Auditing Profession Act, 2005 (Act No. 26 of 2005)Board NoticesIndependent Regulatory Board for AuditorsNew Rules Regarding Improper Conduct and Code of Professional Conduct for Registered AuditorsCode of Professional Conduct for Registered AuditorsPart B : Registered Auditors in Public PracticeSection 210 : Professional Appointment |
Client Acceptance
210.1 | Before accepting a new client relationship, a registered auditor shall determine whether acceptance would create any threats to compliance with the fundamental principles. Potential threats to integrity or professional behaviour may be created from, for example, questionable issues associated with the client (its owners, management or activities). |
210.2 | Client issues that, if known, could threaten compliance with the fundamental principles include, for example, client involvement in illegal activities (such as money laundering), dishonesty or questionable financial reporting practices. |
210.3 | A registered auditor shall evaluate the significance of any threats and apply safeguards when necessary to eliminate them or reduce them to an acceptable level. |
Examples of such safeguards include:
• | Obtaining knowledge and understanding of the client, its owners, managers and those responsible for its governance and business activities; or |
• | Securing the client's commitment to improve corporate governance practices or internal controls. |
210.4 | Where it is not possible to reduce the threats to an acceptable level, the registered auditor shall decline to enter into the client relationship. |
210.5 | It is recommended that a registered auditor periodically review acceptance decisions for recurring client engagements. |
Engagement Acceptance
210.6 | The fundamental principle of professional competence and due care imposes an obligation on a registered auditor to provide only those services that the registered auditor is competent to perform. Before accepting a specific client engagement, a registered auditor shall determine whether acceptance would create any threats to compliance with the fundamental principles. For example, a self-interest threat to professional competence and due care is created if the engagement team does not possess, or cannot acquire, the competencies necessary to properly carry out the engagement. |
210.7 | A registered auditor shall evaluate the significance of threats and apply safeguards when necessary to eliminate them or reduce them to an acceptable level. |
Examples of such safeguards include:
• | Acquiring an appropriate understanding of the nature of the client's business, the complexity of its operations, the specific requirements of the engagement and the purpose, nature and scope of the work to be performed. |
• | Acquiring knowledge of relevant industries or subject matters. |
• | Possessing or obtaining experience with relevant regulatory or reporting requirements. |
• | Assigning sufficient staff with the necessary competencies. |
• | Using experts where necessary. |
• | Agreeing on a realistic time frame for the performance of the engagement. |
• | Complying with quality control policies and procedures designed to provide reasonable assurance that specific engagements are accepted only when they can be performed competently. |
210.8 | When a registered auditor intends to rely on the advice or work of an expert, the registered auditor shall determine whether such reliance is warranted. Factors to consider include: reputation, expertise, resources available and applicable professional and ethical standards. Such information may be gained from prior association with the expert or from consulting others. |
Changes in a Professional Appointment
210.9 | A registered auditor who is asked to replace another registered auditor, or who is considering tendering for an engagement currently held by another registered auditor, shall determine whether there are any reasons, professional or otherwise, for not accepting the engagement, such as circumstances that create threats to compliance with the fundamental principles that cannot be eliminated or reduced to an acceptable level by the application of safeguards. For example, there may be a threat to professional competence and due care if a registered auditor accepts the engagement before knowing all the pertinent facts. |
210.10 | A registered auditor shall evaluate the significance of any threats. Depending on the nature of the engagement, this may require direct communication with the existing auditor to establish the facts and circumstances regarding the proposed change so that the registered auditor can decide whether it would be appropriate to accept the engagement. For example, the apparent reasons for the change in appointment may not fully reflect the facts and may indicate disagreements with the existing auditor that may influence the decision to accept the appointment. |
210.11 | Safeguards shall be applied when necessary to eliminate any threats or reduce them to an acceptable level. Examples of such safeguards include: |
• | When replying to requests to submit tenders, stating in the tender that, before accepting the engagement, contact with the existing auditor will be requested so that inquiries may be made as to whether there are any professional or other reasons why the appointment should not be accepted; |
• | Asking the existing auditor to provide known information on any facts or circumstances that, in the existing auditor's opinion, the proposed auditor needs to be aware of before deciding whether to accept the engagement; or |
• | Obtaining necessary information from other sources. |
When the threats cannot be eliminated or reduced to an acceptable level through the application of safeguards, a registered auditor shall, unless there is satisfaction as to necessary facts by other means, decline the engagement.
210.12 | A registered auditor may be asked to undertake work that is complementary or additional to the work of the existing auditor. Such circumstances may create threats to professional competence and due care resulting from, for example, a lack of or incomplete information. The significance of any threats shall be evaluated and safeguards applied when necessary to eliminate the threat or reduce it to an acceptable level. An example of such a safeguard is notifying the existing auditor of the proposed work, which would give the existing auditor the opportunity to provide any relevant information needed for the proper conduct of the work. |
210.13 | An existing auditor is bound by confidentiality. Whether that registered auditor is permitted or required to discuss the affairs of a client with a proposed auditor will depend on the nature of the engagement and on: |
(a) | Whether the client's permission to do so has been obtained; or |
(b) | The legal or ethical requirements relating to such communications and disclosure. |
The proposed auditor shall treat in the strictest confidence any information provided by the existing auditor. Circumstances where the registered auditor is or may be required to disclose confidential information or where such disclosure may otherwise be appropriate are set out in Section 140 of Part A of the Code.
210.14 | A registered auditor will generally need to obtain the client's permission, preferably in writing, to initiate discussion with an existing auditor. Once that permission is obtained, the existing auditor shall comply with relevant legal and other regulations governing such requests. Where the existing auditor provides information, it shall be provided honestly and unambiguously. If the proposed auditor is unable to communicate with the existing auditor, the proposed auditor shall take reasonable steps to obtain information about any possible threats by other means, such as through inquiries of third parties or background investigations of senior management or those charged with governance of the client. |
210.15 | Where the proposed client refuses to give permission for the proposed auditor to communicate with the existing auditor, or fails to do so, the proposed auditor shall decline the appointment, unless there are exceptional circumstances of which the proposed auditor has full knowledge, and the proposed auditor is satisfied regarding all relevant facts, by some other means. |