant consequences for management and control. With this state of change, it is not possible to draw up a comprehensive list of all those situations where the provision of non-audit services to an Audit Client would create a significant threat to statutory auditors' independence. Neither is it possible to list the different safeguards which may exist to mitigate such threats. The examples which follow describe specific situations that could compromise a Statutory Auditor's independence. They also discuss the safeguards which may be appropriate to reduce the independence risk to an acceptable level in each circumstance. In practice, the Statutory Auditor will need to assess the implications of similar, but different circumstances, and to consider what safeguards would satisfactorily address the independence risk in the judgement of an informed third party. 7.2.1. Preparing accounting records and financial statements Spectrum of involvement in the preparation process There is a spectrum of involvement by the Statutory Auditor (including his Audit Firm, Network member firms, or any employees thereof) in the preparation of accounting records and financial statements. At one end of the spectrum, the Statutory Auditor may prepare prime accounting records, do the bookkeeping and prepare the financial statements, as well as performing the Statutory Audit of these financial statements. In other cases, the Statutory Auditor helps his Audit Client in the preparation of the financial statements on the basis of the trial balance, assisting his Audit Client in the calculation of the closing entries (calculation of accruals, bad debts, depreciation, etc.). At the other end of the spectrum, the Statutory Auditor does not participate in any part of the preparation process. Even in the latter case, the Statutory Auditor who detects shortcomings in the Audit Client's proposed disclosures will normally suggest and draft the amendments required. This is part of the Statutory Audit mandate and should not be considered as the provision of a non-audit service. While management always has responsibility for the presentation of the financial statements, the end result is that it is uncommon for a set of financial statements to appear where the Statutory Auditor has had no hand whatsoever in the presentation or drafting. Nature of assistance and advice The Audit Client and its management must be responsible for the financial statements and for maintaining accounting records. The Statutory Auditor's safeguards must at least ensure that, when providing bookkeeping-related assistance, the accounting entries and any underlying assumptions (e.g. for valuation purposes) are originated by the client. In addition, the Statutory Auditor should not be involved in the decision-making of the Audit Client or its management in respect of the entries or assumptions. The Statutory Auditor's assistance should therefore be limited to carrying out technical or mechanical tasks and to providing advisory information on alternative standards and methodologies which the Audit Client might wish to apply. Examples of assistance which compromise independence include the following: - determining or changing journal entries, or the classifications for accounts or transactions, or other accounting records without obtaining the client's approval; - authorising or approving transactions; or - preparing source documents or originating data (including decisions on valuation assumptions), or making changes to such documents or data. Examples of assistance which would not necessarily compromise independence could include: - performing mechanical bookkeeping tasks, such as recording transactions for which the Audit Clients management has determined the appropriate account classification; posting coded transactions to a client's general ledger; posting client-approved entries to a client's trial balance; or providing certain data-processing services; - informing the client about applicable accounting standards or valuation methodologies for the client to decide which should be adopted. Level of public interest The self-review threat that arises when a Statutory Auditor assists in the preparation of the accounting records or financial statements of a Public Interest Entity is perceived to be so high that it cannot be mitigated by safeguards other than the prohibition of any such assistance that goes beyond the statutory audit mandate (i.e., any assistance other than the suggestion and drafting of amendments during the due course of the Statutory Audit, after having detected shortcomings in the Audit Client's proposed disclosures). In any case, where the Statutory Auditor is asked to participate in the preparation of an Audit Client's accounting records or financial statements, he should carefully consider the public perception in relation to his task. This may depend on the size and structure of the Audit Client as well as on the business environment in which this client operates at either a local, regional or national level. Where the threat is perceived to reach a level that would cause the public to question his independence, the Statutory Auditor should not accept the engagement. Emergency situations In emergency cases, a Statutory Auditor may participate in the preparation process to an extent which would not be acceptable under normal circumstances (see (2) and (3) above). This might arise when, due to external and unforeseeable events, the Statutory Auditor is the only person with the resources and necessary knowledge of the Audit Client's systems and procedures to assist the client in the timely preparation of its accounts and financial statements. A situation could be considered an emergency where the Statutory Auditor's refusal to provide these services would result in a severe burden for the Audit Client (e.g., withdrawal of credit lines), or would even threaten its going concern status. In such an emergency situation, however, the Statutory Auditor should take no part in any final decisions and should seek the client's approvals wherever possible. He should also consider additional safeguards that would allow him to minimise the level of risk to his independence. Where appropriate, he should seek to discuss the situation with the Audit Client's Governance Body and ensure that the services he provided and the reasons for this are summarised in the financial statements. Statutory audits on consolidated financial statements of Public Interest Entities When the consolidated financial statements of a Public Interest Entity client are subject to a Statutory Audit, there might be situations where it is impractical for a subsidiary of such an Audit Client to make arrangements in accordance with (3) above. As a result, it is possible that its local auditor will have to participate in the preparation of financial statements that are to be included in the Audit Client's consolidated financial statements. Under such circumstances, the self-review threat from the perspective of the Statutory Auditor of the Public Interest Entity client, is generally not considered to be significant, provided that the bookkeeping-related assistance is solely of a technical or mechanical nature or the advice is only of an informative nature (see (2) above), that the financial statements of such subsidiaries are not material to the Audit Client's consolidated financial statements (neither separately nor in total), and that the fees the Audit Firm and its Network members receive for all such services collectively are insignificant in relation to the consolidated audit fee. 7.2.2. Design and implementation of financial information technology systems Financial information Statutory audit work includes the testing of those hardware and software systems that are used by the Audit Client to generate the financial information which is to be disclosed in its financial statements. Where a Statutory Auditor (including his Audit Firm, Network member firms, or any employees thereof) is involved in the design and implementation of such a financial information technology system (FITS), a self-review threat may arise. In this respect, financial information does not only include those figures which are directly disclosed in the financial statements, but also comprises any other valuation or physical data to which the financial statements' disclosures relate. Such information is generated by either integrated IT-systems or a variety of stand-alone systems (e.g., systems for bookkeeping, cost-accounting, payroll, or cash management as well as those systems which may only provide physical numbers, such as some warehousing and production control systems, etc.). Spectrum of involvement There is a spectrum of involvement by the Statutory Auditor in the design and implementation of FIT-systems: At one end of the spectrum, there are engagements where the Statutory Auditor takes on a management role or responsibilities for the FIT-systems design and implementation project as a whole, or for the operation of the FIT-system and the data it uses or generates. Such an engagement would clearly result in an unacceptable level of independence risk. In other cases, the Statutory Auditor must carefully assess the independence risk which might arise from his involvement in systems design and implementation for the Audit Client, particularly if there are public interest implications. In all cases he should consider whether there are appropriate safeguards to reduce the independence risk to an acceptable level. For example, the level of risk may be acceptable where the Statutory Auditor's role is to provide advice to a consortium retained by the Audit Client to design and/or implement a project. Similarly, there is little risk in the case of a smaller company client, where the Statutory Auditor is asked to tailor a standard, off-the-shelf accounting system to meet the needs of that client's business. However, independence risk may be perceived to be unacceptably high in the case of a design project for a large company or Public Interest Entity client. At the other end of the spectrum, the Statutory Auditor might be engaged to provide his Audit Client with a review of alternative systems. Based on this review the client himself decides which system to install. The provision of such a service would generally not compromise the Statutory Auditor's independence, provided that cost and benefits of the systems reviewed are properly documented and discussed with the Audit Client. However, his independence will be compromised if the Statutory Auditor has a significant financial interest (see B.1) or a significant business relationship (see B.2) with any of the systems suppliers. 7.2.3. Valuation services Valuation services A valuation comprises the making of assumptions with regard to future developments, the application of certain methodologies and techniques, and the combination of both in order to compute a certain value, or a range of values, for an asset, a liability or for a business as a whole. The underlying assumptions of such a valuation may relate to interpretations of the present or expectations of the future, including both general developments and the consequences of certain actions taken or planned by the Audit Client or anybody within its close business environment. Engagements to review or to issue an opinion on the valuation work performed by others (e.g. engagements under Articles 10 and 27 of the 2nd Company Law Directive (77/91/EEC), Articles 10 and 23 of the 3rd Company Law Directive (78/855/EEC), or under Article 8 of the 6th Company Law Directive (82/891/EEC)), or to collect and verify data to be used in a valuation performed by others (e.g., typical "due diligence" work in connection with the sale or purchase of a business), are not regarded as valuation services under this principle. Materiality and subjectivity Valuation services leading to the valuation of amounts which neither separately nor in the aggregate are material in relation to the financial statements are not considered to create a significant threat to independence. The underlying assumptions of a valuation and the methodologies to be applied are always the responsibility of the Audit Client or its management. Therefore, as part of its decision-making process, the Audit Client or its management has generally to determine the underlying assumptions of the valuation, and to decide on the methodology to be applied for the computation of the value. This is of particular importance when the valuation to be performed requires a significant degree of subjectivity, either in relation to the underlying assumptions or regarding the differences in applicable methodologies. However, with regard to certain routine valuations, the degree of subjectivity inherent in the item concerned may be insignificant. This is the case when the underlying assumptions are determined by law (e.g., tax rates, depreciation rates for tax purposes), other regulations (e.g., provision to use certain interest rates), or are widely accepted within the Audit Client's business sector, and when the techniques and methodologies to be used are based on general accepted standards, or even prescribed by laws and regulations. In such circumstances, the result of a valuation performed by an informed third party, even if not identical, is unlikely to be materially different. The provision of such valuation services might therefore not compromise a statutory auditor's independence, even if the value itself could be regarded as material to the financial statements, provided that the Audit Client or its management has at least approved all significant matters of judgement. Additional safeguards Some valuation services involve an insignificant degree of subjectivity. These could include those requiring the application of standard techniques or methodologies or where the service is a review of the valuation methods used by a third party, but where the resulting valuation is material in relation to the financial statements. In these cases, the Statutory Auditor should consider whether there remains a self-review threat which should be mitigated by additional safeguards. It may be appropriate to address such a threat by setting up a valuation service team separate from the Engagement Team, with different reporting lines for both. 7.2.4. Participation in the Audit Client's internal audit Internal Audit is an important element of an entity's internal control system. In companies, particularly small and medium sized ones, which cannot afford an internal audit department or where such a department lacks certain facilities (e.g. access to specialists in information technology or treasury management), participation by the Statutory Auditor in the internal audit may strengthen management control capacities. However, self-review threats can arise if, for example, there is not a clear separation between the management and control of the internal audit and the internal audit activities themselves, or if the Statutory Auditor's evaluation of his Audit Client's internal control system determines the kind and volume of his subsequent statutory audit procedures. To avoid such threats, the Statutory Auditor, the Audit Firm or its Network member must be able to show that it is not involved in management and control of the internal audit. Furthermore, in his capacity as the statutory auditor of the client's financial statements the Statutory Auditor must be able to demonstrate that he has taken appropriate steps to have the results of the internal audit work reviewed and has not placed undue reliance on these results in establishing the nature, timing and extent of his statutory audit work. In order to ensure that the Audit Firm's statutory audit work meets required auditing standards and that the Statutory Auditor's independence is not compromised, an appropriate review of these matters should be performed by an Audit Partner who has not been involved in either the Statutory Audit or any of the internal audit engagements which may impact the financial statements. In companies where the internal audit department reports to a Governance Body rather than to management itself, the internal audit function performs a role that is complementary to the statutory audit function. It can therefore be seen as a separate element of the corporate governance framework. If the Statutory Auditor is asked to perform internal audit work in these circumstances, he must still be able to demonstrate that he has adequately assessed any threats to his independence, and has applied any necessary safeguards. 7.2.5. Acting for the Audit Client in the resolution of litigation Advocacy and self-review threats In certain circumstances the Statutory Auditor, the Audit Firm, an entity within a Network or a Partner, manager or employee thereof will assist the Audit Client in the resolution of a dispute or litigation. A Statutory Auditor who acts for the Audit Client in the resolution of a dispute or litigation is generally perceived to take on an advocacy role which is incompatible with the responsibility of a Statutory Auditor to give an objective opinion on the financial statements. This advocacy threat is accompanied by a self-review threat when the assistance in the resolution of litigation also requires the Statutory Auditor to estimate chances of his Audit Client succeeding in the action if this could affect amounts to be reflected in the financial statements. A Statutory Auditor who is involved in the resolution of litigation has therefore to consider the significance of both the advocacy threat and the self-review threat. The advocacy threat is increased when the Statutory Auditor, the Audit Firm or a Network member firm takes an active role on behalf of the Audit Client to resolve disputes or litigation. It is less likely that this threat will become significant, when the Statutory Auditor is only required to give evidence to a court or tribunal in a case in which the client is involved. Even when taking a relatively active role on behalf of the client, there can be other specific situations which are generally not seen to compromise a Statutory Auditor's independence. Such situations could include, the representation of an Audit Client before the court or the tax administration in a case of tax litigation. They could also include advising the client and defending a particular accounting treatment in a situation where a Member State's authority, securities regulator or review panel, or any other similar European or international body investigates the Audit Client's financial statements. However, whatever the circumstances, the Statutory Auditor should analyse the specific situation and his particular involvement to carefully assess whether or not there is a significant risk to his independence. Materiality and subjectivity The provision of legal services to an Audit Client in connection with the resolution of a dispute or litigation does not usually create a significant threat to independence when these services involve matters that are not expected by a reasonable and informed third party to have any material impact on the financial statements. Acting as an advocate of the Audit Client is inherently subjective, but the degree of subjectivity varies depending upon the nature of the legal proceedings. During the course of an audit, the Statutory Auditor usually has the choice either to evaluate the outcome of a legal proceeding himself, or to rely on a confirmation provided by an external lawyer engaged by the client. The degree of subjectivity in both cases is governed by factors such as the competence of the lawyer, his compliance with ethical rules of the lawyers' profession, and the given evidence, rather than whether or not the lawyer is an employee of the Audit Firm or of a third party law firm. With respect to legal situations where the outcome of legal proceedings can be reasonably estimated on given evidence, the estimation of amounts affected by litigation should not lead to material differences between services provided by the Audit Firm or a third party law firm (e.g. litigation regarding employment contracts with staff, or certain tax proceedings). On the other hand, there might be situations that involve significant inherent subjectivity. There may also be situations where it is impossible to evaluate evidence in an objective manner due to the nature of the business relationship between the Statutory Auditor and the Audit Client (e.g. personal involvement of former or present management, non-executive directors, or shareholders). In such cases, the Statutory Auditor should ensure that he is not involved in the Audit Client's actions in the resolution of litigation, except in minor cases where the matter concerned would not reasonably be expected to have a material impact on the financial statements. Additional safeguards In circumstances not covered under (2), the Statutory Auditor should consider whether there remain threats to independence which have to be mitigated by additional safeguards. It might be appropriate to avoid the audit Engagement Team being involved in the litigation process by setting up different engagement teams with different reporting lines for the Statutory Audit and the legal services related to the litigation. 7.2.6. Recruiting senior management A Statutory Auditor who is asked to assist an Audit Client to recruit senior or key staff should first assess the threats to his independence which might arise from, for example, the role of the person to be recruited and the nature of the assistance sought. The need for careful assessment is highest where the person recruited is likely to have a significant role in the client's financial management processes and hence to have regular contact with the Statutory Auditor. However, threats such as self-interest and familiarity may arise from other appointments too. With regard to the nature of the assistance sought, an example of an acceptable service might include reviewing the professional qualifications of a number of applicants and giving an objective opinion on their suitability for a post. Another acceptable service might include the provision of a short-list of candidates for interview, provided that it has been drawn up using criteria specified by the client, rather than on the Statutory Auditor's own judgement. In both cases, care would be needed to ensure that any opinion given about the candidates did not pre-empt the Audit Client's decision. If the Statutory Auditor concludes that he cannot give the assistance requested without directly or indirectly participating in the Audit Client's decision as to who should be appointed, he should decline to provide it. 8. AUDIT AND NON-AUDIT FEES 8.1. Contingent fees Audit fee arrangements Statutory audit work performed in the public interest is inherently unsuitable for fee arrangements where the Statutory Auditor's remuneration depends on either any performance figure of the Audit Client or the outcome of the audit itself. Audit fees that are fixed by any court or governmental body do not constitute contingent fees. Non-audit fee arrangements Self-interest, self-review and advocacy threats to a Statutory Auditor's independence also arise when the fee for a non-audit engagement is dependent upon a contingent event. This applies to all contingent arrangements between the Statutory Auditor, the Audit Firm or an entity within its Network, and the Audit Client or any of its Affiliates. Dependency on a contingent event means, for example, that the fee depends in some way on the progress or outcome of the project or the attainment of a particular performance figure by the Audit Client (or its Affiliate). In assessing the extent to which contingent fee arrangements pose a threat to statutory auditor independence, and the availability of suitable safeguards, the Statutory Auditor should consider amongst other factors: the relationship between the activity for which the contingent fee is to be paid, and the conduct of any current or future audit; the range of possible fee amounts; and the basis on which the fee is to be calculated. In performing this assessment, the Statutory Auditor should consider, inter alia, whether the amount of the contingent fee is directly determined by reference to an asset or transaction value (e.g., percentage of acquisition price) or a financial condition (e.g., growth in market capitalisation) the measurement of which will be subsequently exposed to an audit examination and whether this increases the self-interest threat to unacceptable levels. On the other hand, independence threats will generally not arise in situations where there is no direct link between the basis of the contingent fee (e.g., the starting salary of a new employee when a recruitment service is provided) and a significant aspect of the audit engagement. Where a Governance Body exists, the Statutory Auditor should disclose contingent fee arrangements to that body in accordance with the principles set out under Section A. 4.1.2. 8.2. Relationship between total fees and total revenue Excessive dependence on audit and non-audit fees from one Audit Client or one client group clearly gives rise to a self-interest threat to the Statutory Auditor's independence. The Statutory Auditor or the Audit Firm has not only to avoid the existence of such a financial dependency, but also has to consider carefully whether the appearance of such a dependency might create a significant threat to independence. Appearance of financial dependency The Statutory Auditor, the Audit Firm or a Network might be perceived to be financially dependent on a single Audit Client or client group when the total audit and non-audit fee that it receives, or expects to receive, from that client or client group exceeds a critical percentage of its total income. The public perception of this critical percentage will depend upon different factors within the audit environment. For example, the level might be different depending on the size of the firm, whether it is well established or newly created, whether it operates locally, nationally or internationally, and on the general business situation in markets in which it is operating. These circumstances have to be carefully considered by the Statutory Auditor when he assesses the significance of the self-interest threat to his appearance of independence. An analysis should be performed of all fees received for audit and non-audit services from a particular client or client group compared to the firm's or Network's total income, as well as of the relevant amounts that are expected to be received during the current firm's or Network's reporting period. If this analysis indicates a level of dependency and a need for safeguards, an Audit Partner who has not been engaged in any of the audit or non-audit work for the client should carry out a review of the significant audit and non-audit work done for the client and advise as necessary. The review should also take into consideration any audit and non-audit work that has been contracted or is the subject of an outstanding proposal. Where doubts remain, or where, because of the size of the firm, no such partner is available, the Statutory Auditor should seek the advice of his professional regulatory body or a review by another statutory auditor. Certain other fee relationships The Statutory Auditor should also consider whether there are, or appear to be, other types of fee relationships between a single Audit Client or client group and himself or the Audit Firm that may cause a self-interest threat. For example, an Audit Partner within an office or branch might be perceived to be dependent on fees from a certain Audit Client, if most of that office's services are provided to that Audit Client, or if the same individual is responsible for selling both audit and non-audit engagements to the Audit Client. To mitigate such self-interest threats, an Audit Firm may reconsider its organisational structures and the responsibilities of certain individuals, or, where applicable, discuss the way services are provided and charged with the Audit Client's Governance Body. Independence may particularly be compromised when significant fees are generated from the provision of non-audit services to an Audit Client or its Affiliates. The Statutory Auditor should therefore assess this risk to his independence. In particular, he should consider the nature of the non-audit services provided, the different fees generated from the statutory audit engagement and the non-audit engagements, and their respective relationship to the total fees received by the Audit Firm or Network. If the analysis indicates the need for safeguards, particularly when the non-audit fees exceed the audit fees, an Audit Partner who is not involved in any of the audit and non-audit engagements should carry out a review of the work done for the client and advise as necessary. 8.3. Overdue fees Unpaid fees for audit or other work could appear to be in effect a loan from the Statutory Auditor to the Audit Client. This could threaten the Statutory Auditor's independence by creating a mutual financial interest with the Audit Client. In such circumstances, a Statutory Auditor must assess the level of the threat and take any action that may be necessary. This could include disclosing the extent of the potential mutual interest to all relevant third parties. Where the Statutory Auditor is an Audit Firm, the circumstances may be reviewed by another Audit Partner who has not been involved in the provision of any services to the Audit Client. In the case of a sole practitioner, or a small partnership where all the Audit Partners have been involved with the Audit Client, the Statutory Auditor should either seek advice from his professional regulatory body or ask for a review by another statutory auditor. 8.4. Pricing A Statutory Auditor must be able to demonstrate that the fee he charges for any audit engagement is reasonable, particularly if it is significantly lower than that charged by a predecessor or quoted by other firms bidding for the engagement. He must also be able to demonstrate that a quoted audit fee is not dependent on the expected provision of non-audit services, and that a client has not been misled as to the basis on which future audit and non-audit fees would be charged when negotiating the current audit fees. The Statutory Auditor should have policies and procedures in place to be able to demonstrate that his fees meet these requirements. Where Statutory Audits of Public Interest Entities are concerned, the Statutory Auditor should seek to discuss the basis for calculating the audit fee with the Governance Body. 9. LITIGATION Whilst it is not possible to specify precisely for all cases the point at which it would become improper for a statutory auditor to continue as Statutory Auditor of an Audit Client, the following criteria should be considered: - if an Audit Client alleges deficiencies in statutory audit work, and the Statutory Auditor concludes that it is probable that a claim will be filed, the Statutory Auditor should first discuss the basis of the allegations with the Governance Body of the Audit Client or, where such body does not exist, with his professional regulatory body. If this confirms the judgement that it is probable that a claim will be filed, then - subject to local legal requirements - the Statutory Auditor should resign; - if the Statutory Auditor alleges fraud or deceit by current management of an Audit Client, the level of independence risk and the decision as to whether or not he should resign also depends on safeguards such as discussion of all relevant aspects with the Governance Body of the client, or, where such a body does not exist, with the Statutory Auditor's professional regulatory body. (In some countries, however, the national law safeguards the independence of the Statutory Auditor in cases of alleged fraud by requiring the Statutory Auditor to report the detected fraud to a national authority and to continue his audit work on behalf of that authority which represents the national public interest. In any case the Statutory Auditor should consider seeking legal advice, giving due consideration to his responsibility to the public interest.); - threatened or actual litigation relating to non-audit services for an amount not material to the Statutory Auditor or to the Audit Client (for example, claims out of disputes over billing for services, results of consultancy services) would not compromise the Statutory Auditors independence. 10. SENIOR PERSONNEL ACTING FOR A LONG PERIOD OF TIME To mitigate a familiarity or trust threat to the independence of a Statutory Auditor who is engaged to audit an Audit Client of public interest, the requirement to replace the Engagement Partner and the other Key Audit Partners of the Engagement Team within a reasonable period of time cannot be replaced by other safeguards. The Statutory Auditor should also consider the independence risk arising from the prolonged involvement of other members of the Engagement Team, including the senior staff engaged on audits of entities which are consolidated into an Audit Client's consolidated financial statements, and from the composition of the team itself. He should apply safeguards, such as rotation and measures under the Audit Firm's quality assurance scheme, to seek to ensure that the engagement may be properly continued without compromising his independence. There might be situations, where due to the size of the Audit Firm internal rotation of the Engagement Partner and other Key Audit Partners is not possible or may not constitute an appropriate safeguard. For example, in the case of a sole practitioner's practice, or where the day to day relationship between a limited number of Audit Partners is too close. In such situations, the Statutory Auditor should ensure that other safeguards are put in place within a reasonable period of time. Such safeguards could include having the relevant audit engagement covered by an external quality review, or, as a minimum, seeking the advice of his professional regulatory body. If no suitable safeguards can be identified, the Statutory Auditor should consider whether it is appropriate to continue the audit engagement. When any member of an Engagement Team is replaced because of time served on a particular audit, or because of a related familiarity or trust threat, that individual should not be re-assigned to the team until at least two years have elapsed since his replacement. (1) See Article 24 of the 8th Company Law Directive which requires Member States to prescribe that statutory auditors have to be independent in accordance with the law of the Member State which requires the Statutory Audit. (2) See also Article 23 of the 8th Company Law Directive which requires Member States to prescribe that statutory auditors shall carry out Statutory Audits with professional integrity. (3) Defined in the glossary. (4) Defined in the glossary. (5) Defined in the glossary. (6) Defined in the glossary. (7) Defined in the glossary. (8) In some jurisdictions the national law provides for certain types of companies, such as cooperatives or associations, to have their financial statements audited by a particular Statutory Auditor who is assigned by virtue of the law governing these companies, and not appointed by any management body or Governance Body. Statutory Auditors of this kind of entities may consider this circumstance as a general safeguard contributing to mitigate a certain kind of self-interest threats to independence. Appendix GLOSSARY >TABLE>