Government responds on restoring trust in audit and corporate governance

Last week, the government finally published its response to the BEIS White Paper. Reforms are proposed in relation to public interest entities, directors' accountability, corporate reporting requirements, auditors and the audit market, and the establishment of the new regulator, the Audit, Reporting and Governance Authority (ARGA).

Key reforms include:

widening the definition of public interest entities (PIEs),
increased directors' accountability - for internal controls, dividends and capital maintenance,
new corporate reporting requirements - resilience statement, audit and assurance policy (AAP), and tackling fraud,
supervision of corporate reporting,
company directors - FRC/ARGA enforcement powers and clawback and malus in executive directors' remuneration, and
audit purpose and scope, audit committee oversight and engagement with shareholders, the audit market, supervision of audit quality and the establishment and responsibilities of ARGA.

Wider definition of PIEs

The definition of "public interest entity" (PIE) will be widened to include large businesses of public importance, regardless of whether they are admitted to trading on a regulated market. The definition of PIE is to be expanded to include large entities with both:

750 or more global employees; and
an annual turnover of at least £750 million.

Entities that meet these thresholds are referred to below as ‘750/750 PIEs’, and can include:

companies traded on Multilateral Trading Facilities (including AIM companies),
LLPs and
third sector entities.

Entities excluded from the definition include Lloyds syndicates and local authorities that are not already included as PIEs.

750/750 PIEs will not become subject to all of the audit requirements of existing PIEs, but certain new corporate reporting requirements will apply only to PIEs that meet the 750/750 PIE thresholds mentioned above.

Reporting requirements of PIEs: In the interests of proportionality and to minimise additional burdens, the government intends to introduce a tiered approach to reporting, so that the new corporate reporting requirements on the resilience statement, audit and assurance policy, directors’ statement on fraud measures and the new disclosures about dividends and distributable reserves will apply only to PIEs that meet the 750/750 PIE thresholds mentioned above.

Audit requirements of PIEs: In the interests of proportionality and to minimise additional burdens, the government does not intend to apply the requirements for an audit committee, re-tender of the audit every ten years and to rotate auditor every 20 years to entities that become PIEs because of the new 750:750 size-based threshold.

Directors and corporate reporting

Clawback and malus provisions in executive directors' remuneration arrangements: The government will ask the FRC/ARGA to consult on how the existing malus and clawback provisions in the Code can be developed to be more transparent and rigorous, and yet flexible to meet individual business needs.

Duty to report on anti-fraud measures: There will be a new requirement for directors of 750/750 PIEs to report on the steps that they have taken to prevent and detect material fraud.

Annual resilience statement: A resilience statement is to be included in the strategic report of public and private companies which are 750/750 PIEs, to report on matters that they consider a material challenge to resilience over the short and medium term, together with an explanation of how they have arrived at this judgement of materiality. Companies are to choose and explain the length of the assessment period for the medium-term section and to include a description of how resilience planning over the chosen period aligns with the company’s strategy and business investment cycle. The existing viability statement and going concern provisions in the Code (Provisions 31 and 30) will be incorporated and adapted within the statutory requirements for the resilience statement and the existing strategic report requirement on companies to describe the principal risks and uncertainties facing them should be incorporated within the resilience statement. The regulator is to provide supporting guidance on the resilience statement.

Audit and assurance policy (AAP): There will be a statutory requirement for 750/750 PIEs to publish an AAP every three years that describes the company’s approach to seeking assurance of its reported information. They will also be required to publish an annual implementation report to provide a summary update of how the assurance activity outlined in the AAP is working in practice. ARGA is to develop guidance on the AAP.

Directors’ duty on internal controls and risk management: The government has invited the FRC/ARGA to include in the UK Corporate Governance Code (the Code) an explicit directors’ statement about the effectiveness of the company’s internal controls and the basis for that assessment. This is expected to be underpinned by guidance on how boards should approach the preparation of the statement, to be developed following a review of the FRC’s existing Guidance on Risk Management, Internal Control and Related Financial and Business Reporting. This guidance would cover identification of acceptable standards, benchmarks or principles and address definitional issues and when external assurance might be considered appropriate.

ARGA's investigation and enforcement powers against director wrongdoing: ARGA will be given powers to investigate and take civil action for breaches of corporate reporting and audit-related responsibilities by PIE directors.

Audit committee oversight and engagement with shareholders

ARGA will be given power to set minimum enforceable standards for audit committees in relation to appointment and oversight of auditors. As part of the standards, ARGA will include appropriate provisions to encourage shareholder engagement with an audit.

ARGA's objectives and functions

Among other things, ARGA is to be given powers to:

Publish summary findings from a Corporate Reporting Review (CRR).
Require an expert review to support its CRR work.
Scrutinise the entire contents of a company’s annual report and accounts (including voluntary elements) and to order amendments directly to a company’s report and accounts without a court order.
Investigate and bring civil action for breaches of corporate reporting and audit-related responsibilities by PIE directors.
Set and monitor compliance with additional requirements on the audit committee’s role in FTSE 350 companies in the appointment and oversight of auditors.