5 key things about the revised IESBA Code of Ethics

You may become aware of a situation that could lead to unethical behavior or you might identify some practice that could create the perception that you or your company is acting unethically. As a professional accountant, you have responsibilities to evaluate and address these threats.

The conceptual framework of the Code is a three-step approach to dealing with any issue related to ethics and independence.

1. Identify threats² to the fundamental principles³ and also threats to independence.
2. Evaluate each threat.
3. Eliminate or reduce the threat to an acceptable level.

Professional accountants should remain alert for new information and exercise professional judgment when identifying threats. The following are examples of threats.

• Receiving a loan from an employer or the inappropriate personal use of corporate assets are threats involving an employee’s self-interest.
• An auditor promoting client shares for a listing on a stock exchange or representing an audit client in a court case are advocacy threats.

Evaluating threats requires significant judgment and we expect in a lot of cases that this evaluation is not done in isolation. Higher level management, boards, audit committees and legal counsel (internal or external) may need to be involved in evaluating threats. Other times, the threats might be simple enough that they can be evaluated by one individual. Either way, the Code is relying on the professional judgment and commitment that all professional accountants have made to perform this evaluation.

The most obvious way to reduce a threat to an acceptable level is to eliminate the circumstances that create the threat. For example, a problematic loan could be repaid. However, eliminating the threat may not always be possible. In this case, threats are addressed by applying effective safeguards – e.g. limiting and tracking the use of corporate assets. The Code highlights that there are some threats that cannot be reduced to an acceptable level by just applying a safeguard, and those threats must be eliminated.

Determining whether a threat has been reduced to an acceptable level requires applying the reasonable and informed third-party test, in that the professional accountant asks themselves: Would an informed and objective third party agree that the threat is at an acceptable level? If, after applying safeguards, the answer to that question is still ‘no’, the professional accountant needs to eliminate the threat; for example, by declining to enter into the arrangement or withdrawing from the service in question, or in the case of a professional accountant in business, resigning from the organization.

Professional accountants often engage in activities to build relationships with those whom they have business dealings, such as clients, employees and service providers. While those activities are generally for broadening relationships, they could also create the perception that they are meant to influence behavior, and professional accountants need to take great care they are not crossing an ethical boundary.

Inducements are objects given or actions performed to influence someone’s behavior. Examples of inducements include sending gifts, sports entertainment, vacation home usage, and even something as simple as lunches or dinners.

While all professional accountants need to be cognizant of what could be an inducement, not all inducements are improper under the IESBA Code.

The Code now includes a test that all professional accountants are required to apply. This test is used to determine if any inducement is provided with actual or perceived intent to improperly influence the recipient or someone else, such as a relative or close associate.

The test is qualitative and has no materiality limits. In all cases, however trivial, the professional accountant asks themselves: Would a reasonable and informed third party perceive the intent of the inducement to be improper? This involves assessing many factors, such as the value, frequency and timing of the inducement. As a result, judgment is involved in determining whether there has been an improper inducement.

The IESBA’s ‘Responding to Non-Compliance with Laws and Regulations (NOCLAR)’ addresses the responsibilities of all professional accountants when encountering identified or suspected instances of noncompliance with laws and regulations. The NOCLAR standard has been effective since 2017. However, it has been officially incorporated into the IESBA Code through the recent revisions.

Special emphasis is placed on the responsibilities of professional accountants in business who are in senior-level roles, such as an officer or director of a company. A professional accountant may become aware of identified (or even suspected) instances of noncompliance with laws and regulations that require further action.

Examples of areas covered by NOCLAR

• Fraud, corruption and bribery
• Money laundering, terrorist financing and proceeds of crime
• Securities markets and trading
• Banking and other financial products and services
• Data protection
• Tax and pension liabilities and payments
• Environmental protection
• Public health and safety

Even if an instance of noncompliance is immaterial to a company’s financial statements or internal control over financial reporting, a professional accountant may have further actions to perform if actual or potential significant harm might be caused to investors, creditors, employees or the general public due to the noncompliance.

In addition, while clearly inconsequential matters are excluded from the scope of the NOCLAR guidance, it may be difficult to come to that conclusion without the involvement of others in management, the board, the audit committee, forensic accountants or legal counsel (internal or external).

Make sure to know your next audit partner before your existing audit partner starts their cooling-off period. For public interest entities,⁴ the amount of time an audit partner can act as the lead audit partner on the audit of a company is seven years and is unchanged from the previous version of the IESBA Code.

However, what has changed is the extent to which management can interact with the previous audit partner during this cooling-off period, and also the amount of time that partners must remain disassociated from the audit client before they can assume another key role for the audit. Also, these time limits (and cooling-off periods) apply to an audit partner responsible for significant judgments and decisions on a significant subsidiary, even if that subsidiary is located in a jurisdiction where the IESBA Code is not mandated, such as the United States.

The following table shows the amount of time a partner must remain disassociated from an audit client and its management.

The interaction that management will have with the prior audit partner is limited because the partner is prohibited from:

• consulting with the engagement team or client on technical matters;
• providing any non-audit service;
• acting as a relationship partner;⁵
• assuming a role that could directly influence the outcome of the audit; and
• interacting frequently or significantly with management or members of the board.

Lead audit partners are allowed to provide assistance to the subsequent lead audit partner, but are limited to discussing work and conclusions from the last year of the partner’s time-on period.

The restructured and revised IESBA Code becomes effective June 2019, but certain provisions already are in effect. Most notably, the partner rotation and cooling-off requirements became effective December 15, 2018, and the requirements related to identified and suspected NOCLAR have been effective since 2017.

Looking forward

The IESBA is not done with the revisions to its Code of Ethics. Next on its agenda is a project to better define the role and mindset expected of professional accountants. The objective is to describe behavioral characteristics of professional accountants that will meet public expectations.

Other currently active projects that could result in future revisions to the IESBA Code cover:

• non-assurance services performed by auditors;
• professional fees, focused on impact to auditor independence and audit quality; and
• ethical implications of technological developments.

Stay alert as drafts of these potential amendments could be issued for public comment as early as September 2019.

¹ International Federation of Accountants

² The types of threats to be alert for include self-interest, self-review, advocacy, familiarity and intimidation.

³ In addition to independence, the fundamental principles for which professional accountants assess threats are objectivity, integrity, confidentiality, professional competence and due care and professional behavior.

⁴ A ‘public interest entity’ is a listed entity or an entity defined by (a) regulation or legislation as a public interest entity, or (b) for which the audit is required by regulation or legislation to be conducted in compliance with the same independence requirements that apply to the audit of listed entities.

⁵ A ‘relationship partner’ is the partner responsible to lead or coordinate their firm’s professional services to the audit client or oversee their firm’s relationship with the audit client.