Statutory auditors and audit firms are entrusted by law to conduct statutory audits of public-interest entities with a view to enhancing the degree of confidence of the public in the annual and consolidated financial statements of such entities. The public-interest function of statutory audit means that a broad community of people and institutions rely on the quality of a statutory auditor's or an audit firm's work. Good audit quality contributes to the orderly functioning of markets by enhancing the integrity and efficiency of financial statements. Thus, statutory auditors fulfil a particularly important societal role.
(2)
Union legislation requires that the financial statements, comprising annual financial statements or consolidated financial statements, of credit institutions, insurance undertakings, issuers of securities admitted to trading on a regulated market, payment institutions, undertakings for collective investment in transferable securities (UCITS), electronic money institutions and alternative investment funds be audited by one or more persons entitled to carry out such audits in accordance with Union law, namely: Article 1(1) of Council Directive 86/635/EEC (3), Article 1(1) of Council Directive 91/674/EEC (4), Article 4(4) of Directive 2004/109/EC of the European Parliament and of the Council (5), Article 15(2) of Directive 2007/64/EC of the European Parliament and of the Council (6), Article 73 of Directive 2009/65/EC of the European Parliament and of the Council (7), Article 3(1) of Directive 2009/110/EC of the European Parliament and of the Council (8), and Article 22(3) of Directive 2011/61/EU of the European Parliament and of the Council (9). Moreover, point (1) of Article 4(1) of Directive 2004/39/EC of the European Parliament and of the Council (10) also requires that the annual financial statements of investment firms be audited when Directive 2013/34/EU of the European Parliament and of the Council (11) is not applicable.
(3)
The conditions for the approval of the persons responsible for carrying out the statutory audit as well as the minimum requirements for carrying out such statutory audit are laid down in Directive 2006/43/EC of the European Parliament and of the Council (12).
(4)
On 13 October 2010 the Commission published a Green Paper entitled ‘Audit Policy: Lessons from the Crisis’, which launched a wide public consultation, in the general context of financial market regulatory reform, on the role and scope of audit and how the audit function could be enhanced in order to contribute to increased financial stability. That public consultation showed that the rules of Directive 2006/43/EC regarding the carrying out of the statutory audit of annual and consolidated financial statements of public-interest entities could be improved. The European Parliament issued an own-initiative report on the Green Paper on 13 September 2011. The European Economic and Social Committee also adopted a report on that Green Paper on 16 June 2011.
(5)
It is important to lay down detailed rules with a view to ensuring that the statutory audits of public-interest entities are of adequate quality and are carried out by statutory auditors and audit firms subject to stringent requirements. A common regulatory approach should enhance the integrity, independence, objectivity, responsibility, transparency and reliability of statutory auditors and audit firms carrying out statutory audits of public-interest entities, contributing to the quality of statutory audits in the Union, thus to the smooth functioning of the internal market, while achieving a high level of consumer and investor protection. The development of a separate act for public-interest entities should also ensure consistent harmonisation and uniform application of the rules and thus contribute to a more effective functioning of the internal market. These strict requirements should be applicable to statutory auditors and audit firms only insofar as they carry out statutory audits of public-interest entities.
(6)
The statutory audit of cooperatives and savings banks is characterised in some Member States by a system that does not allow them to choose their statutory auditor or audit firm freely. The audit association to which the cooperative or savings bank belongs as a member is obliged by law to carry out the statutory audit. Such audit associations act on a non-profit-making basis without pursuing commercial interests, as results from their legal nature. In addition, the organisational units of these associations are not associated with a common economic interest, which could jeopardise their independence. Accordingly, Member States should have the possibility to exempt cooperatives within the meaning of point (14) of Article 2 of Directive 2006/43/EC, savings banks or similar entities as referred to in Article 45 of Directive 86/635/EEC or their subsidiaries or legal successors from this Regulation provided that the principles of independence laid down in Directive 2006/43/EC are complied with.
(7)
The level of fees received from one audited entity and the structure of fees can threaten the independence of a statutory auditor or an audit firm. Thus, it is important to ensure that audit fees are not based on any form of contingency and that, when the audit fees from a single client including its subsidiaries are significant, a specific procedure involving the audit committee is established to secure the quality of the audit. If the statutory auditor or the audit firm becomes excessively dependent on a single client, the audit committee should decide on the basis of proper grounds whether the statutory auditor or the audit firm may continue to carry out the statutory audit. When taking such decision, the audit committee should take into consideration, inter alia, the threats to independence and the consequences of such decision.
(8)
The provision of certain services other than statutory audit (non-audit services) to audited entities by statutory auditors, audit firms or members of their networks may compromise their independence. Therefore, it is appropriate to prohibit the provision of certain non-audit services such as specific tax, consultancy and advisory services to the audited entity, to its parent undertaking and to its controlled undertakings within the Union. The services that involve playing any part in the management or decision-making of the audited entity might include working capital management, providing financial information, business process optimisation, cash management, transfer pricing, creating supply chain efficiency and the like. Services linked to the financing, capital structure and allocation, and investment strategy of the audited entity should be prohibited except the provision of services such as due diligence services, issuing comfort letters in connection with prospectuses issued by the audited entity and other assurance services.
(9)
It should be possible for Member States to decide to allow the statutory auditors and the audit firms to provide certain tax and valuation services when such services are immaterial or have no direct effect, separately or in the aggregate, on the audited financial statements. Where such services involve aggressive tax planning, they should not be considered as immaterial. Accordingly, a statutory auditor or an audit firm should not provide such services to the audited entity. A statutory auditor or an audit firm should be able to provide non-audit services which are not prohibited under this Regulation, if the provision of those services has been approved in advance by the audit committee and if the statutory auditor or the audit firm has satisfied itself that provision of those services does not pose a threat to the independence of the statutory auditor or the audit firm that cannot be reduced to an acceptable level by the application of safeguards.
(10)
With a view to avoiding conflicts of interest it is important that the statutory auditor or the audit firm, before accepting or continuing an engagement for a statutory audit of a public-interest entity, assess whether the independence requirements are met, and in particular whether any threats to independence arise as a result of the relationship with that entity. The statutory auditor or the audit firm should confirm its independence annually to the audit committee of the audited entity and should discuss with that committee any threat to its independence as well as the safeguards applied to mitigate those threats.
(11)
Directive 95/46/EC of the European Parliament and of the Council (13) should govern the processing of personal data carried out in the Member States in the context of this Regulation and such processing of personal data should be subject to the supervision of the Member States' competent authorities, in particular the public independent authorities designated by the Member States. Any exchange or transmission of information by competent authorities should comply with the rules on the transfer of personal data as laid down in Directive 95/46/EC.
(12)
A sound engagement quality control review of the work carried out in each statutory audit engagement should be conducive to high audit quality. Therefore, the statutory auditor or the audit firm should not issue his, her or its audit report until such an engagement quality control review has been completed.
(13)
The results of the statutory audit of a public-interest entity should be presented to the stakeholders in the audit report. In order to increase the confidence of stakeholders in the financial statements of the audited entity, it is particularly important that the audit report be well-founded and solidly substantiated. In addition to the information required to be provided under Article 28 of Directive 2006/43/EC, the audit report should in particular include sufficient information on the independence of the statutory auditor or the audit firm and on whether the statutory audit was considered capable of detecting irregularities, including fraud.
(14)
The value of statutory audit for the audited entity would be particularly enhanced if the communication between the statutory auditor or the audit firm, on the one hand, and the audit committee, on the other hand, were reinforced. Further to the regular dialogue during the carrying out of the statutory audit, it is important that the statutory auditor or the audit firm submit to the audit committee an additional and more detailed report on the results of the statutory audit. This additional report should be submitted to the audit committee no later than the audit report. Upon request, the statutory auditor or the audit firm should discuss key matters which have been mentioned in the additional report with the audit committee. In addition, it should be possible to make such additional detailed report available to competent authorities responsible for the oversight of statutory auditors and audit firms upon their request, and to third parties where national law so provides.
(15)
Statutory auditors or audit firms already provide competent authorities supervising public-interest entities with information on facts or decisions which could constitute a breach of the rules governing the activities of the audited entity or an impairment of the continuous functioning of the audited entity. However, supervisory tasks would be facilitated if supervisors of credit institutions and insurance undertakings and their statutory auditors and audit firms were required to establish an effective dialogue with each other.
(16)
Regulation (EU) No 1092/2010 of the European Parliament and of the Council (14) established the European Systemic Risk Board (ESRB). The role of the ESRB is to monitor the build-up of systemic risk in the Union. Given the information that statutory auditors and audit firms of systemically important financial institutions have access to, their experience could help the ESRB in its work. Therefore an annual forum for dialogue between statutory auditors and audit firms, on the one hand, and ESRB, on the other, on a sectoral, anonymised basis should be facilitated by this Regulation.
(17)
In order to increase the confidence in, and the liability of, the statutory auditors and the audit firms carrying out the statutory audit of public-interest entities, it is important that the transparency reporting by statutory auditors and audit firms be increased. Therefore, statutory auditors and audit firms should be required to disclose financial information, showing in particular their total turnover divided into audit fees paid by public-interest entities, audit fees paid by other entities and fees for other services. They should also disclose financial information at the level of the network to which they belong. Statutory auditors and audit firms should provide additional supplementary information on audit fees to competent authorities with a view to facilitating their supervisory tasks.
(18)
It is important that the role of the audit committee in the selection of a new statutory auditor or audit firm be reinforced, in the interest of a more informed decision of the general meeting of shareholders or members of the audited entity. Hence, when making a proposal to the general meeting, the administrative or supervisory body should explain whether it follows the preference of the audit committee and, if not, why. The recommendation of the audit committee should include at least two possible choices for the audit engagement and a duly justified preference for one of them, so that a real choice can be made. In order to provide a fair and proper justification in its recommendation, the audit committee should use the results of a mandatory selection procedure organised by the audited entity, under the responsibility of the audit committee. In such selection procedure, the audited entity should not restrict statutory auditors or audit firms with a low market share from presenting proposals for the audit engagement. Tender documents should contain transparent and non-discriminatory selection criteria to be used for the evaluation of proposals. Considering, however, that this selection procedure could entail disproportionate costs for undertakings with reduced market capitalisation or small and medium-sized public-interest entities having regard to their size, it is appropriate to relieve such undertakings and entities from the obligation of organising a procedure for the selection of a new statutory auditor or audit firm.
(19)
The right of the general meeting of shareholders or members of the audited entity to choose the statutory auditor or the audit firm would be of no value if the audited entity were to enter into a contract with a third party providing for a restriction of such choice. Therefore, any clause of a contract entered into by the audited entity with a third party regarding the appointment or restricting the choice to particular statutory auditors or audit firms should be considered null and void.
(20)
The appointment of more than one statutory auditor or audit firm by public-interest entities would reinforce the professional scepticism and help to increase audit quality. Also, this measure, combined with the presence of smaller audit firms in the audit market would facilitate the development of the capacity of such firms, thus broadening the choice of statutory auditors and audit firms for public-interest entities. Therefore, the latter should be encouraged and incentivised to appoint more than one statutory auditor or audit firm to carry out the statutory audit.
(21)
In order to address the familiarity threat and therefore reinforce the independence of statutory auditors and audit firms, it is important to establish a maximum duration of the audit engagement of a statutory auditor or an audit firm in a particular audited entity. In addition, as a means of strengthening the independence of the statutory auditor or the audit firm, reinforcing professional scepticism, and increasing audit quality, this Regulation provides for the following alternatives for an extension of the maximum duration: regular and open mandatory retendering or the appointment of more than one statutory auditor or audit firm by public-interest entities. Also, the involvement of smaller audit firms in these measures would facilitate the development of the capacity of such firms, thus broadening the choice of statutory auditors and audit firms for public-interest entities. An appropriate gradual rotation mechanism should also be established with regard to the key audit partners carrying out the statutory audit on behalf of the audit firm. It is also important to provide for an appropriate period within which such statutory auditor or audit firm may not carry out the statutory audit of the same entity. In order to ensure a smooth transition, the former statutory auditor should transfer a handover file with relevant information to the incoming statutory auditor.
(22)
In order to ensure a high level of investor and consumer confidence in the internal market by avoiding conflicts of interests, statutory auditors and audit firms should be subject to appropriate oversight by competent authorities which are independent from the audit profession and which have adequate capacity, expertise and resources. Member States should be able to delegate or allow their competent authorities to delegate any of the tasks of those competent authorities to other authorities or bodies except those related to the quality assurance system, investigations and disciplinary systems. However, Member States should be able to choose to delegate tasks related to disciplinary systems to other authorities and bodies provided that the majority of the persons involved in the governance of the authority or body concerned are independent from the audit profession. The national competent authorities should have the necessary powers to undertake their supervisory tasks, including the capacity to access data, obtain information and carry out inspections. They should specialise in the supervision of financial markets, in the compliance with financial reporting obligations or in statutory audit oversight. However, it should be possible for the supervision of the compliance with the obligations imposed on public-interest entities to be carried out by the competent authorities responsible for the supervision of those entities. The funding of the competent authorities should be free from any undue influence by statutory auditors or audit firms.
(23)
The quality of supervision should improve if there is effective cooperation between authorities charged with different tasks at national level. Therefore, the authorities competent to supervise compliance with the obligations regarding statutory audit of public-interest entities should cooperate with the authorities responsible for the tasks provided for in Directive 2006/43/EC, with those supervising public-interest entities and with the financial intelligence units referred to in Directive 2005/60/EC of the European Parliament and of the Council (15).
(24)
External quality assurance for the statutory audit is fundamental for high quality audit. It adds credibility to published financial information and provides better protection for shareholders, investors, creditors and other interested parties. Statutory auditors and audit firms should therefore be subject to a system of quality assurance under the responsibility of the competent authorities, thus ensuring objectivity and independence from the audit profession. Quality assurance reviews should be organised in such a manner that each statutory auditor or each audit firm carrying out audits of public-interest entities is subject to a quality assurance review on the basis of an analysis of the risks. In the case of statutory auditors and audit firms carrying out statutory audits of public-interest entities other than those defined in points (17) and (18) of Article 2 of Directive 2006/43/EC, that review should take place at least every three years and, in other cases, at least every six years. The Commission Recommendation of 6 May 2008 on external quality assurance for statutory auditors and audit firms auditing public-interest entities (16) provides information on how inspections should be undertaken. Quality assurance reviews should be appropriate and proportionate in view of the scale and complexity of the business of the reviewed statutory auditor or audit firm.
(25)
The market for the provision of statutory audit services to public-interest entities evolves over time. It is therefore necessary that competent authorities monitor the developments in the market, particularly as regards the risks that arise from high market concentration, including within specific sectors, and the performance of audit committees.
(26)
The transparency of the activities of competent authorities should help to increase the confidence of investors and consumers in the internal market. Therefore, competent authorities should be required to report regularly on their activities and to publish information in aggregated form on findings and conclusions of inspections, or in individual form where Member States so provide.
(27)
Cooperation between the competent authorities of the Member States can make an important contribution to ensuring consistently high quality of statutory audit in the Union. Therefore, the competent authorities of the Member States should cooperate with each other, where necessary, for the purpose of carrying out their supervisory duties regarding statutory audits. They should respect the principle of home-country regulation and oversight by the Member State in which the statutory auditor or the audit firm is approved and in which the audited entity has its registered office. The cooperation between competent authorities should be organised within the framework of a Committee of European Auditing Oversight Bodies (CEAOB), which should be composed of high-level representatives of the competent authorities. In order to enhance consistent application of this Regulation, the CEAOB should be able to adopt non-binding guidelines or opinions. In addition, it should facilitate the exchange of information, provide advice to the Commission and contribute to technical assessments and technical examinations.
For the purpose of carrying out the technical assessment of public oversight systems of third countries and to the international cooperation between Member States and third countries in this area, the CEAOB should establish a sub-group chaired by the member appointed by the European Supervisory Authority (European Securities and Markets Authority — ESMA) (17) and should request the assistance from ESMA, the European Supervisory Authority (European Banking Authority — EBA) (18) or the European Supervisory Authority (European Insurance and Occupational Pensions Authority — EIOPA) (19) insofar as its request is related to the international cooperation between Member States and third countries in the field of statutory audit of public-interest entities supervised by these European Supervisory Authorities. The Secretariat of the CEAOB should be provided by the Commission and, based on the work programme agreed by the CEAOB, should include related expenses in its estimates for the next year.
(28)
The scope of cooperation between the competent authorities of Member States should include cooperation with regard to quality assurance reviews and assistance with investigations related to the carrying-out of statutory audits of public-interest entities, including in cases where the conduct under investigation does not constitute an infringement of any legislative or regulatory provision in force in the Member States concerned. The detailed arrangements for cooperation between the competent authorities of the Member States should include the possibility of creating colleges of competent authorities and the delegation of tasks among themselves. The concept of a network in which statutory auditors and audit firms operate should be taken into account in such cooperation. Competent authorities should respect appropriate confidentiality and professional secrecy rules.
(29)
The interrelation of capital markets gives rise to the need to empower competent authorities to cooperate with supervisory authorities and bodies of third countries regarding the exchange of information or quality assurance reviews. However, where the cooperation with third country authorities is related to audit working papers or other documents held by statutory auditors or audit firms, the procedures laid down by Directive 2006/43/EC should apply.
(30)
Sustainable audit capacity and a competitive market for statutory audit services in which there is a sufficient choice of statutory auditors and audit firms capable of carrying out statutory audits of public-interest entities are required in order to ensure a smooth functioning of capital markets. The competent authorities and the European Competition Network (ECN) should report on the changes brought in the audit market structure introduced by this Regulation.
(31)
The alignment of the procedures for the adoption of delegated acts by the Commission to the Treaty on the Functioning of the European Union and, in particular, to Article 290 and 291 thereof, should be effected on a case-by-case basis. In order to take into account the developments in auditing and in the audit profession, the power to adopt acts in accordance with Article 290 of the Treaty on the Functioning of the European Union should be delegated to the Commission. In particular, delegated acts are necessary for the purpose of adopting international auditing standards in the area of audit practice, independence of and internal controls of statutory auditors and audit firms. The international auditing standards adopted should not amend any requirements of this Regulation or supplement any of those requirements, except for those precisely defined. It is of particular importance that the Commission carry out appropriate consultations during its preparatory work, including consultations at expert level.
The Commission, when preparing and drawing up delegated acts, should ensure a simultaneous, timely and appropriate transmission of relevant documents to the European Parliament and to the Council.
(32)
In order to ensure legal certainty and the smooth transition to the regime introduced by this Regulation, it is important to introduce a transitional period regarding the entry into force of the obligation to rotate statutory auditors and audit firms and the obligation to organise a selection procedure for the choice of statutory auditors and audit firms.
(33)
References to provisions of Directive 2006/43/EC should be understood as references to the national provisions transposing those provisions of Directive 2006/43/EC. The new European audit framework as established by this Regulation and Directive 2014/56/EU of the European Parliament and of the Council (20) replaces existing requirements laid down in Directive 2006/43/EC and should be interpreted without referring to any preceding instruments such as Commission recommendations adopted under the previous framework.
(34)
Since the objectives of this Regulation, namely clarifying and better defining the role of statutory audit regarding public-interest entities, improving the information that the statutory auditor or the audit firm provides to the audited entity, investors and other stakeholders, improving the communication channels between auditors and supervisors of public-interest entities, preventing any conflict of interest arising from the provision of non-audit services to public-interest entities, mitigating the risk of any potential conflict of interest due to the existing system whereby the auditee selects and pays the auditor or the familiarity threat, facilitating the switching of, and the choice of a statutory auditor or an audit firm to public-interest entities, broadening the choice of statutory auditors and audit firms for public-interest entities and improving the effectiveness, independence and consistency of the regulation and oversight of statutory auditors and audit firms providing statutory audits to public-interest entities including as regards cooperation at Union level, cannot be sufficiently achieved by the Member States but can rather, by reason of their scale, be better achieved at Union level, the Union may adopt measures, in accordance with the principle of subsidiarity as set out in Article 5 of the Treaty on European Union. In accordance with the principle of proportionality, as set out in that Article, this Regulation does not go beyond what is necessary in order to achieve those objectives.
(35)
This Regulation respects the fundamental rights and observes the principles recognised in particular by the Charter of Fundamental Rights of the European Union, notably the right to respect for private and family life, the right to the protection of personal data, and the freedom to conduct a business, and has to be applied in accordance with those rights and principles.
(36)
The European Data Protection Supervisor was consulted in accordance with Article 28(2) of Regulation (EC) No 45/2001 of the European Parliament and of the Council and delivered an opinion on 23 April 2012 (21).
(37)
A new legal framework of statutory audit of annual and consolidated financial statements should be established by this Regulation and Directive 2014/56/EU, therefore Commission Decision 2005/909/EC (22) should be repealed,
