Professional Documents
Culture Documents
The syllabus and study guide for P7 (INT) and P7 (UK), Advanced Audit and Assurance includes section
G1 (a) on professional and ethical developments which requires candidates to ‘discuss emerging
ethical issues and evaluate the potential impact on the profession, firms and auditors’ and G1 (b)
‘Discuss the content and impact of exposure drafts, consultations and other pronouncements issued
by IFAC and its supporting bodies.’ This article is intended to provide insight into recent developments
to the International Ethics Standards Board’s Code of Ethics for Professional Accountants (IESBA) in
relation to the auditor’s response to non-compliance with laws and regulations. The article is also
relevant to all other P7 exams.
Introduction
The International Ethics Standards Board (IESBA) issued their final pronouncement on Responding to
Non-Compliance with Laws and Regulations (NOCLAR) in July 2016. The pronouncement is an
examinable document from the exam year starting September 2017. In practice, the pronouncement is
effective from July 2017 with earlier adoption permitted. The new standard adds sections 225 and 360
to the IESBA’s Code of Ethics for Professional Accountants (the Code). The purpose of the new sections
is to address the responsibilities of Professional Accountants in Public Practice (including auditors) and
Professional Accountants in Business when they become aware of NOCLAR. The standard also contains
consequential and conforming amendments to a number of existing sections of the Code.
What is NOCLAR?
NOCLAR is defined by the new standard as comprising acts of omission or commission, intentional or
unintentional, committed by a client, or by those charged with governance, by management or by other
individuals working for or under the direction of a client which are contrary to the prevailing laws and
regulations.
The non-compliance which the standard addresses is concerned with laws and regulations which are
generally recognised to have a direct effect on the determination of material amounts and disclosures in
the client’s financial statements. It also addresses other laws and regulations which may be fundamental
to the operating aspects of the client’s business, to its ability to continue its business or to avoid
material penalties. It is worth noting that the standard does not include within its scope any matters
that are clearly inconsequential or any personal misconduct which is unrelated to the business activities
of the client or employer.
The NOCLAR project originated from an attempt to address concerns from the regulatory community
and other stakeholders that the Professional Accountant’s (PA’s) duty of confidentiality under the Code
was acting as a barrier to the disclosure of possible NOCLAR to appropriate public authorities. While
emphasising the binding nature of the duty of confidentiality, the existing Code identified general
circumstances where disclosure may be appropriate including when a PA considers it to be in the public
interest. The existing Code acknowledged that this is a difficult area to decide on and that as a result, it
will often be appropriate to take legal advice.
The new standard aims to raise the ethical bar for the global accountancy profession and to increase the
emphasis on PAs’ duties and responsibilities in this area. It importantly represents the first time that
accountants have been permitted to set aside the duty of confidentiality, which is a fundamental
principle in the Code, in order to disclose NOCLAR to appropriate public authorities in the circumstances
prescribed. The new standard is intended to sit alongside and supplement the existing guidance on this
area contained within the International Standards on Auditing (ISAs). It is noteworthy in this regard that
in October 2016, the International Auditing and Assurance Standards Board (IAASB) amended the ISAs in
order to enhance auditor focus on non-compliance with laws and regulations and to enable the ISAs to
be applied effectively alongside the IESBA Code by clarifying and emphasising key aspects of the IESBA
Code in the IAASB’s Standards. The most significant revisions have been to ISA 250 Consideration of
Laws and Regulations in an Audit of Financial Statements which now directly references the Code and
the additional responsibilities under law, regulation or relevant ethical requirements regarding an
entity’s non-compliance with laws and regulations. It acknowledges that these may differ from or go
beyond the ISA itself.
Concerns were also expressed that auditors were simply resigning from client relationships as a result of
suspected or identified NOCLAR without the matter being appropriately addressed. Moreover, it was
felt that there was a lack of guidance in the Code about the thought process and the relevant factors to
consider in determining how best to respond to potential NOCLAR in the public interest. While the
existing Code implicitly required PAs not to turn a blind eye to potential NOCLAR, there were no clear
and explicit requirements on how to respond. There was a risk that the duty of confidentiality would put
PAs in a conflict situation and confuse their response. NOCLAR enables PAs to override their duty of
confidentiality where there is a strong public interest in the matter.
The NOCLAR guidance therefore aims to ensure that PAs respond to identified or suspected NOCLAR on
a timely basis in order to rectify, remediate or mitigate its potentially adverse impact on stakeholders
and the general public. The increased emphasis on PAs’ duties and responsibilities in this area should
also serve to stimulate increased reporting of NOCLAR and even to act as a deterrent to non-compliance
by audited entities.
A differential approach
The NOCLAR guidance prescribes a differentiated approach for auditors, other PAs in public practice as
well as for senior level and other PAs in business. While the basic ethical principles are the same for all
PAs, the implementation of these principles differs according to their roles, levels of seniority, spheres of
influence and the different levels of public expectations. In the context of the P7 exam, however, we will
concentrate on the prescribed approach to NOCLAR for the auditing profession.
Responsibilities of auditors
The NOCLAR guidance provides a clear framework for auditors to follow when addressing an instance of
non-compliance or suspected non-compliance.
In order to clarify whether an instance of non-compliance has occurred, the auditor should consider
consulting with other members of the firm on a confidential basis, with a network firm or relevant
professional body. The auditor should also consider taking legal advice. If the auditor suspects non-
compliance has occurred, they should discuss the matter with the appropriate level of management
and, where appropriate, those charged with governance in order to clarify understanding of the facts
and circumstances surrounding the matter together with its potential consequences. In assessing the
appropriate level of management, the auditor should consider any potential involvement or collusion in
the matter together with the ability of management to carry out investigations and take appropriate
action.
Documentation
The auditor is required to document the process of compliance with the NOCLAR guidance including the
response of management and those charged with governance, the courses of action considered, the
judgements made and the decisions taken.
The IESBA acknowledges that the accountancy and auditing profession will not resolve the NOCLAR issue
in isolation and that it requires the support and co-operation of other professions together with
governments, legislators and regulators. In particular it is hoped that governments will introduce and
strengthen legislation addressing NOCLAR and will provide protection for whistle blowers and to
auditors and other PAs who implement the standard. The ultimate success of the project is also
dependent on governmental authorities acting appropriately in response to the NOCLAR reports which
they will receive under the requirements of the standard.