In April 2014, European Union (EU) legislation was adopted to reform the European statutory audit market. In this context, a statutory audit is a legally required audit of an entity’s financial statements conducted by an external (statutory) auditor. The legislation, which comprises a regulation and a directive and which applies mainly to the approximately 30,000 public-interest entities (PIE) within the EU, will generally become effective in June 2016. PIEs comprise 1) all entities governed by the law of one of the 28 EU member states (and of Norway, Lichtenstein, and Iceland, all of which are members of the European Economic Area) that are listed on a regulated market, 2) all EU credit institutions, even those that are not listed, 3) all EU insurance companies, even if they are not listed, and 4) entities designated as such by a member state at its option. While the EU audit reform measures do not directly apply to U.S. companies or their U.S. auditors, they can have an impact on U.S. multinationals that have EU-based subsidiaries that qualify as PIEs.

Major Provisions

The following are the main provisions of the regulation and the directive taken together:

  • Increase the responsibilities of the audit committee in respect of oversight of the performance of the statutory audit
  • Introduce new auditor reporting requirements
  • Require mandatory audit firm rotation
  • Add restrictions on the types of nonaudit services that can be performed by statutory auditors for PIE clients
  • Place a “cap” on the amount of fees permitted for the performance of permitted nonaudit services.

The following are brief summaries of the EU audit reform provisions that could have the greatest impact on U.S. companies and their auditors.

Mandatory audit firm rotation.

PIEs must rotate audit firms every 10 years, although member states have the option to extend the mandatory rotation period to 20 years provided that a public “tender” is conducted at the conclusion of the 10-year period, or 24 years if a “joint audit” is performed (i.e., two audit firms sharing responsibility, though not necessarily equally, to produce a single joint auditor’s report). Member states will also have the option to set a shorter mandatory-rotation period; thus, for example, Italy will be allowed to retain its current nine-year rotation requirement. The mandatory firm rotation rules are subject to transition provisions based on the period of the existing statutory auditor/client relationship as of June 16, 2014. Note that the new firm rotation rules do not replace those requiring the key audit partner to rotate after a maximum of seven years.

Restrictions on nonaudit services.

In general, services that may not be performed by statutory auditors on their PIE clients include 1) tax and tax compliance (including tax form preparation) and the calculation of deferred taxes, 2) corporate finance and valuation services (due diligence services, including the issuance of comfort letters, are permitted), 3) bookkeeping and financial statement preparation, and 4) the design and implementation of internal control or risk management procedures or financial IT systems. Once again, individual member states have an option under which they may allow certain tax services if they do not have a direct (or have only an immaterial) effect on the audited financial statements; member states also have the option of adding to the list of prohibited nonaudit services. It is noteworthy that the prohibited services are more extensive than those currently in effect in some member states and are also considerably more restrictive than those prohibited by the SEC’s independence rules.

Cap on fees for permitted nonaudit services.

All nonaudit services that are not explicitly prohibited are permissible, subject to approval by the entity’s audit committee based upon an assessment of the potential threat to auditor independence that the services might pose. The fees for such services may not exceed 70% of the average of fees paid for the latest three consecutive years for the statutory audit. Note, though, that the cap applies only to the firm conducting the audit; thus it does not apply to fees generated from services provided by firms in the statutory audit firm’s network. However, the prohibition of certain nonaudit services does apply at the network level. Individual member states may set an upper bound on fees for allowable nonaudit services that is lower than 70%.

Patchwork Effect of the Reform Measures

EU audit reform legislation is complicated because it is based on both a directive and a regulation. A directive binds member states to the objectives sought to be achieved, while leaving national authorities with the choice of the form and means to implement them. A directive must be implemented in national legislation. Unlike a directive, a regulation is directly binding throughout the EU and is therefore directly applicable in all EU member states without the need for any national implementation legislation. Nevertheless, there are several options available in the audit regulation pursuant to which member states have choices.

Because of all the choices and options built into the regulation and the directive, a patchwork of requirements that differ among the various member states is almost certain to be the result. What those differences are will be clarified as interpretive guidance issued by the European Commission and by regulators in individual member states, expected later this spring. Moreover, the legislation contains ambiguous wording subject to differing interpretations among EU jurisdictions, thus adding a further layer of potential implementation inconsistencies among the member states.

Potential Implications for U.S. Companies

Complying with the new requirements may pose problems for U.S. companies, especially if EU statutory audits are being conducted by the same firm (or, in some situations, by a member of that firm’s network) performing the audit of the U.S. parent’s consolidated statements. The following are some additional potential implications for U.S. companies and their auditors:

  • If a U.S. parent has subsidiaries in the EU, the U.S. parent would not be required to rotate audit firms. However, any U.S. parent company’s EU subsidiary that falls within the definition of a PIE in the member state in which it resides will have to comply with that state’s rotation requirement.
  • The mandatory audit firm rotation requirement does not have extraterritorial effect; thus, if a PIE incorporated in the EU has a subsidiary incorporated in the United States, there is no legal obligation on the PIE to rotate its auditors in the United States. Nevertheless, as a spillover effect, PIEs operating within the EU may wish, for practical and cost-effective reasons, to rotate auditors in the United States as well.
  • There are no specific rotation provisions in the regulation regarding group audits with multiple PIEs; each PIE must comply with the rotation rules of the jurisdiction in which it resides. However, if a U.S. parent has a number of significant EU PIEs residing in member states that have, in accordance with their options, set different mandatory rotation cycles, groups may wish, for practical reasons, to rotate all audit firms for all such PIEs over the shortest cycle.
  • While neither the prohibition of nonaudit services nor the cap on fees from permissible services applies to entities outside the EU, it is possible that U.S. companies having many significant PIE subsidiaries in EU member states may, for practical reasons, decide to change providers of nonaudit services at the group level (i.e., to include U.S. subsidiaries and intermediate U.S. parents) at the same time as they change such providers for EU PIEs.
  • In principle, the regulation prohibits the provision of certain nonaudit services only within the EU. Hence, for entities incorporated in the United States (or other non-EU countries) that are controlled by the audited PIE, the statutory audit firm or a member of that firm’s network may perform otherwise prohibited nonaudit services. However, the rules require an assessment by the statutory audit firm regarding whether the firm’s independence might be compromised; if so, both the statutory audit firm and members of that firm’s network are required to take measures to mitigate the risks. Ultimately, the statutory audit firm must determine that mitigating safeguards are in place so that its independence and judgment are not impaired. Certain services—including bookkeeping and designing and implementing internal control procedures—when performed by a member of the statutory audit firm’s network are, under the rules, deemed to be incapable of mitigation. Thus, such services may not be provided under any circumstances by the PIE’s statutory audit firm or any member of its network to any U.S. subsidiary (or U.S. parent). Accordingly, as a practical matter, affected U.S. companies might decide to seek providers of such services that are not members of the statutory audit firm’s network.

The takeaway here is that, while EU audit reform mainly covers EU enterprises, it can have a significant effect on companies domiciled in the United States—or anywhere else in the world, for that matter.

Allan B. Afterman, PhD, CPA is the author of numerous treatises on financial reporting and SEC practice and has consulted with governments on the establishment of national securities laws and financial reporting standards. He is a former adjunct professor in the Booth School of Business at the University of Chicago, and was assistant to the national director of SEC practice at a major public accounting firm.