Audit Committee requirements in Norway

15/05/23

The current Auditors Act and audit regulation became effective 1 January 2021. At the same time there were amendments in the Norwegian Public Limited Liability Companies Act and the Financial Undertakings Act on audit committees. The amendments involved more responsibility and new tasks for the audit committee in public-interest entities.

The reason for the changes was mainly to strengthen the role of the audit committee and elucidate the tasks of the audit committee towards the statutory auditor.

Among the most important requirements for the audit committees is the responsibility to assess and monitor the statutory auditor’s independence in public-interest entities (listed companies, banks, credit institutions and insurance companies). The responsibility includes monitoring the appropriateness of the provision of non-audit services to the audited entity. The audit committees also have to initiate a tender process for the appointment of a statutory auditor or an audit firm every 10 years. Public-interest entities are not allowed to have the same statutory auditor or audit firm for more than 20 consecutive years.

Changes in tasks and increased responsibility also require, in addition to broad experience, competence from other subjects and fields. The audit committee should have sufficient competence to assess and ask questions related to the financial statements, the quality of internal control over financial reporting and to understand and form an opinion on significant and complex accounting issues.

The audit committee must have sufficient competence to challenge both management and the statutory auditor in areas where there is a risk that errors may occur in the accounts, the level of internal control over financial reporting and the auditor’s approach in significant areas. Further, the audit committee must be able to form an opinion on the quality of the audit. This involves the understanding of situations that may jeopardise the auditor’s objectivity and thus the auditor’s independence, including the safeguards applied to mitigate threats to the auditor’s objectivity.
 

Special requirements for the audit committees

The tasks of the audit committee under the legislation

The following outlines the adopted requirements, cf. section 6-43 in the Norwegian Public Limited Liability Companies Act. Similar amendments have been adopted in the Financial Undertakings Act.

The audit committee shall:

  • inform the Board of Directors of the results of the statutory audit and explain how the audit contributed to financial reporting with integrity and the role of the audit committee in that process,
  • prepare the Board's following up of the financial reporting process and make recommendations or proposals to ensure its integrity,
  • as regards the company's financial reporting, monitor the internal control systems, risk management and internal auditing without violating the independent role of the audit committee,
  • maintain ongoing contact with the company's elected auditor about the audit of the financial statements, including in particular monitoring the audit in light of matters the Financial Supervisory Authority of Norway has pointed with reference to Article 26 no 6 of the Statutory Audit Regulation cf. section 12-1 of the Auditors Act,
  • assess and monitor the auditor's independence pursuant to chapter 8 of the Auditor's Act and Article 6 of the Statutory Audit Regulation, cf. Section 12-1 of the Auditor's Act, including in particular that services other than auditing are delivered in accordance with Article 5 of the Statutory Audit Regulation,
  • be responsible for preparing the company's choice of auditor and making recommendation in accordance with Article 16 of the Statutory Audit Regulation, cf. Section 12-1 of the Auditor's Act.
     

Summary of tasks in the legislation for the audit committee:

  • Inform the Board of Directors of the results of the statutory audit and explain how the audit contributed to financial reporting with integrity and the role of the audit committee in that process.
  • Make recommendations to the Board of Directors to ensure integrity in the reporting.
  • Maintain ongoing contact with the auditor, assess and monitor the auditor’s independence, including in particular that prohibited services are not provided and that the limit for total fees for legal services is complied with (70% audit fee vs. advisory fee).
  • Responsible for the audit tender process and recommending the best auditor.
  • Monitor auditor’s rotation requirements.
The Financial Supervisory Authority of Norway has clearly notified that they will focus on and follow-up the audit committee and how the committee complies with its responsibilities.
 
  • Involves stronger and clearer contact between The Financial Supervisory Authority of Norway and the audit committees in the future.

Follow-up of the audit and integrity in the financial reporting

Historically, the audit committee has mainly informed orally about its opinion on the financial reporting process and the statutory audit due to a short period of time between committee meeting and board meeting. The opinion is often based on summaries to the audit committee prepared by the management and by the auditor. The minutes from the audit committee meeting are normally adopted as final in the consecutive audit committee meeting.

It is important that the audit committee sufficiently reflects and documents in minutes from board meetings that the audit committee has complied with its responsibility to inform the Board of Directors about the result of the audit and how the audit contributed to financial reporting with integrity, including the role of the audit committee in that process.

Further on, it is important that the audit committee reflects and documents in the minutes from board meetings that the audit committee has complied with its responsibility to inform the Board of Directors about the financial reporting process and recommendations or proposals to ensure its integrity. It is of particular importance that the audit committee concentrates its attention on accounting items with material estimation uncertainty.

Requirements for the audit committee: Examples of how the requirements can be complied with:
Inform the Board of Directors about the result of the statutory audit and explain how the audit contributed to financial reporting with integrity and the role of the committee in that process.

Examples of questions that can contribute to supporting the work of the audit committee: 

“The committee was informed about the assessment and the assumptions used by the management to make the estimates”, “The committee questioned some parameters and assumptions  in the model”, “The committee further made an inquiry to the company’s auditor to confirm correct understanding of the regulations”, “The committee made an inquiry to the management about sensitivity in the calculations and thus the outcome of the assessment by changing parameter x, y z”.

Make recommendations to the Board of Directors to ensure integrity in reporting.

In order to support the integrity of the financial reporting process it is natural that the audit committee has sufficient insight into the financial reporting process and  items subject to estimates in the financial statements. 

This can be supported by the management presenting documentation describing the internal control over financial reporting and the basis for the assessment of key items subject to estimates in the financial statements in sufficient detail for the audit committee to make recommendations or proposals to the Board of Directors in order to secure integrity of the financial reporting process.

Inform the Board of Directors about the assessment of auditor’s independence

 

The explanations should comprise the process the audit committee has followed to monitor the auditor’s independence, including the use of instructions, approval of services, material discussions with the auditor and the auditor’s confirmation regarding their independence.  

The documentation supporting the conclusions can comprise description of services provided, duration or timing of deliveries, assessment of threats and description of measures, estimated effect on the audited consolidated financial statements and the assessment of materiality. Other useful documentation is description of the 70% calculation made by the auditor.

Auditor’s reporting to the audit committee is extensive

Monitoring the auditor’s work is made through ongoing contact with the statutory auditor. The work is made somewhat easier through the reporting requirements from the auditor to the audit committee. The statutory auditor or the audit firm of public-interest entities is required to prepare a detailed additional report in addition to the audit report to the audit committee. The report shall include among other things:

Communication frequency
  • A description of the frequency and the type of communication between the auditor and the audit committee, the management, the Board of Directors and/or other governing bodies and the auditor, including the date of these meetings.
Materiality level
  • The materiality levels applied in the audit. Qualitative factors that have been assessed in the determination of the materiality levels.
Group assessments
  • The group auditor must explain criterias applied in the assessment of what entities are consolidated and whether consolidation exemptions, if any, are in line with the accounting standards.
    Identify audit work conducted by an auditor outside the EU who is not a member of the auditor’s network.
Audit approach
  • A description of the scope and timing of the audit.
    A description of which balance sheet items that are verified directly and which are based on tests of controls.
    An explanation of material changes in audit approach compared to the previous years audits.
Going Concern
  • Report and explain the assessment of events and circumstances identified in the audit that can cause material doubt about the company’s going concern assumption.

Valuation

  • Report and assess valuation methods applied, including any effect of possible changes.

Reporting in the audit report

  • For the audit committees, a useful piece of information in the audit report is to what extent the audit was able to detect fraud. This information must be tailored.

The audit committee shall approve non-audit services from the auditor

The audit committee shall approve non-audit services provided by the auditor, There is a need for ongoing contact with the auditor and practical routines for approval. A practical routine may for instance be that the audit committee establishes guidelines for types of services and amounts, and gives a trusted employee (eg. CFO) in the company the authorization to approve.

The rules include a list of services that the statutory auditor of the entity can not deliver (see enclosed list following the article). The prohibition only comprises these services. The auditor can deliver services that are not on the list, provided that the auditor complies with the provisions in the Auditors Act regarding independence and provided that the audit committee, after having assessed threats to independence, and any safeguards applied to mitigate those threats, approves the delivery. Certain tax services are allowed provided that the auditor complies with the general requirements for independence and that the services are immaterial to the audited financial statements.

The auditor can deliver advisory services related to interpretation of accounting rules, tax rules and corporate issues. There is no prohibition of general legal advice from the auditor. It is prohibited, however, that the auditor or anyone in the auditor's network, for instance lawyers, act as permanent “office of general council” for the audit client.

The audit committee’s approval of non-audit services

As a general rule, services that are delivered from the statutory auditor in Norway, either to the entity or its subsidiaries, shall be approved by the audit committee. This also applies for services to subsidiaries within the EU/EEA. Services related to decision making, bookkeeping and design and implementation of internal control related to financial information/system can not be delivered to any company in the group. The audit committee must also approve services delivered to the parent company of the group.

The audit committee shall monitor the auditor’s independence, including the limit for total fees for non-audit services

Auditor’s fee for non-audit services can not exceed 70% of the average of the fees paid in the last three consecutive financial years. The three first consecutive financial years will be 2021, 2022 and 2023. The first time an average fee can be calculated, is when 2023 is completed, i.e. in 2024. 70% of the average audit fee for these three years will be the upper limit for advisory fees in 2024. The calculations are to be made by the auditor based on the figures in the auditor’s accounts. The results shall be communicated from the auditor to the audit committee.

All fees invoiced by the statutory auditor in Norway shall be included in the calculation. Audit fee is the fee paid for statutory audit. Fees for other services invoiced from the statutory auditor comprise for instance advisory services and interim audits and attestation services connected to equity transactions. Work related to attestation services that the statutory auditor is required by law to perform, shall not be included.

The rule applies to fees to public-interest entities in Norway and other entities controlled by this entity located in the EU and its parent company located in the EU. Fees for audit services provided by companies in the auditor’s network abroad shall not be included.

The first calculation of the fee limit shall be in 2024. The fee limit is only applicable if both advisory services and statutory audit services have been provided from the auditor to the entity for three consecutive years. If advisory services have not been provided in one financial year for instance in 2022, the count shall start again in 2023. The first year the fee limitation is applicable in this example, will be 2026, assuming that both advisory services and statutory audit services have been provided from the auditor to the entity in 2023, 2024 and 2025.

The upper limit for advisory services for 2024 should be calculated like this: Statutory audit fees for 2021, 2022 and 2023 divided by 3 times 70%. If the fee is 180 each of the three years, the average is obviously also 180, and 70% of 180 equals 126. Consequently, the advisory fees can not exceed 126 in 2024. For 2025 the calculation is repeated, but this time including the audit fee for 2024. Let us say that the audit fee is 100 in 2024. The average for 2022, 2023 and 2024 is then 153, and 70% equals 107. Consequently, the advisory fees can not exceed 107 in 2025. The Financial Supervisory Authority of Norway may in special cases grant exemptions, for instance when reorganizations require considerable effort from the statutory auditor.

Appointment of the statutory auditor - the audit committee is responsible for the process

Public-interest entities have to rotate the auditor at certain intervals. The audit committee shall ensure that a tender process is carried out. Management can be tasked with performing the practical procedures. The audit committee shall evaluate the process and submit recommendations regarding the selection of an auditor to the Board of Directors who shall convene the ordinary general meeting. The special process requirements do not apply for smaller public-interest entities, i.e. entities that do not exceed two of the following criteria: 250 employees, balance sheet total 43 million euro, annual sales revenue of 50 million euro. In addition, the market value must be below 100 million euro.

Tender rules applicable for all public-interest entities
  • The audit committee (AC) shall submit a recommendation on at least 2 auditors to the ordinary general meeting (OGM) with preference for one of the recommended auditors.
  • AC shall declare that the recommendation has not been influenced by third parties, and
  • That there are no contracts that have affected the choice.
  • OGM has to explain deviations from AC’s recommendation.
Additional rules for large public-interest entities
  • AC is responsible and shall ensure that:
    •      The management prepares tender documents:
      • that enables the participants in the process to understand the business, and
      • from which the criteria for the selection of the auditor is specified.
    • The management is free to invite auditors and carry out the process.
    • The management shall assess the tenders based on the criteria, findings from inspections at the auditors shall be considered.
    • The management shall prepare a report about the process with conclusions.
    • AC shall approve the report.

No clear rules have been established for when the tender process shall be carried out. Therefore, in theory, the tender processes can be arranged in the eleventh year after the auditor was appointed. In practice this is not recommended. The current auditor can not legally take responsibility for the audit in year 11 prior to possibly being reappointed. Therefore, there is a risk that the company will be without an auditor for a period of time. Further, the tender process can be time-consuming where many considerations must be weighed against each other.

Rotation of audit firm - the audit committee is responsible for the process and to ensure a timely change of auditor

Public-interest entities must initiate a tender process in order to rotate the audit firm at least every 10 years. The same auditor can not be retained for more than 20 years. After holding the position for 20 years the same auditor can only be reappointed after a cooling-off period of 4 years. The first term of office can not be less than one year. The following transition rules have been established for Norwegian entities by the introduction of new rotation requirements:

  • Entities who have had the same statutory auditor for at least 20 consecutive financial years in 2021 must appoint a new auditor for the financial year starting six years after the commencement date for the provision, at the latest. This includes entities who have had the same auditor from 2001 or earlier. The transition rule implies that the same auditor can be retained through 2026. A new auditor must be appointed with effect from 2027.
  • Entities who have had the same statutory auditor for at least 11, but less than 20 consecutive financial years in 2021, must appoint a new auditor for the financial year starting nine years after the commencement date for the provision. This includes entities who have had the same auditor from the years between 2002 and 2010. The transition rule implies that the same auditor can be retained through 2029. A new auditor must be appointed with effect from 2030.
  • For entities who have had the same auditor from 2011, 2012 and so on, the ordinary requirements regarding rotation apply.

In special situations The Financial Supervisory Authority of Norway may, upon application, extend the service period for the auditor by up to two years.

Has had the same auditor as from this financial year Must carry out tender process with effect for this financial year at the latest, but may continue with the same auditor Must carry out tender process and change auditor with effect for this financial year at the latest
2001 or earlier   2027
2002 – 2010   2030
2011 2022 2031
2012 2022 2032
2013 2023 2033
2014 2024 2034
2015 2025 2035
etc. etc. etc.

Services that the statutory auditor can not provide

*) Services in the table indicated by an asterisk are allowed in Norway subject to the approval of the audit committee and that the services must be without or have insignificant influence on the financial statements.
**) For the provisions mentioned in E., a special rule applies. There must be a one year cooling-off period between the provision of the service and the first year to be audited. For instance, if the first year to be audited is 2021, the auditor can not have provided this type of service in 2020.

  1. Tax services related to:
    • Preparation of tax forms,
    • Payroll tax,
    • Customs duties,
    • Identification of public subsidies and tax incentives unless support from the statutory auditor or the audit firm in respect of such services is required by law,
    • Support regarding tax inspections by tax authorities unless support from the statutory auditor or the audit firm in respect of such inspections is required by law,
    • Calculation of direct and indirect tax and deferred tax*,
    • Provision of tax advice,
  2. services that involve playing any part in the management or decision-making of the audited entity,
  3. bookkeeping and preparation of accounting records and financial statements,
  4. payroll services,
  5. designing and implementing internal control or risk management procedures related to the preparation and/or control of financial information or designing and implementing financial information technology systems**,
  6. valuation services, including valuations performed in connection with actuarial services or litigation support services*,
  7. legal services, with respect to:
    • the provision of general counsel,
    • negotiating on behalf of the audited entity, and
    • acting in an advocacy role in the resolution of litigation,
  8. services related to the audited entity's internal audit function,
  9. services linked to the financing, capital structure and allocation, and investment strategy of the audited entity, except providing assurance services in relation to the financial statements, such as the issuing of comfort letters in connection with prospectuses issued by the audited entity,
  10. promoting, dealing in, or underwriting shares in the audited entity,
  11. human resources services, with respect to:
    • management in a position to exert significant influence over the preparation of the accounting records or financial statements which are the subject of the statutory audit, where such services involve:
      • searching for or seeking out candidates for such position, or
      • undertaking reference checks of candidates for such positions;
    • structuring the organisation design, and
    • cost control.

Contact us

Roger Kjelløkken

Roger Kjelløkken

Partner, PwC Norway

Tel: +47 952 60 085

Martin Henrik  Alexandersen

Martin Henrik Alexandersen

Partner, PwC Norway

Tel: +47 952 60 566

Thomas Steffensen

Thomas Steffensen

Partner | Auditor, PwC Norway

Tel: +47 952 60 447

Follow us on