Control Comes at a Cost
Over the past two decades, the audit profession has undergone a significant regulatory transformation, switching from self-regulation to independent government oversight. In the European Union (EU), this shift was initiated in 2006 with the introduction of the Statutory Audit Directive (2006/43/EC), subsequently amended in 2014. The Directive requires Member States to establish Public Oversight Bodies (POBs) responsible for approving and registering audit firms, setting auditing standards, conducting inspections of auditors, and enforcing disciplinary systems for professional misconduct or non-compliance with regulations. The Directive targets primarily auditors of Public Interest Entities (PIE), such as listed companies and financial institutions.
Under the new regime, auditors of PIEs are subject to a full inspection every six or three years, depending on the listing status of their clients. A POB inspection consists of: (a) an assessment of the audit firm's internal quality control systems, and (b) compliance testing of procedures and a review of audit engagement files, which are selected primarily using a risk-based analysis. Upon completion, inspection findings are discussed with the inspected audit firm before the inspection report is finalized. The POB publicly discloses only major deficiencies related to the firm's quality control systems and only does so if the audit firm fails to respond to the report's recommendations within a 12-month period. The POB has the right to perform an investigation (i.e. a second review) if significant issues arise during the inspection or if third parties register complaints. The POB also can take disciplinary action against inspected auditors or audit firms, with measures varying from reprimand to monetary penalties and withdrawal of license.
The introduction of public oversight and POB inspections was intended to improve the quality of auditing of EU companies, and ultimately the credibility of their reported financial information. But, as with most types of regulation, the Statutory Audit Directive was also expected to have non-trivial costs. Examining some of these costs is potentially useful in understanding the net benefits of the new audit regulation In this regard, Florou and Yuan (2023) report a 4.4% rise in audit fees paid by EU companies, following the Directive's implementation. More importantly, the authors show that this audit fee increase is charged mainly to companies in countries with well-staffed POBs (+12.9%), conducting inspections for longer durations (+5.7%) or at the premises of both the auditor and the regulator (+ 13.1%). In these countries, audit inspections are potentially more rigorous and time-consuming. Additionally, the increase in audit fees is incurred primarily by companies in countries with an inspector cooling-off period (+19.5%) or a mixed-funded POB system with no predominant funding stakeholder (+7%). In these countries, audit inspections are potentially more independent and free from undue influences.
Overall, the study shows that auditing is more costly for EU companies, after the new Audit Directive; but only in countries that invest in their audit regulators and protect their independence. Ultimately, the study highlights the intricacies of the audit regulatory landscape. While the implementation of public oversight in the EU aims to elevate audit quality, it also introduces additional costs manifest themselves in increased audit fees, attributable in part to the heightened audit effort required. However, the findings caution against assuming that the mere introduction of POBs and their inspections guarantees more rigorous auditing. Rather, this depends on the effectiveness of the new oversight mechanisms, which in turn depends on the system's resources and independence. Indeed, the conditions under which pubic oversight occurs matter because they determine the extent to which oversight and inspection inputs shape the pricing and quality of auditing.