SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT

OVERVIEW
Objective
To explain the professional codes of ethics and conduct under which students and
members of the ACCA operate.

Introduction
Fundamental principles
Conceptual framework –
risks
Conceptual framework –
safeguards
Ethical conflict resolution

INTEGRITY
OBJECTIVITY &
INDEPENDENCE

ACCA CODE OF
ETHICS AND
CONDUCT

CONFIDENTIALITY
Improper disclosure
Improper use

Principles
Fees and pricing
Gifts and hospitality
Financial interest

Family and other personal relationship
Loans and guarantees
Overdue fees
Provision of other services to assurance clients
Long association with assurance clients
Recent employment with an assurance client
Future employment with an assurance client
Close business relationships
Actual or threatened litigation
Serving on the board of an assurance client
Second opinions

INDEPENDENCE
IN OTHER ROLES

CONFLICTS OF
INTEREST
Two types
Member v client
Client v client

Professional roles
Business roles

0401


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT

1


CODE OF ETHICS AND CONDUCT

1.1

Introduction
As a member of the IFAC, the ACCA’s Code of Ethics and Conduct, is based on the
Code of Ethics of the IFAC and applies to all Students and Members of the Association
(in practice, commerce, or any other environment, e.g. internal audit, education) in that
they are required to observe proper standards of professional conduct and refrain from
misconduct. Failure to observe standards may result in disciplinary proceedings.
The Code provides five fundamental principles (integrity, objectivity, professional
competence and due care, confidentiality and professional behaviour) and a conceptual
framework to assist ALL students and members in applying the principles, regardless of
the areas of work undertaken.

1.2

Fundamental Principles

1.2.1

Integrity

In all professional, business, personal and financial relationships, members should be
straightforward and honest. This implies honesty, fair dealing and truthfulness.
Members should not be associated with (eg sign off) reports, returns, communications
or other information where they believe that the information:
contains materially false or misleading statements;
contains statements or information furnished recklessly; or

omits or obscures information required to be included where such omission or
obscurity would be misleading.
For example:
In the context of an audit under ISA, this means that if the financial statements
contain a material error that the directors refuse to change, the auditor would
qualify their opinion.
In the context of other work, e.g. preparing a cash flow forecast, if asked to verify
data that is misleading, the member would refuse to accept the engagement or
withdraw as soon as they become aware that the data is misleading and the client
refuses to change.

1.2.2

Objectivity

Members should not allow bias, conflicts of interest or undue influence of others to
override their professional and business judgments.
Objectivity is a state of mind, which ensures the member is not compromised having
regard to all considerations relevant for professional judgment, but no other (e.g.
personal interests). This presupposes intellectual honesty.

0402


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT

1.2.3

Professional competence and due care


Members work and advice given must reflect current developments in practice,
legislation, applications, techniques and professional standards.
Members must obtain and maintain the relevant knowledge and skill to ensure the
provision of competent and professional service levels (e.g. through continuing
professional development). This also requires the exercise of sound judgment in
applying professional knowledge & skill and the need to act diligently in accordance
with applicable technical and professional standards.
The requirements of each assignment must be fully understood such that the member
and assignment staff will act carefully, thoroughly and on a timely basis – if unable to
do so, the assignment should not be accepted. Thus members must also ensure that all
others working under their authority have the appropriate training and supervision.
Where appropriate, clients, employers or other users of professional services, must be
made aware of limitations inherent in the services to avoid the misinterpretation of an
expression of opinion as an assertion of fact (eg in the engagement letter and/or report).

1.2.4

Confidentiality (see also Section 3)

Information acquired as a result of professional and business relationships is
confidential and should not be disclosed to any third parties without proper and
specific authority (e.g. from the client) or unless there is a legal, professional right, or
duty to disclose.
Confidential information acquired as a result of professional and business relationships
should not be used for any personal advantage of a member or any third party.

1.2.5

Professional behaviour


All relevant laws and regulations should be complied with and any action that brings
discredit to the profession should be avoided. Members must show professional
courtesy and consideration.
In marketing and promoting themselves and their work, members should not bring the
profession in disrepute. Members should be honest and truthful and not:
make exaggerated claims for the services they are able to offer (e.g. claim to be able
to carry out statutory audits when they do not hold statutory recognition as an
auditor) the qualifications they possess (e.g. claim to be qualified when still a
student) or experience they have gained; or
make disparaging references or unsubstantiated comparisons to the work of others
(e.g. “we are the best, better than all the rest”).

1.3

Conceptual framework
The many environments in which ACCA members operate (e.g. practice, commerce,
industry, financial services, local government, education etc) may often give rise to
specific threats to compliance with the Fundamental Principles.

0403


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
The Conceptual Framework assists members (through guidance and illustrative
examples) to identify, evaluate and respond to threats to compliance with the
Fundamental Principles, rather than merely following rules (which are unlikely to be
appropriate for every situation and could thus be avoided).
It allows members to consider the risks they face and to match those risks with the
appropriate action. It is not a set of rules within a fixed framework as ACCA members
need to be flexible within their operating environment in order to ensure the

Fundament Principles are not compromised.
If identified threats are other than clearly insignificant, members must implement
safeguards to eliminate the threats or reduce them to an acceptable level so that
compliance with the Fundamental Principles is not compromised.
Whilst examples are used to illustrate the application of the framework, they do not
cover all possibilities faced by members. The framework should be applied to the
particular circumstances faced. Where a situation cannot be aligned with the examples
given within the framework, the underlying concept is always “if in doubt, avoid, do
not do”.

1.4

Threats
Compliance with the Fundamental Principles may potentially be threatened by a broad
range of circumstances. Many threats fall into the following categories:
self-interest;
self-review;
advocacy;
familiarity;
intimidation.
Remember that these apply to all members, not only those in practice but also those
employed in industry, commerce etc.

1.4.1

Self-interest threat

May occur as a result of the financial or other interests of members (including
immediate or close family of the member) eg:
loans or guarantees;

close personal or business relationships;
financial interest in a client;
gifts and hospitality;
incentive compensation arrangements;
concern over employment security;
commercial pressure from outside the employing organisation;
interest in transactions with the company;
inappropriate use of corporate assets.

0404


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT

1.4.2

Self-review threat

May arise when a previous judgment needs to be re-evaluated by individuals
responsible for that judgment. The original judgment may have been made, for
example, by the individual or by others within the individual’s organisation.
Circumstances which may give rise to self-review threats include, but are not limited to:
providing a service to a client that will then be subject to review as part of the
assurance engagement;
reporting on the operation of systems after being involved in their design or
implementation;
the discovery of a significant error during a re-evaluation of the work being
undertaken by the member;
a member of an engagement team who was previously employed by the client and
was in a position to have had direct influence on the subject matter of the

engagement;
business decisions or data being subject to review and justification by the same
person responsible for making those decisions or preparing those data;
an analyst, or member of a board, audit committee or audit firm being in a position
to exert direct and significant influence over the financial reports.

1.4.3

Advocacy threat

Occurs when members promote a position or opinion to the point that subsequent
objectivity may be compromised (e.g. stating publicly a given opinion on a future
position and then having to audit that position at a later date when it has changed and
there is potential pressure to ignore the change).
It is natural for members to advocate their client’s/employer’s position and there is
nothing improper in this provided it does not result in misleading information being
given.
There could be circumstances, however, where this may not be acceptable and these
include:
commenting publicly on future events in particular circumstances, having made
assertions without detailing the assumptions;
where information is incomplete or advocating an argument which is unlawful;
promoting shares in a listed audit client or a client seeking to list;
acting as an advocate on behalf of an assurance client in litigation or disputes with
third parties.

1.4.4

Familiarity threat


Can arise where members, because of a close relationship, become too sympathetic to
the interests of others (e.g. auditor and director are related).

0405


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
There is a significant risk that professional scepticism will not be applied by the
member. Examples of circumstances that may create familiarity threats include:
a member in a position to influence business decisions, financial (or non-financial)
reporting (e.g. the audit report) having an immediate or close family who is in a
position to benefit from that influence (e.g. a director or shareholder);
over-familiarity with the management of the organisation such that professional
judgement could be compromised;
long association with business contacts influencing business decisions;
acceptance of gifts or preferential treatment, unless the value is clearly insignificant;
a former partner of the engagement firm being a director, officer or employee of a
client in a position to exert direct influence over the subject matter of the
engagement.

1.4.5

Intimidation threat

Will occur where members may be deterred from acting objectively by threats, actual or
perceived, direct or indirect. Examples of circumstances that may create intimidation
threats include:
threat of dismissal or replacement of the member (as an employee or auditor) or a
close or immediate family member, over a disagreement about the application of an
accounting principle or the way in which financial and performance information is

to be reported;
a dominant personality attempting to influence the decision-making process, for
example with regard to the awarding of contracts or presentation of financial
information, or controlling relations with auditors or other oversight bodies;
being threatened with litigation;
coming under pressure to reduce necessary work to ensure a reduction in fees.

1.5

Safeguards
The nature of the safeguards to be applied will vary depending on the circumstances
(demonstrating the approach of the conceptual framework).
In exercising their judgement, members should consider what a reasonable and
informed third party, having knowledge of all relevant information, including the
significance of the threat and the safeguards applied, would conclude to be acceptable
or unacceptable.
Safeguards that may eliminate or reduce to acceptable levels the threats faced by
members fall into three broad categories:
safeguards created by the profession, legislation or regulation;
safeguards in the work environment;
safeguards created by the individual.

0406


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT

1.5.1

Safeguards created by the profession, legislation or regulation


Includes:
Educational, training and experience requirements for entry into the profession.
Continuing professional development/education (CPD/CPE) requirements.
Corporate governance regulations.
Professional standards.
Professional or regulatory monitoring and disciplinary procedures.
External review by a legally empowered third party of the reports, returns,
communications or information produced by a member.

1.5.2

Safeguards in the work environment

Includes:
The employing organisation’s systems of corporate oversight or other oversight
structures, e.g. audit committee and “whistle blowing” rights.
The employing organisation’s ethics and conduct programmes including leadership
that stresses the importance of ethical behaviour and the expectation that
employees will act in an ethical manner (e.g. ethical culture cascading down from
top management).
Recruitment procedures in the employing organisation emphasising the importance
of employing high-calibre, competent staff.
Strong internal controls.
Appropriate disciplinary processes.
Policies and procedures to implement and monitor the quality of employee
performance.
Policies and procedures to implement and monitor the quality control of
engagements.
Using different partners and engagement teams with separate reporting lines for

the provision of non-assurance services to the client.
Policies and procedures to prohibit individuals who are not members of an
engagement team from inappropriately influencing the outcome of the
engagement.
Timely communication of the employing organisation’s policies and procedures,
and any changes to them, to all employees.
The provision of appropriate training and education to employees.
Discussing ethical issues with those charged with governance of the client.
Disclosing to those charged with governance of the client the nature of the services
provided and extent of fees charged.

0407


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
Policies and procedures to empower employees to communicate to senior levels
(including governance) any ethical issues that concern them. This includes
informing employees of the procedures open to them.
Consultation with another appropriate professional accountant.

1.5.3

Safeguards created by the individuals

Includes:
Complying with continuing professional development requirements.
Keeping records of contentious issues and approach to decision-making.
Maintaining a broader perspective on how similar organisations function through
establishing business relationships with other professionals.
Using an independent mentor.

Maintaining contact with legal advisors and professional bodies.

1.5.4

Other safeguards

Certain safeguards may increase the likelihood of identifying or deterring unethical
behaviour. Such safeguards, which may be created by the accounting profession,
legislation, regulation or an employing organisation, include, but are not restricted to:
effective, well-publicised complaints systems which enable colleagues and
employers to draw attention to unprofessional or unethical behaviour;
an explicitly stated duty to report breaches of ethical requirements.

1.6

Ethical conflict resolution
In resolving ethical conflicts it is important to record the process and outcome, e.g.:
relevant facts;
the ethical issues involved;
the fundamental principles involved;
established procedures followed;
action followed and outcome;
alternative courses of action and their consequences; and
internal and external sources of consultation (e.g. ethics partner; audit committee).
Where a significant conflict cannot be resolved, consideration should be given to
consulting legal advisors and/or the ACCA. Such consultation can be taken without
breaching confidentiality (e.g. on a ‘no names’ basis). Care should be taken to ensure
that those consulted are also bound by similar ethical rules.
If, after exhausting all relevant possibilities, the ethical conflict remains unresolved,
members should, where possible, refuse to remain associated with the matter creating

the conflict.

0408


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
Members may determine that, in the circumstances, it is appropriate to withdraw from
the engagement team or specific assignment, or to resign altogether from the
engagement, the firm or the employing organisation.

2

INTEGRITY, OBJECTIVITY AND INDEPENDENCE

2.1

Principle
The Fundamental Principles require that a member’s integrity and objectivity must be
beyond question. This can only be assured if the member is, and is seen to be, as
independent as possible.
Independence requires:
Independence of mind - the state of mind that permits the expression of a
conclusion without being affected by influences that compromise professional
judgement, allowing an individual to act with integrity and exercise objectivity and
professional scepticism.
Independence in appearance - the avoidance of facts and circumstances that are so
significant that a reasonable and informed third party, having knowledge of all
relevant information, including safeguards applied, would reasonably conclude a
firm's, or a member of the assurance team's, integrity, objectivity or professional
scepticism had been compromised.

Members who provide assurance services must be independent of the assurance client
(be they responsible for the subject information or the subject matter), regardless of the
type of assignment, i.e. assertion or direct reporting.
As, in an assurance engagement, “members express a conclusion designed to enhance
the degree of confidence of the intended users other than the responsible party about
the outcome of the evaluation or measurement of a subject matter against criteria” it is
logical that the assurance provider be independent of the assurance client.
Members who provide other services (e.g. taxation services, compilation of accounts,
corporate advisory services) to non-assurance clients, may none the less under specific
circumstances, find their perceived objectivity under threat because of the nature their
work and of their relationship with a client, e.g. a brother who is asked to prepare a
company cash flow forecast by his sister who is a director of that company.
The following examples describe specific circumstances and relationships that may
cause threats to independence. Whilst they mainly relate to members in practice (i.e.
audit and assurance) they can equally apply to the provision of non-assurance services
and members in industry, commerce etc.

2.2

Fees and pricing
When the total fees generated by an assurance client represent a large proportion of a
firm’s total fees, the dependence on that client (or client group) and concern about the
possibility of losing the client may create a self-interest threat.

0409


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
A similar threat may also be created when the fees generated by the assurance client
represent a large proportion of the revenue of an individual partner.

Every firm should consider its own circumstances to determine an appropriate level
beyond which objectivity may be considered to be impaired. In addition, firms are
obliged to consider the appropriateness of accepting an assurance engagement where
fees would exceed a lower specified limit. Effectively, this lower level acts as a trigger
point to consider appropriate safeguards.
To safeguard objectivity, the ACCA state that fee income for audit and other recurring
work paid by one client (or a group of connected clients) should not exceed the
following % of gross practice income (and individual partner’s total fee income).

Initiate
review

Extreme

Listed and other public interest companies

5%

10%

Other clients

10%

15%

Note that these are extreme levels – firms may set levels that are lower to reflect
their particular circumstances.
Criterion does not initially apply to new practices. An initial period of time should
be given to allow the practice to grow to a reasonable level.

The propriety of accepting or retaining clients should be reviewed against the lower
% figures – and safeguards set up if engagement accepted/retained.
A company planning to seek a listing will be public interest in the period before it is
listed (because publicity leading up to flotation will be “in the public eye”).
Safeguards when initiating a fee level review include:
taking steps to reduce dependency on the client, e.g. expansion of client base
through organic or merger growth;
quality control review procedures, e.g. second independent partner review at the
planning and completion stages where a fee breaches the lower review %.
Fee income on non-recurring assignments, if taken together with recurring work, could
give rise to dependency. This would particularly be the case if the non-recurring work,
whilst of a different nature each year, effectively contributes a consistent base % of fee
income from the client.

2.3

Gifts and hospitality
Accepting gifts or hospitality from an assurance client may create self-interest and
familiarity threats.

0410


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
Unless the value is clearly insignificant, a firm or a member of the assurance team
should not accept such gifts or hospitality as the threats to independence cannot be
reduced to an acceptable level by the application of any safeguard.
A similar consideration will apply to gifts and hospitality made to the close family of a
member of the assurance team, unless they receive the benefit in their own right and not
because of their connection with the assurance team member.


2.4

Financial interests
Creates a potential self-interest threat.
In general, consider the nature of the financial interest, including the role of the
individual holding the interest. This includes direct control over the interest, e.g.
personal holding of shares, and an interest over which there is no control, an indirect
interest, e.g. unit trust or pension fund.
Holders of a direct interest/material indirect interest (both being referred to as a
relevant interest) are at risk and the threat should be assessed.
Basically, partners cannot hold investments in assurance clients whilst other
employees can. Such employees cannot be part of the engagement team.
The engagement partner, other partners (regardless of discipline or involvement with
the assurance engagement) and their immediate family cannot hold a relevant financial
investment in any of the firm’s assurance clients.
The partner must dispose of the investment or the firm disengage from the assurance
assignment or the client.
If a relevant interest is held by a member of the assurance team or their immediate
family, then:
require disposal of the holding by the employee or their immediate family member;
or
remove the employee from the assignment (usually the action taken).
Where assurance staff (or their immediate family) do hold investments in assurance
clients, they must not be assigned to such clients.
A principal safeguard is the annual declaration by all partners and staff that they, and
their immediate family, do not have a financial interest in any assurance clients. This is
supplemented by informing partners and staff of new assurance clients (on a regular
basis) and the requirement for partners and assurance staff to inform the compliance
partner of any financial interest.

If the relevant interest was received by way of gift, inheritance, etc the above procedures
also apply. In addition, consider further action to take, based on circumstances, e.g.
independent review of past work carried out by employee if they knew that they were
due the inheritance plus any disciplinary action for their not informing the firm.

0411


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT

2.5

Family and other personal relationships
Personal or immediate family relationships between a member of the assurance team
and a client’s directors, officers and other employees (with responsibilities that exert
direct and significant influence over the assurance subject matter) will create selfinterest, familiarity or intimidation threats.
The significance of the threats will depend on factors such as:
the position held by the individual within the client; and
the role of the member of the assurance team.
Safeguards include:
removing the individual from the assurance team;
ensuring that the individual does not deal with the areas of responsibility of the
client employee;
resigning from the assignment or client.
The more senior the employee within the client and/or the more senior the member of
the assurance team, the greater the need to apply the strongest safeguard, i.e. removal of
the employee from the assurance team or resignation. For example:
a junior’s uncle is a director of an assurance client will mean that the junior should
not be a member of the assurance team;
a junior’s girlfriend who is the credit controller will mean that, if the junior remains

on the team, they will not be involved in dealing with sales or receivables;
the senior’s girlfriend who is the credit controller will mean that they should not be
involved with the assignment as they will be responsible for setting and reviewing
the work of the team member who carries out work on the credit area;
a partner’s sister is a director of a company, means that the firm should not provide
assurance services to the company. If requested to tender for the audit, the firm
should decline. If the sister is recruited as a director by the company, which is
already an audit client, the firm should resign the audit.
Where other partners and employees have personal or immediate family relationships
with assurance clients (for who they do not act) self-interest, familiarity or intimidation
threats may still arise.
The safeguards put in place (including resignation from the assignment or the client)
will depend on the closeness of the relationship and the respective positions within the
client and firm.
It is important, that as part of its safeguards, the firm should have procedures for
partners and employees to declare such personal and immediate family relationships,
e.g. annual declarations and regular notification of new clients.

0412


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT

2.6

Loans and guarantees
In respect of a general assurance client that is not a bank or similar institution, a firm
(including partners) should not:
make a loan
accept a loan

guarantee borrowings
unless the loan/guarantee is immaterial to both the firm (and partners) and the
assurance client. There are no safeguards that would bring the threat to independence
to an acceptable level.
Where the client is a commercial financial institution (e.g. a bank) the firm, partners,
employees of the firm (including engagement staff) and their immediate family may
have deposits, overdraft facilities and standard loans (e.g. car, mortgage loans, credit
card balances) provided the terms, arrangements and conditions are at arms length and
generally available to all clients of the institution.
Where deposits made by the firm or loans to the firm by the client bank are material,
safeguards should be put in place to bring the self-interest threat to an acceptable level.
Such safeguards include review of the assurance assignment by an external,
independent professional.
Note that many firms specifically prohibit their partners (and the firm) from taking any
form of material loan from financial institution clients. This is particularly the case for
the engagement partners. Where a loan is material to an employee (which is likely to be
the case), that employee would not be assigned to the audit of the bank concerned.

2.7

Overdue fees
Can be a self-interest threat where fees remain unpaid for a significant period of time,
particularly where prior year fees have not been settled by the time of the current year’s
report.
Safeguards include:
requiring the payment of overdue fees before the issue of any further reports;
discussing the level of outstanding fees with audit committees or those charged
with governance;
establishing on-account/standing order payments of fees over the year.
Consideration must also be given to determine if the overdue fees are effectively a loan,

and therefore if it is appropriate for the firm to continue to act for the client.

2.8

Provision of other services to assurance clients
There is no objection in principle to providing additional services beyond audit and
assurance. In doing so, the firm gains a better understanding of their clients’ processes,
controls, business and financial risks.

0413


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
However, in some jurisdictions (e.g. the USA under the Sarbanes-Oxley Act) auditors
are specifically barred from providing additional assurance and non-assurance services
to their listed company clients.
The following general safeguards are relevant when providing other services:
policies and procedures to prohibit professional staff from making management
decisions for the assurance client, or assuming responsibility for such decisions;
making arrangements so that personnel providing the services do not participate in
the assurance engagement;
obtaining the assurance client’s acknowledgement of responsibility for the results
of the work performed by the firm;
policies within the assurance client regarding the oversight responsibility for
provision of non-assurance services by the firm (e.g. audit committee approval only
if satisfied auditor’s independence will not be impaired);
involving an additional professional accountant outside of the firm to provide
assurance on a discrete aspect of the engagement;
discussing independence issues related to the provision of the services with those
charged with governance, such as the audit committee;

disclosing to those charged with governance, such as the audit committee, the
nature and extent of fees charged.
Where safeguards cannot eliminate, or reduce to an acceptable level, the threat to
independence, the non-assurance engagement should be declined.
Under the ACCA Code, the following activities would generally create self-interest or
self-review threats that are so significant that only avoidance of the activity or refusal to
perform the assurance engagement would reduce the threats to an acceptable level:
authorising, executing or completing a transaction, or otherwise exercising
authority on behalf of the client, or having the authority to do so;
determining which recommendation of the firm should be implemented (i.e.
making management decisions); and
reporting, in a management role, to those charged with governance.
Specific examples of other services are detailed below.

2.8.1

Preparing accounting records and financial statements

It is common for firms to provide a range of accountancy services including preparation
of accounting records and financial statements. However, this may create a self-review
threat when the records and financial statements are audited by the same firm.

0414


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
There is a danger that in preparing accounting records and financial statements,
management decisions will be made, eg:
determining or changing journal entries, or the classifications for accounts or
transaction or other accounting records;

authorising or approving transactions; and
preparing source documents or making changes to such documents.
The ACCA specifically bars members from preparing accounting records and financial
statements (except to assist in emergency situations) for listed or public interest clients
where they will also conduct the audit. To do so may impair (or appear to impair) the
independence of the auditor.
In all other situations accounting, bookkeeping and financial statement preparation
services may be provided, provided safeguards are in place, eg:
Accounts preparation members are not part of the assurance engagement team;
No managerial decisions made by the preparation team;
No authorising or approving transactions by the preparation team;
Source data must be originated or changed only by the client;
Underlying assumptions originated and approved by the client;
Client acceptance of the responsibility for records as its own;
Client approval for any proposed journals, analysis or other changes impacting on
the financial statements.

2.8.2

Internal audit

Internal audit provide a broad range of services to their organisations (see Session 33).
Many of these will not be related to the financial systems and may be undertaken
without threat to independence by the external auditors.
However, the provision of internal audit services to an audit client relating to the
internal controls (including business risk and financial controls) financial systems and
financial statements will create a self-review threat.
The firm must consider the threats and proceed with caution before taking on internal
audit services relating to internal control, financial systems and financial statements.
Safeguards include:

ensuring the audit client recognises its responsibility for internal audit activities
and acknowledges its responsibility for establishing, maintaining and monitoring
the system of internal controls (e.g. in the engagement letter);
the audit client designates a competent employee, preferably within senior
management, to be responsible for internal audit activities;
the audit client, the audit committee or supervisory body approves the scope, risk
and frequency of internal audit work;

0415


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
employees used by the audit firm and their internal reporting lines, should be
different to those for the audit assignment;
the audit client is responsible for evaluating and determining which
recommendations of the firm should be implemented;
the audit client evaluates the adequacy of the internal audit procedures performed
and the findings resulting from the performance of those procedures by, among
other things, obtaining and acting on reports from the firm; and
the findings and recommendations resulting from the internal audit activities are
reported appropriately to the audit committee or supervisory body.

2.8.3

Valuation services

A valuation comprises the making of assumptions with regard to future developments,
the application of certain methodologies and techniques, and the combination of both in
order to compute a certain value, or range of values, for an asset, a liability or for a
business as a whole.

A self-review threat may be created when a firm performs a valuation for an audit client
that is to be incorporated into the client’s financial statements to be audited by the firm.
Where the valuation is material to the financial statements and involves a significant
degree of subjectivity (e.g. a pension fund actuarial valuation or fair value based on cash
flows), the self-review threat created cannot be reduced to an acceptable level by the
application of any safeguard.
Such valuation services should not therefore be provided. Alternatively, the firm could
withdraw from the audit engagement.
Where the valuation is not material or does not involve subjectivity, the valuation may
be undertaken provided the self-review threat can be reduced to an acceptable level.
Appropriate safeguards would include:
involving an additional professional (who was not a member of the assurance
team) to review the work done or otherwise advise as necessary;
confirming with the audit client their understanding of the underlying assumptions
of the valuation and the methodology to be used and obtaining approval for their
use;
obtaining the audit client's acknowledgement of responsibility for the results of the
work performed by the firm; and
making arrangements so that personnel providing such services do not participate
in the audit engagement.

0416


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
In determining if the safeguards would be effective, the following matters should also
be considered:
the extent of the client's knowledge, experience and ability to evaluate the issues
concerned, and the extent of their involvement in determining and approving
significant matters of judgement;

the degree to which established methodologies and professional guidelines are
applied when performing a particular valuation service;
for valuations involving standard or established methodologies, the degree of
subjectivity inherent in the item concerned;
the reliability and extent of the underlying data;
the degree of dependence on future events of a nature which could create
significant volatility inherent in the amounts involved; and
the extent and clarity of the disclosures in the financial statements.

2.8.4

IT systems services

The provision of services to an audit client that involve the design and implementation
of financial information technology systems that are used to generate information
forming part of that client’s financial statements, may create a self-review threat.
Appropriate safeguards include:
acknowledgement by the audit client of its responsibility for establishing and
monitoring a system of internal controls;
the audit client designates a competent employee, preferably within senior
management, with the responsibility to make all management decisions with
respect to the design and implementation of the hardware or software system;
the audit client makes all management decisions with respect to the design and
implementation process;
the audit client evaluates the adequacy and results of the design and
implementation of the system;
the audit client is responsible for the operation of the system (hardware or
software) and the data used or generated by the system; and
employees used by the audit firm and their internal reporting lines, are different to
those for the audit assignment.

Note that the provision of services in connection with the assessment, design and
implementation of internal accounting controls and risk management controls is not
considered to create a threat to independence provided that the assignment team do not
perform managerial functions. However, consideration should be given to ensuring
that such team members are not part of the audit team.

0417


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT

2.8.5

Provision of temporary staff to a client

The lending of staff by a firm to an audit client may create a self-review threat when the
individuals are in a position to influence the preparation of a client’s accounts or
financial statements.
In practice, such assistance may be given (particularly in emergency situations) but only
on the understanding that the personnel will not be involved in:
making management decisions;
approving or signing agreements or other similar documents; or
exercising discretionary authority to commit the client
In addition such staff will not be involved in the audit of those areas and activities
undertaken whilst on the temporary assignment to the client.
It is important that the audit client acknowledges its responsibility for directing and
supervising the firm’s staff whilst on temporary assignment.

2.8.6


Recruitment of senior management

The recruitment of senior management for an assurance client, such as those in a
position to affect the subject matter information of the assurance engagement, may
create current or future self-interest, familiarity and intimidation threats.
Care must be taken to ensure that no managerial decisions are taken by the firm during
the recruitment process. For example, services provided could cover reviewing the
professional qualifications of a number of applicants and providing advice on their
suitability for the post.
In addition, the firm could generally produce a short-list of candidates for interview,
provided it has been drawn up using criteria specified by the assurance client. In no
circumstances should the firm rank or identify the most suitable candidate.

2.9

Long association of senior personnel with assurance clients
Creates a familiarity risk where senior members of the assurance team are assigned to
one particular assignment for a significant period of time.
The significance of the threat should be evaluated and safeguards applied, e.g.
rotating the senior personnel off the team;
involving an experienced member independent of the assignment to review the
work of the senior team members; or
subject the assignment to internal quality control reviews.

0418


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
For a listed entity or a significant public interest entity , the risk is significant and
specific rotation procedures must be applied:

Five year maximum rotation of engagement partner (who cannot return to the
engagement within five years).
Seven year maximum rotation of other “key audit partners” (who cannot return
within two years or as the engagement partner, within five years). Also applies to
the individual responsible for the engagement quality control review.
When an audit client becomes listed, it may be possible that the engagement
partner/key audit partner will have already exceeded their rotation period or will
have less than two years to run. In both circumstances, they are allowed to remain
with the client for a maximum of two more years and must then be rotated.

2.10

Recent employment with an assurance client

May create a self-interest, self-review and/or familiarity risk. Especially high risk
where the member of the assurance team has to, for example, report on subject matter
that they were responsible for whilst with the assurance client.
Any partner, manager or employee cannot be part of the assurance team during the
period for which a report is to be made, or at any time in the prior two years (i.e. three
years in total), if they were an officer or employee of the client, or they were seconded to
the client from the practice, and had direct and significant influence over the subject
matter of the assurance assignment.
For similar situations prior to the two year period, where the subject matter is currently
being reported on, the significance of any threat must be assessed and appropriate
safeguards applied, e.g. specific independent review of the work carried out by the
team member.
In addition, in some jurisdictions, legislation may prohibit an officer/employee of a
company from accepting appointment as auditor of that company (e.g. UK Companies
Act 2006).


2.11

Future employment with an assurance client

May create self-interest, familiarity and/or intimidation threats, especially where
significant connections remain between the individual and their former firm.
Because of the significance of the threats, a key audit partner of an audit client cannot
accept a key management position with that client until at least two years have elapsed
from the conclusion of the audit.
For other partners and staff of any assurance client (whether or not an audit is
conducted), the threat must be assessed taking into account:
the position the individual has taken at the assurance client;
the amount of any involvement the individual will have with the assurance team
and/or the subject matter;

0419


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
the length of time that has passed since the individual was a member of the
assurance team or firm; and
the former position of the individual within the assurance team or firm.
If the threat is more than insignificant, appropriate safeguards should be applied, eg:
modifying the assurance plan;
assigning a sufficiently experienced team;
quality control review.
In all cases:
the individual concerned is not entitled to any benefits or payments from the firm
(after they have left) unless these are made in accordance with fixed predetermined arrangements (e.g. partnership agreement);
any amount that is owed to the individual should not be of such significance to

threaten the firm’s independence (e.g. akin to a loan); and
the individual does not continue to participate or appear to participate in the firm’s
business or professional activities.
Similar threats will also apply when an employee of the firm participates in an
assurance engagement knowing that they will, or may be employed by the client (e.g.
having interviews).

2.12

Close business relationships

A close business relationship between a firm or a member of the assurance team and the
assurance client or its management, will involve a commercial or common financial
interest and may create self-interest and intimidation threats. Examples include:
joint ventures with the client, directors, officers or employees who perform
managerial functions;
marketing arrangements between the firm and a client for a joint product or the
other’s products and services.
In such circumstances, no safeguards would be able to reduce the risk to an acceptable
level, therefore:
terminate such business relationships already established;
refuse to enter into any such business relationships offered; or
refuse to perform assurance assignments for the client.

2.13

Actual or threatened litigation

When litigation takes place, or appears likely, between the firm or a member of the
assurance team and the assurance client, a self-interest or intimidation threat may be

created.
Examples include the issue of a writ against the firm for negligence, allegations of
fraud/deceit by officers of the company.

0420


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
The firm and client may be placed in adversarial positions, therefore
the auditor may be unable to report impartially: and/or
the client may be unwilling to disclose relevant information.
The significance of the threat will depend on:
the materiality of the litigation;
the nature of the assurance engagement; and
whether the litigation relates to a prior assurance engagement.
Safeguards that may be applied include:
disclosing to the audit committee, or others charged with governance, the extent
and nature of the litigation;
if the litigation involves a member of the assurance team, removing that individual
from the assurance team; and
independent review of the work that was carried out and is subject to the litigation.

2.14

Serving on the board of an assurance client

Serving on the board of an assurance client creates significant self-review and selfinterest threats.
The firm and client may be placed in adversarial positions, therefore
the auditor may be unable to report impartially: and/or
the client may be unwilling to disclose relevant information.

Partners and employees of a firm cannot serve on the board of any of their firm’s
assurance clients.

Example 1
Required:
Comment and conclude on the following four situations.

(1)

Petr, a recently qualified member of ACCA, has decided to go into practice alone.
He already has a small private portfolio of $150,000 gross fee income but has now
been approached by his cousin to take over the audit of her company, the last audit
fee for which was $120,000. This will be by far his largest audit within his portfolio
of clients.

0421


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
Comment –

Conclusion –

(2)

Paine & Co has been requested by a long standing client to do a special investigation
into a foreign group of companies. The target group is based in Turkey where the
firm has no representation. The client is very keen to use the firm and are prepared
to pay not only for the cost of the investigation but also the additional costs of the
firm having to use temporary staff to service other existing clients. The firm’s gross

practice income is normally $7,500,000, the audit fee for this client is normally
$800,000. The extra service is expected to cost the client $1,600,000

Comment –

Conclusions –

(3)

0422

Ambit plc is preparing to apply for admission to a recognised stock market, at the
same time offering a proportion of its shares to the public. The directors have asked
Schilling & Co, as its auditors, to set up and maintain the company’s share register
on a computer database.


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT
Comment –

Conclusion –

(4)

Sean & Co are the auditors of Starck a.s. During the current year, Starck has
expanded rapidly, taken over three other companies and is currently preparing to
float a proportion of its shares on a recognised stock exchange. As a result of several
special assignments connected with these events, total fees from Starck amount to
19% of the total fee income of Sean & Co for the year.
In addition, Sean & Co’s senior tax manager owns a small number of shares in

Starck, acquired several years ago when the company issued shares under a
business expansion scheme
Comment –

Conclusion –

0423


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT

2.15

Second opinions

Occurs when an entity approaches an accounting firm who is not its auditor, for an
opinion on the application of accounting, auditing, reporting or other standards or
principles. Sometimes referred to as “opinion shopping” by the client.
Providing a second opinion to a company or an entity that is not an existing client, may
give rise to threats to compliance with the fundamental principles, unless the advice
sort is clearly insignificant.
For example, there may be a threat to professional competence and due care in
circumstances where the second opinion is not based on the same set of facts that were
made available to the existing accountant, or is based on inadequate evidence.

2.15.1

Risks

The firm may express an opinion which is not based on the facts as known to the

auditor.
The second opinion may create undue pressure on the judgement and objectivity of the
appointed auditor, thus threatening their independence.

2.15.2

Safeguards

The person or firm asked for a second opinion must:
seek the client’s permission to contact the current accountant and/or auditor;
obtain all relevant information by contacting the accountant/auditor and asking for
any relevant facts; and
should be prepared to provide the accountant/auditor with their opinion, given the
client’s permission.
If communication with the current accountant/auditor is refused, a second opinion
should not be given.
Where a hypothetical position is put, the person/firm asked to comment on this
position should ensure that the nature of their opinion is made clear and that it is based
on the hypothetical position put to them. Professional scepticism should be applied as
to the nature of the hypothetical position.

3

CONFIDENTIALITY
Two aspects

3.1 Improper disclosure

0424


3.2 Improper use


SESSION 04 – PROFESSIONAL CODES OF ETHICS AND CONDUCT

3.1

Improper disclosure

3.1.1

General principle

Information acquired in the course of professional work should not be disclosed to third
parties (including other clients and for use within other assignments) without first
obtaining the client’s permission. For example, information obtained from one
assignment cannot be used within another, without obtaining the permission of the first
client, e.g. the knowledge that one client has going concern problems cannot be used to
assess debt collection by another client, unless such knowledge is within the public
domain.
Exceptions
there is a statutory right or duty to disclose without first obtaining the client’s
permission;
there is a requirement made by law, e.g. under obligation of a court order;
to comply with quality control reviews of regulatory bodies, e.g. ACCA (usually
included within the letter of engagement); or
to respond to an inquiry or investigation by ACCA or other regulatory body (again,
included within a letter of engagement).

3.1.2


General position

Confidentiality is an implied term of a contract between an auditor and client. It is in
the public interest that this professional duty of confidence exists.
Auditors are normally under NO legal obligation to disclose defaults or unlawful acts
(or suspicions thereof) to anyone other than the client’s management, unless specifically
required to do so by law.
Where there is a right (as opposed to a duty), disclosure should only be made in pursuit
of a public duty or professional obligation.

3.1.3

Obligatory disclosure

UK examples include actual or suspected offences of:
money laundering;
proceeds of crime;
terrorism;
treason;
drug trafficking.
Members are strongly recommended to take legal advice before any action or inaction,
as in some cases it is a criminal offence to notify (“tip off”) the client of any suspicion or
knowledge of the offence.

0425