The current Auditors Act and audit regulation became effective 1 January 2021. At the same time there were amendments in the Norwegian Public Limited Liability Companies Act and the Financial Undertakings Act on audit committees. The amendments involved more responsibility and new tasks for the audit committee in public-interest entities.
The reason for the changes was mainly to strengthen the role of the audit committee and elucidate the tasks of the audit committee towards the statutory auditor.
Among the most important requirements for the audit committees is the responsibility to assess and monitor the statutory auditor’s independence in public-interest entities (listed companies, banks, credit institutions and insurance companies). The responsibility includes monitoring the appropriateness of the provision of non-audit services to the audited entity. The audit committees also have to initiate a tender process for the appointment of a statutory auditor or an audit firm every 10 years. Public-interest entities are not allowed to have the same statutory auditor or audit firm for more than 20 consecutive years.
Changes in tasks and increased responsibility also require, in addition to broad experience, competence from other subjects and fields. The audit committee should have sufficient competence to assess and ask questions related to the financial statements, the quality of internal control over financial reporting and to understand and form an opinion on significant and complex accounting issues.
The audit committee must have sufficient competence to challenge both management and the statutory auditor in areas where there is a risk that errors may occur in the accounts, the level of internal control over financial reporting and the auditor’s approach in significant areas. Further, the audit committee must be able to form an opinion on the quality of the audit. This involves the understanding of situations that may jeopardise the auditor’s objectivity and thus the auditor’s independence, including the safeguards applied to mitigate threats to the auditor’s objectivity.
The following outlines the adopted requirements, cf. section 6-43 in the Norwegian Public Limited Liability Companies Act. Similar amendments have been adopted in the Financial Undertakings Act.
The audit committee shall:
Summary of tasks in the legislation for the audit committee:
The Financial Supervisory Authority of Norway has clearly notified that they will focus on and follow-up the audit committee and how the committee complies with its responsibilities.
Historically, the audit committee has mainly informed orally about its opinion on the financial reporting process and the statutory audit due to a short period of time between committee meeting and board meeting. The opinion is often based on summaries to the audit committee prepared by the management and by the auditor. The minutes from the audit committee meeting are normally adopted as final in the consecutive audit committee meeting.
It is important that the audit committee sufficiently reflects and documents in minutes from board meetings that the audit committee has complied with its responsibility to inform the Board of Directors about the result of the audit and how the audit contributed to financial reporting with integrity, including the role of the audit committee in that process.
Further on, it is important that the audit committee reflects and documents in the minutes from board meetings that the audit committee has complied with its responsibility to inform the Board of Directors about the financial reporting process and recommendations or proposals to ensure its integrity. It is of particular importance that the audit committee concentrates its attention on accounting items with material estimation uncertainty.
|Requirements for the audit committee:||Examples of how the requirements can be complied with:|
|Inform the Board of Directors about the result of the statutory audit and explain how the audit contributed to financial reporting with integrity and the role of the committee in that process.||
Examples of questions that can contribute to supporting the work of the audit committee:
“The committee was informed about the assessment and the assumptions used by the management to make the estimates”, “The committee questioned some parameters and assumptions in the model”, “The committee further made an inquiry to the company’s auditor to confirm correct understanding of the regulations”, “The committee made an inquiry to the management about sensitivity in the calculations and thus the outcome of the assessment by changing parameter x, y z”.
|Make recommendations to the Board of Directors to ensure integrity in reporting.||
In order to support the integrity of the financial reporting process it is natural that the audit committee has sufficient insight into the financial reporting process and items subject to estimates in the financial statements.
This can be supported by the management presenting documentation describing the internal control over financial reporting and the basis for the assessment of key items subject to estimates in the financial statements in sufficient detail for the audit committee to make recommendations or proposals to the Board of Directors in order to secure integrity of the financial reporting process.
Inform the Board of Directors about the assessment of auditor’s independence
The explanations should comprise the process the audit committee has followed to monitor the auditor’s independence, including the use of instructions, approval of services, material discussions with the auditor and the auditor’s confirmation regarding their independence.
The documentation supporting the conclusions can comprise description of services provided, duration or timing of deliveries, assessment of threats and description of measures, estimated effect on the audited consolidated financial statements and the assessment of materiality. Other useful documentation is description of the 70% calculation made by the auditor.
Monitoring the auditor’s work is made through ongoing contact with the statutory auditor. The work is made somewhat easier through the reporting requirements from the auditor to the audit committee. The statutory auditor or the audit firm of public-interest entities is required to prepare a detailed additional report in addition to the audit report to the audit committee. The report shall include among other things:
The audit committee shall approve non-audit services provided by the auditor, There is a need for ongoing contact with the auditor and practical routines for approval. A practical routine may for instance be that the audit committee establishes guidelines for types of services and amounts, and gives a trusted employee (eg. CFO) in the company the authorization to approve.
The rules include a list of services that the statutory auditor of the entity can not deliver (see enclosed list following the article). The prohibition only comprises these services. The auditor can deliver services that are not on the list, provided that the auditor complies with the provisions in the Auditors Act regarding independence and provided that the audit committee, after having assessed threats to independence, and any safeguards applied to mitigate those threats, approves the delivery. Certain tax services are allowed provided that the auditor complies with the general requirements for independence and that the services are immaterial to the audited financial statements.
The auditor can deliver advisory services related to interpretation of accounting rules, tax rules and corporate issues. There is no prohibition of general legal advice from the auditor. It is prohibited, however, that the auditor or anyone in the auditor's network, for instance lawyers, act as permanent “office of general council” for the audit client.
As a general rule, services that are delivered from the statutory auditor in Norway, either to the entity or its subsidiaries, shall be approved by the audit committee. This also applies for services to subsidiaries within the EU/EEA. Services related to decision making, bookkeeping and design and implementation of internal control related to financial information/system can not be delivered to any company in the group. The audit committee must also approve services delivered to the parent company of the group.
Auditor’s fee for non-audit services can not exceed 70% of the average of the fees paid in the last three consecutive financial years. The three first consecutive financial years will be 2021, 2022 and 2023. The first time an average fee can be calculated, is when 2023 is completed, i.e. in 2024. 70% of the average audit fee for these three years will be the upper limit for advisory fees in 2024. The calculations are to be made by the auditor based on the figures in the auditor’s accounts. The results shall be communicated from the auditor to the audit committee.
All fees invoiced by the statutory auditor in Norway shall be included in the calculation. Audit fee is the fee paid for statutory audit. Fees for other services invoiced from the statutory auditor comprise for instance advisory services and interim audits and attestation services connected to equity transactions. Work related to attestation services that the statutory auditor is required by law to perform, shall not be included.
The rule applies to fees to public-interest entities in Norway and other entities controlled by this entity located in the EU and its parent company located in the EU. Fees for audit services provided by companies in the auditor’s network abroad shall not be included.
The first calculation of the fee limit shall be in 2024. The fee limit is only applicable if both advisory services and statutory audit services have been provided from the auditor to the entity for three consecutive years. If advisory services have not been provided in one financial year for instance in 2022, the count shall start again in 2023. The first year the fee limitation is applicable in this example, will be 2026, assuming that both advisory services and statutory audit services have been provided from the auditor to the entity in 2023, 2024 and 2025.
The upper limit for advisory services for 2024 should be calculated like this: Statutory audit fees for 2021, 2022 and 2023 divided by 3 times 70%. If the fee is 180 each of the three years, the average is obviously also 180, and 70% of 180 equals 126. Consequently, the advisory fees can not exceed 126 in 2024. For 2025 the calculation is repeated, but this time including the audit fee for 2024. Let us say that the audit fee is 100 in 2024. The average for 2022, 2023 and 2024 is then 153, and 70% equals 107. Consequently, the advisory fees can not exceed 107 in 2025. The Financial Supervisory Authority of Norway may in special cases grant exemptions, for instance when reorganizations require considerable effort from the statutory auditor.
Public-interest entities have to rotate the auditor at certain intervals. The audit committee shall ensure that a tender process is carried out. Management can be tasked with performing the practical procedures. The audit committee shall evaluate the process and submit recommendations regarding the selection of an auditor to the Board of Directors who shall convene the ordinary general meeting. The special process requirements do not apply for smaller public-interest entities, i.e. entities that do not exceed two of the following criteria: 250 employees, balance sheet total 43 million euro, annual sales revenue of 50 million euro. In addition, the market value must be below 100 million euro.
No clear rules have been established for when the tender process shall be carried out. Therefore, in theory, the tender processes can be arranged in the eleventh year after the auditor was appointed. In practice this is not recommended. The current auditor can not legally take responsibility for the audit in year 11 prior to possibly being reappointed. Therefore, there is a risk that the company will be without an auditor for a period of time. Further, the tender process can be time-consuming where many considerations must be weighed against each other.
Public-interest entities must initiate a tender process in order to rotate the audit firm at least every 10 years. The same auditor can not be retained for more than 20 years. After holding the position for 20 years the same auditor can only be reappointed after a cooling-off period of 4 years. The first term of office can not be less than one year. The following transition rules have been established for Norwegian entities by the introduction of new rotation requirements:
In special situations The Financial Supervisory Authority of Norway may, upon application, extend the service period for the auditor by up to two years.
|Has had the same auditor as from this financial year||Must carry out tender process with effect for this financial year at the latest, but may continue with the same auditor||Must carry out tender process and change auditor with effect for this financial year at the latest|
|2001 or earlier||2027|
|2002 – 2010||2030|
*) Services in the table indicated by an asterisk are allowed in Norway subject to the approval of the audit committee and that the services must be without or have insignificant influence on the financial statements.
**) For the provisions mentioned in E., a special rule applies. There must be a one year cooling-off period between the provision of the service and the first year to be audited. For instance, if the first year to be audited is 2021, the auditor can not have provided this type of service in 2020.