The new Auditors Act and audit regulation became effective 1 January 2021. At the same time there have been amendments in the Norwegian Public Limited Liability Companies Act and the Financial Undertakings Act on audit committees. The amendments involve more responsibility and new tasks for the audit committee in public-interest entities.
The reason for the changes is mainly to strengthen the role of the audit committee and elucidate the tasks of the audit committee towards the statutory auditor, as further described in chapter 2.2 on the work of the audit committee.
Among the new requirements for the audit committees the most important is the extended responsibility to assess and monitor the statutory auditor’s independence in public-interest entities (listed companies, banks, credit institutions and insurance companies). The responsibility includes monitoring the appropriateness of the provision of non-audit services to the audited entity. The audit committees also have to initiate a tender process for the appointment of a statutory auditor or an audit firm every 10 years. Public-interest entities are not allowed to have the same statutory auditor or audit firm for more than 20 consecutive years.
Changes in tasks and increased responsibility also require, in addition to broad experience, competence from other subject l fields. The audit committee should have sufficient competence to assess and ask questions related to the financial statements, the quality of internal control over financial reporting and to understand and form an opinion on significant and complex accounting issues.
The audit committee must have sufficient competence to challenge both management and the statutory auditor in areas where there is a risk that errors may occur in the accounts, the level of internal control over financial reporting and the auditor’s approach in significant areas. Further, the audit committee must be able to form an opinion on the quality of the audit. This involves the understanding of situations that may jeopardise the auditor’s objectivity and thus the auditor’s independence, including the safeguards applied to mitigate threats to the auditor’s objectivity.
The regulations became effective from 2021. Special transitional rules induce that the effect of the regulations will be of importance from 2021 and the years ahead.
The amendments in the Norwegian Public Limited Liability Companies Act and the Financial Undertakings Act involve more responsibility and new requirements for the audit committee.
The following outlines the adopted requirements, cf. section 6-43 in the Norwegian Public Limited Liability Companies Act. Similar amendments have been adopted in the Financial Undertakings Act.
Inform the Board of Directors of the results of the statutory audit and explain how the audit contributed to financial reporting with integrity and the role of the audit committee in that process.
Prepare the Board's following up of the financial reporting process and make recommendations or proposals to ensure its integrity.
Regarding the company's financial reporting, monitor the internal control systems, risk management and internal auditing without violating the independent role of the audit committee.
Maintain ongoing contact with the company's elected auditor about the audit of the financial statements, including in particular monitoring the audit in light of matters the Financial Supervisory Authority of Norway has pointed with reference to Article 26 no 6 of the Statutory Audit Regulation cf. section 12-1 of the Auditors Act.
Assess and monitor the auditor's independence pursuant to chapter 8 of the Auditor's Act and Article 6 of the Statutory Audit Regulation, cf. Section 12-1 of the Auditor's Act, including in particular that services other than auditing are delivered in accordance with Article 5 of the Statutory Audit Regulation.
Be responsible for preparing the company's choice of auditor and making recommendation in accordance with Article 16 of the Statutory Audit Regulation, cf. Section 12-1 of the Auditor's Act.
|Summary of tasks in new legislation for the audit committee:|
The Financial Supervisory Authority of Norway has clearly notified that they will focus on and follow-up the audit committee and how the committee complies with its responsibilities.
Historically, the audit committee has mainly informed orally about its opinion on the financial reporting process and the statutory audit due to a short period of time between committee meeting and board meeting. The opinion is often based on summaries to the audit committee prepared by the management and by the auditor. The minutes from the audit committee meeting are normally adopted as final in the consecutive audit committee meeting.
It is important that the audit committee sufficiently reflects and documents in minutes from board meetings that the audit committee has complied with its responsibility to inform the Board of Directors about the result of the audit and how the audit contributed to financial reporting with integrity, including the role of the audit committee in that process.
Further on, it is important that the audit committee reflects and documents in the minutes from board meetings that the audit committee has complied with its responsibility to inform the Board of Directors about the financial reporting process and recommendations or proposals to ensure its integrity. It is of particular importance that the audit committee concentrates its attention on accounting items with material estimation uncertainty.
|Requirements for the audit committee:||Examples of how the requirements can be complied with:|
|Inform the Board of Directors about the result of the statutory audit and explain how the audit contributed to financial reporting with integrity and the role of the committee in that process.||
Examples of questions that can contribute to supporting the work of the audit committee:
“The committee was informed about the assessment and the assumptions used by the management to make the estimates”, “The committee questioned some parameters and assumptions in the model”, “The committee further made an inquiry to the company’s auditor to confirm correct understanding of the regulations”, “The committee made an inquiry to the management about sensitivity in the calculations and thus the outcome of the assessment by changing parameter x, y z”.
|Make recommendations to the Board of Directors to ensure integrity in reporting.||
In order to support the integrity of the financial reporting process it is natural that the audit committee has sufficient insight into the financial reporting process and items subject to estimates in the financial statements.
This can be supported by the management presenting documentation describing the internal control over financial reporting and the basis for the assessment of key items subject to estimates in the financial statements in sufficient detail for the audit committee to make recommendations or proposals to the Board of Directors in order to secure integrity of the financial reporting process.
Inform the Board of Directors about the assessment of auditor’s independence
The explanations should comprise the process the audit committee has followed to monitor the auditor’s independence, including the use of instructions, approval of services, material discussions with the auditor and the auditor’s confirmation regarding their independence.
The documentation supporting the conclusions can comprise description of services provided, duration or timing of deliveries, assessment of threats and description of measures, estimated effect on the audited consolidated financial statements and the assessment of materiality. Other useful documentation is description of the 70% calculation made by the auditor.
Monitoring the auditor’s work is made through ongoing contact with the statutory auditor. The work is made somewhat easier through the increased reporting requirements from the auditor to the audit committee. The statutory auditor or the audit firm of public-interest entities is required to prepare a detailed annual report in addition to the audit report to the audit committee. The report shall include among other things:
A description of the frequency and the type of communication between the auditor and the audit committee, the management, the Board of Directors and/or other governing bodies and the auditor, including the date of these meetings.
The materiality levels applied in the audit. Qualitative factors that have been assessed in the determination of the materiality levels.
The group auditor must explain criteria applied in the assessment of what entities are consolidated and whether consolidation exemptions, if any, are in line with the accounting standards.
Identify audit work conducted by an auditor outside the EU who is not a member of the auditor’s network.
A description of the scope and timing of the audit.
A description of which balance sheet items that are verified directly and which are based on test of controls.
An explanation of material changes in audit approach compared to the previous years audits.
Report and explain the assessment of events and circumstances identified in the audit that can cause material doubt about the company’s going concern assumption.
Report and assess valuation methods applied, including any effect of possible changes.
The contents of the audit report will increase due to new legislation. For the audit committees, a particular useful piece of information, is to what extent the audit was able to detect fraud. This information must be tailored.
The audit committee shall approve non-audit services from the auditor, and this involves ongoing contact with the auditor and practical routines for approval. A practical routine may for instance be that the audit committee establishes guidelines for type of services and amounts, and gives a trusted employee (eg. CFO) in the company the authorization to approve.
The introduction of new rules is not expected to change the possibility to purchase services from the statutory auditor significantly compared to the current legislation. This is because most of the services that are prohibited through EU’s regulation/rules are already prohibited in Norway.
The new rules include a list of services that the statutory auditor of the entity can not deliver (see enclosed list following the article). The prohibition only comprises these services. The auditor can deliver services that are not on the list, provided that the auditor complies with the provisions in the Auditors Act regarding independence and provided that the audit committee after having assessed threats to independence, and any safeguards applied to mitigate those threats, approves the delivery. Certain tax services are allowed provided that the auditor complies with the general requirements for independence and that the services are immaterial to the audited financial statements.
As before, the auditor can deliver advisory services related to interpretation of accounting rules, tax rules and corporate issues. There is no prohibition of general legal advice from the auditor. It is prohibited, however, that the auditor or anyone in the auditor's network, for instance lawyers, act as permanent “office of general council” for the audit client.
As a general rule, services that are delivered from the auditor in Norway, either to the entity or its subsidiaries, shall be approved by the audit committee. This also applies for services to subsidiaries within EU/EEA. Services related to decision making, bookkeeping and design and implementation of internal control related to financial information/system can not be delivered to any company in the group. The audit committee must also approve services delivered to the parent company of the group.
Auditor’s fee for non-audit services can not exceed 70%t of the average of the fees paid in the last three consecutive financial years. The three first consecutive financial years will be 2021, 2022 and 2023. The first time an average fee can be calculated, is when 2023 is completed, i.e. in 2024. 70% of the average audit fee for these three years will be the upper limit for advisory fees in 2024. The calculations are to be made by the auditor based on the figures in the auditor’s accounts. The results shall be communicated from the auditor to the audit committee.
All fees invoiced by the statutory auditor in Norway shall be included in the calculation. Audit fee is the fee paid for statutory audit. Fees for other services invoiced from the statutory auditor comprise for instance advisory services and interim audits and attestation services connected to equity transactions. Work related to attestation services that the statutory auditor is required by law to perform, shall not be included.
The rule applies to fees to public-interest entities in Norway and other entities controlled by this entity located in the EU and its parent company located in the EU. Fees for audit services provided by companies in the auditor’s network abroad shall not be included.
The count commences the first financial year starting after the Act came into force. The first year to include will therefore be 2021. The first calculation of the fee limit shall be in 2024 if additional services have been provided from the auditor to the entity for three consecutive years. If additional services have not been provided in one financial year, the count shall start again.
Average audit fee for three consecutive years, for instance 2021, 2022, 2023 shall be measured against the fee for non-audit services in 2025. This fee can not exceed 70% of the average audit fee. The Financial Supervisory Authority of Norway may in special cases grant exemptions, for instance when reorganizations require considerable effort from the statutory auditor.
Public-interest entities have to rotate the auditor at certain intervals. The audit committee shall make sure that a tender process is carried out. The management can, however, be responsible for the practical procedures. The audit committee shall evaluate the process and submit recommendations regarding the selection of an auditor to the Board of Directors who shall convene the General Meeting. The special process requirements do not apply for smaller public-interest entities, i.e. entities that do not exceed two of the following criteria: 250 employees, balance sheet total 43 million euro, annual sales revenue of 50 million euro, and has a market value below 100 million euro.
The audit committee (AC) shall submit a recommendation on at least 2 auditors to the General Meeting (GM) with preference for one of the recommended auditors.
AC shall declare that the recommendation has not been influenced by third parties, and
There are no contracts that have affected the choice.
GM has to explain deviations from AC’s recommendation.
AC is responsible and shall see to it:
The management prepares tender documents:
that enables the participants in the process to understand the business, and
from which the criteria for the selection of the auditor is specified
The management is free to invite auditors and carry out the process.
The management shall assess the tenders based on the criteria, findings from inspections at the auditors shall be considered.
The management shall prepare a report about the process with conclusions.
AC shall approve the report.
No clear rules have been established for when the tender process shall be carried out. Therefore, in theory, the tender processes can be arranged in the eleventh year after the auditor was appointed. In practice this is not recommended. The current auditor can not legally take responsibility for the audit in year 11 prior to possibly being reappointed. Therefore, there is a risk that the company will be without an auditor for a period of time. Besides, the tender process can be time-consuming where many considerations must be weighed against each other.
Public-interest entities must initiate a tender process in order to rotate the audit firm at least every 10 years. The rotation requirement and the requirement to carry out a tender process came into force from the financial year 2021 onwards. The same auditor can not be retained for more than 20 years. After holding the position for 20 years the same auditor can only be reappointed after a cooling-off period of 4 years. The first term of office can not be less than one year. The following transition rules have been established for Norwegian entities by the introduction of new rotation requirements:
Entities who have had the same statutory auditor for at least 20 consecutive financial years must appoint a new auditor for the financial year starting six years after the commencement date for the new provision, at the latest. This includes entities who have had the same auditor from 2001 or earlier. The transition rule implies that the same auditor can be retained through 2026. A new auditor must be appointed with effect from 2027.
Entities who have had the same statutory auditor for at least 11, but less than 20 consecutive financial years, must appoint a new auditor for the financial year starting nine years after the commencement date for the new provision. This includes entities who have had the same auditor from the years between 2002 and 2010. The transition rule implies that the same auditor can be retained through 2029. A new auditor must be appointed with effect from 2030.
For entities who have had the same auditor from 2011, 2012 and so on, the ordinary requirements regarding rotation apply. Entities who have had their auditor from 2011 at the time of commencement have had their auditor for more than 10 years. According to the EU-regulations a tender process must be arranged when the auditor has held the position for 10 years. Because the rotation requirements apply for financial years starting after the audit provision comes into force in Norway, the regulations must be understood so that the tender process must be held in 2021 or 2022 with effect from 2022. The same auditor can be reappointed with effect from 2022 for another 8 years so that the last year of audit becomes 2030. If the first financial year subject to audit was 2012, the auditor will have kept the position for 9 years in 2020. Also in these cases a tender process must be arranged in 2021 or 2022 with effect for 2022. The same auditor can be reappointed with effect from 2022 for another 10 years so that the last year of audit becomes 2031.
In special situations The Financial Supervisory Authority of Norway may, upon application, extend the service period for the auditor by up to two years.
|Has had the same auditor as from this financial year||Must carry out tender process with effect for this financial year at the latest, but may continue with the same auditor||Must carry out tender process and change auditor with effect for this financial year at the latest|
|2001 or earlier||2027|
|2002 – 2010||2030|
*) Services in the table indicated by an asterisk are allowed in Norway subject to the approval of the audit committee and that the services must be without or have insignificant influence on the financial statements.
**) For the provisions mentioned in E., a special rule applies. There must be a one year cooling-off period between the provision of the service and the first year to be audited. For instance, if the first year to be audited is 2021, the auditor can not have provided this type of service in 2020.
A. Tax services related to:
B. Services that involve playing any part in the management or decision-making of the audited entity
C. Bookkeeping and preparation of accounting records and financial statements
D. Payroll services
E . Designing and implementing internal control or risk management procedures related to the preparation and/or control of financial information or designing and implementing financial information technology systems**
F. Valuation services, including valuations performed in connection with actuarial services or litigation support services*
G. Legal services, with respect to:
H. Services related to the audited entity's internal audit function,
I. Services linked to the financing, capital structure and allocation, and investment strategy of the audited entity, except providing assurance services in relation to the financial statements, such as the issuing of comfort letters in connection with prospectuses issued by the audited entity
J. Promoting, dealing in, or underwriting shares in the audited entity,
K. Human resources services, with respect to: