Transparency Report 2021 - EY Slovenia
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Transparency Report 2021 EY Slovenia
Contents
Message from the leaders ........................................................................................................................... 3
About us .................................................................................................................................................... 5
Legal structure, ownership and governance ............................................................................................... 5
Network arrangements ............................................................................................................................ 6
Creating long-term value for society .......................................................................................................... 7
Commitment to Sustainable Audit Quality..................................................................................................... 9
Infrastructure supporting quality .............................................................................................................. 9
Instilled professional values .................................................................................................................... 12
Internal quality control system................................................................................................................ 14
Client acceptance and continuance.......................................................................................................... 16
Performance of audits ........................................................................................................................... 17
Review and consultation ........................................................................................................................ 19
Rotation and long association ................................................................................................................. 21
Audit quality reviews ............................................................................................................................. 21
External quality assurance review ........................................................................................................... 22
Root cause analysis ............................................................................................................................... 22
Compliance with legal requirements ........................................................................................................ 22
Independence practices ............................................................................................................................ 24
Continuing education and investing in exceptional talent ............................................................................. 26
Development of EY people ..................................................................................................................... 26
Revenue and remuneration........................................................................................................................ 28
Financial information ............................................................................................................................. 28
Partner remuneration ............................................................................................................................ 28
Appendix 1: list of PIE audit clients ............................................................................................................ 30
EY Slovenia PIE audit clients................................................................................................................... 30
Appendix 2: approved EYG member firms ................................................................................................... 31
Transparency Report 2021 | 2
Message from the leaders
Welcome to the Transparency Report 2021 of Ernst & Young d.o.o. (EY
Slovenia). We believe that how we advance audit quality, manage risk and
maintain our independence as auditors should be transparent to stakeholders.
This report is one of the ways in which we provide an update on what we are
doing in these areas.
Janez Uranič
EY Slovenia Executing high-quality audits continues to be the top priority, and is at the
Managing Partner heart of our commitment to serve the public interest. Auditors play a vital role
in the functioning of capital markets by promoting transparency and
supporting investor confidence. Companies, regulators and other stakeholders
count on us to deliver excellence in every engagement.
We are focused on investing in tools to improve what we do, creating high-
performing, diverse and inclusive teams, and building trust and confidence
through the audits we perform.
EY Slovenia’s reputation is based on and grounded in providing high-quality
professional audit services, objectively and ethically, to every company we
Sanja Košir audit.
Nikašinović We embrace the transparency objectives of the European Union’s (EU’s)
EY Slovenia
Regulation 537/2014 and Auditing Act (ZRev-2), which require Slovenia
Assurance Leader
statutory auditors of public interest entities (PIEs) to publish annual
transparency reports.
The EY Slovenia Transparency Report 2021 complies with the Regulation and
Auditing Act (ZRev-2), and covers the fiscal year ending 30 June 2021 as well
as any more recent relevant events. In this report, you can learn about how we
are creating long-term value for society; our commitment to Sustainable Audit
Quality (SAQ), including how we instill professional values, the performance of
audits and internal quality control; independence practices; and the impact of
the COVID-19 pandemic on operations.
The focus on delivering high-quality audits has remained paramount during the
global pandemic. A comprehensive set of actions has been developed to assess
and respond to risk, with a particular focus on fraud risks.
There has also been a continuing commitment to sustainability, as part of the
global organization’s NextWave strategy, to create long-term value for all
stakeholders. This includes an ambition to be carbon negative in 2021,
following the achievement of carbon neutrality in 2020, and to be net zero in
2025, which is an important step in the EY sustainability journey. EY Slovenia
is doing its part in achieving these goals.
We remain focused on enhancing audit quality and upholding our
independence, informed by several factors, including external and internal
inspection results. Continuous improvement of audit quality requires us to
challenge approaches to audit execution, and we concentrate on this by
evaluating inspection findings and taking responsive actions.
Transparency Report 2021 | 3The need for trust and confidence in financial reporting in the capital markets
EY’s purpose: Building a has never been greater, and auditors play an important role in this regard.
better working world
EY is committed to doing its part in
building a better working world. We encourage all our stakeholders — including clients and their investors, audit
committee members and regulators — to continue to engage with us on our
The audits delivered by EY people
strategy as well as any of the matters covered in this report.
help build trust and confidence in
business and the capital markets.
EY auditors serve the public
interest by delivering high-quality,
analytics-driven audits with
independence, integrity, Janez Uranič Sanja Košir Nikašinović
objectivity and professional
skepticism. In so doing, the EY Director, Country Managing Partner Director, Country Assurance Leader
organization helps protect and
promote sustainable and long-term Ernst & Young d.o.o. Ernst & Young d.o.o.
value for stakeholders.
Transparency Report 2021 | 4About us
activities of the relevant member firms within an
Area.
Legal structure, ownership and EY Slovenia is part of the EMEIA Area, which
governance comprises EYG member firms in 96 countries. Within
the EMEIA Area, there were previously 10 Regions,
In Slovenia, Ernst & Young d.o.o. is a limited liability
and, from 1 July 2021, the number has reduced to 8.
Company organized in Ljubljana and is a member
EY Slovenia is part of the CESA Region.
firm of Ernst & Young Global Limited, a UK company
limited by guarantee (EYG). In this report, we refer to Ernst & Young (EMEIA) Limited (EMEIA Limited), an
ourselves as “EY Slovenia,” “we,” “us” or “our.” EY English company limited by guarantee, is the
refers collectively to the global organization of the principal coordinating entity for the EYG member
member firms of EYG. firms in the EMEIA Area. EMEIA Limited facilitates
the coordination of these firms and cooperation
Details regarding the ownership of EY Slovenia are
between them, but it does not control them. EMEIA
available in the public registry of companies in
Limited is a member firm of EYG, has no financial
Slovenia.
operations and does not provide any professional
EY Slovenia also includes the other EYG member services.
firms in Slovenia:
Each Region elects a Regional Partner Forum (RPF),
• Ernst & Young Svetovanje d.o.o. whose representatives advise and act as a sounding
board to Regional leadership. The partner elected as
Ernst & Young d.o.o. performs audit services and Presiding Partner of the RPF also serves as the
audit related services, whereby the company Ernst & Region’s representative on the Global Governance
Young Svetovanje d.o.o. performs tax services, Council (see page 6).
various advisory services and other non-audit In Europe, there is a holding entity, EY Europe SCRL
services. The ultimate controlling company of both (EY Europe). EY Europe is a Limited Liability
members of EYG in Slovenia is the same. Cooperative Company (SCRL or CVBA) incorporated
Formal representatives of the company Ernst & in Belgium. It is an audit firm registered with the
Young d.o.o. Slovenija are partners Janez Uranič and Institut des Reviseurs d’Entreprises (IRE-IBR) in
Sanja Košir Nikašinović, and for Ernst & Young Belgium, but it does not carry out audits or provide
Svetovanje d.o.o. Janez Uranič and Matej Kovačič. any professional services.
Partners are responsible for day to day management To the extent permitted by local legal and regulatory
activities and for the application of global and area requirements, EY Europe has acquired or will acquire
level policy at the country level. voting control of the EYG member firms operating in
EY Slovenia has one office in Slovenia, based in Europe. EY Europe is a member firm of EYG. EY
Ljubljana. Europe acquired voting control of EY Slovenia as of
28 March 2019.
EYG member firms are grouped into three geographic
Areas: Americas; Asia-Pacific; and Europe, Middle The Board of Directors of EY Europe is made up of
East, India and Africa (EMEIA). The Areas comprise senior partners of EYG member firms in Europe. It
multiple Regions. Regions are groupings of member has authority and accountability for strategy
firms (and in the case of the US member firm within execution and management of EY Europe.
that member firm) along geographical lines with the
exception of the Financial Services Organization
(FSO) Regions, which comprise the financial services
Transparency Report 2021 | 5Network arrangements Global Governance Council
The Global Governance Council (GGC) is a key
EY is a global leader in assurance, tax, strategy and governance body of EYG. It comprises one or more
transactions, and consulting services. Worldwide, representatives from each Region, other member
over 312,000 people in member firms in more than firm partners as at-large representatives and
150 countries share a commitment to building a independent non-executives (INEs). The Regional
better working world, united by shared values and an representatives, who otherwise do not hold senior
unwavering commitment to quality, integrity and management roles, are elected by their RPFs for a
professional skepticism. In today’s global market, the three-year term, with provision for one successive
integrated EY approach is particularly important in reappointment. The GGC advises EYG on policies,
the delivery of high-quality multinational audits, strategies, and the public interest aspects of its
which can span nearly every country in the world. decision-making. The GGC approves, in some
instances upon the recommendation of the Global
This integrated approach enables EY member firms Executive (GE), certain matters that could affect EY.
to develop and draw upon the range and depth of
experience required to perform such diverse and Independent Non-Executives
complex audits. Up to six Independent Non-Executives (INEs) are
EYG coordinates the member firms and promotes appointed from outside EY. The INEs are senior
cooperation among them. EYG does not provide leaders from both the public and private sectors and
services, but its objectives include the promotion of reflect diverse geographic and professional
exceptional high-quality client service by member backgrounds. They bring to the global organization,
firms worldwide. Each member firm is a separate and the GGC, the significant benefit of their varied
legal entity. Each member firm’s obligations and perspectives and depth of knowledge. The INEs also
responsibilities as a member of EYG are governed by form a majority of the Public Interest Sub-Committee
the regulations of EYG and various other (PIC) of the GGC. The role of the PIC includes public
agreements. interest aspects of decision-making and stakeholder
dialogue, issues raised under whistleblowing policies
The structure and principal bodies of the global and procedures, and engagement in quality and risk
organization, described below, reflect the principle management discussions. The INEs are nominated by
that EY, as a global organization, has a common a dedicated committee, approved by the GE and
shared strategy. ratified by the GGC.
At the same time, the network operates on a
Regional level within the Areas. This operating model Global Executive
allows for greater stakeholder focus in the Regions, The GE brings together EY’s leadership functions,
permitting member firms to build stronger services and geographies. As of 1 July 2021, it is
relationships with clients and others in each country, chaired by the Chairman and CEO of EYG, and
and be more responsive to local needs. includes its Global Managing Partners of Client
Service and Business Enablement; the Area Managing
EY Areas, Regions and Countries*
Asia-Pacific
6 Regions
Americas 23 Countries
8 Regions
34 Countries
EMEIA
8 Regions
*Figures are as of 1 July 2021’ 96 Countries
Transparency Report 2021 | 6Partners; the global functional leadership for Talent; drive consistency of execution across the
the leaders of the global service lines — Assurance, organization.
Consulting, Strategy and Transactions, and Tax; and
one EYG member firm partner on rotation. EYG member firms
The GE also includes the Global Vice Chair of Under the regulations of EYG, member firms commit
Markets, the Global Vice Chair of Transformation, the themselves to pursue EY’s objectives, such as the
Chief Client Technology Officer, the Chair of the provision of high-quality service worldwide. To that
Global Accounts Committee, the Chair of the end, the member firms undertake the
Emerging Markets Committee, as well as a implementation of global strategies and plans, and
representative from the Emerging Markets practices. work to maintain the prescribed scope of service
capability. They are required to comply with common
The GE and the GGC approve nominations for the
standards, methodologies and policies, including
Chairman and CEO of EYG and ratify appointments of
those regarding audit methodology, quality and risk
the Global Managing Partners. The GE also approves
management, independence, knowledge sharing,
appointments of Global Vice Chairs. The GGC ratifies
talent and technology.
the appointments of any Global Vice Chair who
serves as a member of the GE. Above all, EYG member firms commit to conducting
their professional practices in accordance with
The GE’s responsibilities include the promotion of
applicable professional and ethical standards, and all
global objectives and the development, approval and,
applicable requirements of law. This commitment to
where relevant, implementation of:
integrity and doing the right thing is underpinned by
• Global strategies and plans the EY Global Code of Conduct and EY values (see
• Common standards, methodologies and policies page 31).
to be promoted within member firms
Besides adopting the regulations of EYG, member
• People initiatives, including criteria and firms enter into several other agreements covering
processes for admission, evaluation,
aspects of their membership in the EY organization,
development, and reward and retirement of
such as the right and obligation to use the EY name,
partners
and knowledge sharing.
• Quality improvement and protection programs
• Proposals regarding regulatory matters and Member firms are subject to reviews to evaluate
public policy adherence to EYG requirements and policies
• Policies and guidance relating to member firms’ governing issues, such as independence, quality and
service of international clients, business risk management, audit methodology and HR.
development, and markets and branding Member firms unable to meet quality commitments
• EY’s development funds and investment and other EYG membership requirements may be
priorities subject to termination from the EY organization.
• EYG’s annual financial reports and budgets
• GGC recommendations on certain matters Creating long-term value for society
The GE also has the power to mediate and adjudicate While capitalism has created enormous global
disputes between member firms. prosperity, it has also left too many people behind.
Extreme poverty is already on the rise as a result of
GE committees
the COVID-19 pandemic, and climate change is
Established by the GE, and bringing together threatening to deepen inequality still further as
representatives from across the organization, the GE vulnerable communities are hit first and worst by its
committees are responsible for making effects. EY believes an economic system that is fairer,
recommendations to the GE. In addition to the Global more trustworthy and capable of addressing
Audit Committee, examples of other committees humanity’s most profound challenges is urgently
include Assurance, Consulting, Tax, Strategy and needed.
Transactions, Global Markets and Investments, Global
From advising governments on how to build more
Accounts, Emerging Markets, Talent and Risk
sustainable and inclusive economies, to encouraging
Management.
businesses to focus and report on their creation of
Global Practice Group long-term value for all stakeholders, EY services
already play a vital role in this. However, more can
The Global Practice Group brings together the and must be done.
members of the GE, GE committees, Regional leaders
and sector leaders. It seeks to promote a common As a proud participant in the United Nations Global
understanding of EY’s strategic objectives and helps Compact (UNGC) since 2009, EY is committed to
integrating the UNGC Ten Principles and the UN
Transparency Report 2021 | 7Sustainable Development Goals (SDGs) into EY • Using nature-based solutions and carbon-
strategy, culture and operations. reduction technologies to remove from the
atmosphere or offset more carbon than emitted,
Among other things, this commitment is reflected in: every year
• Providing EY teams with tools to calculate, then
work to reduce, the amount of carbon emitted in
Corporate responsibility governance carrying out client work
structures • Requiring 75% of EY suppliers, by spend, to set
Corporate responsibility across EY is coordinated by science-based targets by no later than FY25
the EY Corporate Responsibility Governance Council • Investing in EY services and solutions that help
(CRGC). This body includes members of the EY Global clients create value from decarbonizing their
Executive and provides senior leadership businesses and provide solutions to other
representation from across EY services lines, sustainability challenges and opportunities
functions and geographic areas.
The EY social impact ambition
The global corporate responsibility program,
EY Ripples, brings together the global EY network
with a goal of positively impacting one billion lives by
2030. To date, EY Ripples initiatives have
cumulatively benefited more than 45 million people,
aided by:
• A rigorous focus on three areas (supporting the
next generation workforce, working with impact
entrepreneurs, and accelerating environmental
sustainability) where the distinctive skills,
knowledge and experience of EY people can
make the biggest difference.
• A collaboration with other like-minded
organizations to build ecosystems capable of
creating change at scale. For example, the
TRANSFORM initiative with Unilever and the UK
Foreign, Commonwealth and Development
Office, which aims to change the lives of 150
million people across sub-Saharan Africa and
South Asia by 2030, by tackling inequality.
•
The EY carbon ambition
EY aims to become carbon negative in 2021 and net
zero in 2025. EY endeavors to achieve this by
significantly reducing absolute carbon emissions, and
then removing or offsetting more than the remaining
amount every year. To reach net zero by FY25, EY
member firms plan to reduce absolute emissions by
40% across Scopes 1, 2 and 3 (versus an FY19
baseline), consistent with a 1.5°C science-based
target approved by the Science Based Targets
initiative (SBTi). Specific actions include:
• Reducing business travel emissions, with a target
to achieve a 35% reduction by FY25 against the
FY19 baseline
• Reducing overall office electricity usage, and
procuring 100% renewable energy for remaining
needs, earning RE100 membership by FY25
• Structuring electricity Power Purchase
Agreements (PPAs) to introduce more renewable
electricity than EY consumes into national grids
Transparency Report 2021 | 8Commitment to
Sustainable Audit
Quality
engagements, which helps achieve compliance with
Infrastructure supporting quality professional standards and EY policies.
Quality in the EY service lines The Global Vice Chair of Assurance coordinates
member firms’ compliance with EY policies and
NextWave is the EY global strategy and ambition to
procedures for services provided by Assurance.
deliver long-term value to clients, people and society.
It has put EY in a strong position to adapt and
innovate, while the EY purpose of Building a better Global Audit Quality Committee
working world continues to inspire EY people not only The EY Global Audit Quality Committee (GAQC) is an
to serve clients, but also to use EY knowledge, skills important element of the culture of continuous
and experiences to support the communities in which improvement. It comprises senior leaders from across
we live and work. The insights and quality services we the EY organization with extensive, diverse and
deliver help build trust and confidence in the capital highly relevant experience. The GAQC advises EY
markets and in economies around the world. Assurance leadership on the many aspects of the
organization’s business, operations, culture, talent
In response to disruptions in the environment, EY
strategy, governance and risk management that
member firms adapted to maintain the delivery of
affect audit quality.
high-quality audits. EY provided its audit
professionals with additional training and enablement The committee develops innovative ideas and
to help detect fraud. In addition, through a data-first approaches to delivering high-quality audits and is a
approach enabled by analytics and digital tools, forum for sharing best practices of EY member firms.
teams were able to deliver high-quality audits with The committee also helps develop audit quality
independence, integrity, objectivity and professional indicators (AQIs) and other forms of quality
skepticism. monitoring that feed into the continuous
improvement cycle.
EY member firms continue to develop the audit of the
future, including ever more sophisticated data Quality Enablement Leaders
analytics, efficiently delivering greater insight and
assurance in support of the high-quality audits that The EY Quality Enablement Leaders (QEL) network is
are valued by the companies that EY audits and the a group of senior Assurance leaders around the world
capital markets. who drive improvements in audit quality by providing
support to engagement teams.
Our people are our greatest asset in delivering
quality and value and building trust. We are elevating Their responsibilities include: coaching teams;
their experiences, using data and technology, so they supporting internal and external inspections; advising
can spend more time addressing risks and exercising teams on remediating the root causes of significant
professional judgment. By applying cutting-edge audit deficiencies; driving practice and project
technologies and sophisticated data analytics, all management; supporting portfolio risk analyses; and
while serving the public interest, our people are able implementing processes related to the EY system of
to connect and contribute to the overall EY purpose quality management, including global AQIs.
of Building a better working world. Using EY Canvas and Milestones (see page 18), as
EYG member firms and their service lines are well as ever more sophisticated artificial intelligence
accountable for delivering high-quality engagements. (AI) tools, the QELs are able to build a picture of audit
EY member firms’ service lines manage the overall quality performance in real time. This, in turn, gives
process for quality reviews of completed greater clarity over where resources should be
engagements and input for the quality of in-process
Transparency Report 2021 | 9deployed to support audit teams and the companies consistently and effectively. The Global, Area,
they audit. Regional and Country PPDs, together with other
professionals who work with them in each member
Professional Practice firm, are knowledgeable about EY people, clients and
processes, and they are readily accessible for
The Global Vice Chair of Professional Practice,
consultation with audit engagement teams.
referred to as the Global Professional Practice
Director (PPD), is overseen by the Global Vice Chair Additional resources often augment the Global
of Assurance and works to establish global audit Professional Practice group, including networks of
quality control policies and procedures. Each of the professionals focused on:
Area PPDs as well as the Global Delivery Service
• Internal-control reporting and related aspects of
center PPD is overseen by the Global PPD and the
the EY audit methodology
related Area Assurance Leader. This helps provide
• Accounting, auditing and risk issues for specific
greater assurance as to the objectivity of audit
topics, industries and sectors
quality and consultation processes.
• Event-specific issues involving areas of civil and
The Global PPD also leads and oversees the Global political unrest; pandemics; or sovereign debt
Professional Practice group. This is a global network and related accounting, auditing, reporting and
of technical subject-matter specialists in accounting disclosure implications
and auditing standards who consult on accounting, • General engagement matters and how to work
auditing and financial reporting matters; and perform effectively with audit committees
various practice monitoring and risk management
activities.
Assurance Governance*
* Illustrative to show global alignment; actual reporting lines may vary based on legal, regulatory and structural considerations
The Global PPD oversees the development of the EY
Global Audit Methodology (EY GAM) and related audit
policies and technologies so that they are consistent
with relevant professional standards and regulatory
requirements. The Global Professional Practice group
also oversees the development of the guidance,
training and monitoring programs, and processes
used by member firm professionals to execute audits
Transparency Report 2021 | 10Risk Management adjust the handling of travel and events, enable a
fully remote workforce and plan for recovery.
Risk Management (RM) coordinates organization-
With a robust GCMP in place, we were able to act
wide activities designed to help EY people meet
quickly to keep EY people safe — the top priority
global and local compliance responsibilities and
throughout the entire process. Throughout the
support client-facing teams in delivering quality and
pandemic, the GCMP team:
exceptional client service. Responsibility for high-
quality service and ownership of the risks associated • Created guidance for various stages of the
with quality is placed with the member firms and pandemic and developed a resource library on
their service lines. the Global Security SharePoint portal to serve as
a centralized repository
Among other things, the Global RM Leader helps • Maintained a daily list of high-risk locations and
monitor the identification and mitigation of these provided a consolidated daily report for each
risks, as well as other risks across the organization as Area
part of the broader enterprise risk management • Produced a daily report for leadership on the
(ERM) framework. The ERM priorities are Global, Area, Region and local impacts
communicated to member firms. The GCMP also had a role in managing confirmed
The Global RM Leader is responsible for establishing cases by:
globally consistent risk management execution • Developing pandemic checklists for local crisis
priorities and co-ordinating risk management across management teams to manage confirmed cases
EY. in the workforce
• Conducting training on how to respond to
Member firm partners are appointed to lead risk confirmed cases
management initiatives (supported by other staff and
• Assisting Talent with contact tracking for
professionals), including coordinating with the confirmed cases
service lines on such matters.
• Providing input and advice on travel, meetings
There have been additional complexities as the world and events, resulting in several global directives
continued to deal with the COVID-19 pandemic. This • Identifying international travelers to help them
has required a coordinated response across EY via return to their home countries safely
activation of the local crisis management plans Now that the focus has shifted to a safe return to the
(CMPs) that reside in nearly all EY member firm office, the GCMP team has developed a recovery plan
offices. CMPs detail specific actions to be taken to that includes:
both protect the EY workforce and respond in the
• Leading the effort to develop return-to-work
event of a COVID-19 infection within an EY
protocols and track the easing of government
workspace. However, while individual offices had to restrictions
deal with issues around contact tracing and safe
• Creating a timeline for reopening offices
workspace practices, there was a need to provide a
set of uniform guidance across all EY Areas. Even • Determining worksite leader responsibilities and
procedures for building management, office
before the World Health Organization (WHO) declared
setup, workspaces and meetings
the existence of a pandemic, the EY Global Crisis
• Establishing personal responsibilities including
Management Program (GCMP) was activated. The
office entry, workspaces, breaks and meetings
GCMP allowed for the creation of a Steering
Committee led by the Global RM Leader who • Developing a post-vaccine recovery plan
convened key Global and Area leadership daily for six Global Confidentiality Policy
months (and thereafter regularly but less frequently)
to address issues relevant to all geographies and Protecting confidential information is ingrained in the
service lines. everyday activities of EYG member firms. Respect for
intellectual capital and all other sensitive and
The Steering Committee issued regular guidance on restricted information is required by the EY Global
EY’s COVID-19 response protocols and addressed Code of Conduct, which provides a clear set of
issues related to travel, meetings and events as well principles to guide the behaviors expected of all
as adoption and promotion of best practices, and those who work with EY. The Global Confidentiality
relayed specific safe working practices guidance from Policy further details this approach to protect
the WHO. Guidance is still being issued and risk information and reflect ever-changing restrictions on
factors are being monitored during the second year the use of data. This policy provides added clarity for
of the global pandemic. those who work with EY member firms and forms the
In implementing the GCMP, the goal was to keep fundamental broader guidance that includes key
people safe and informed, manage confirmed cases, policies on conflicts of interest, personal data privacy
and records retention. Other guidance includes:
Transparency Report 2021 | 11• Social media guidance Components of our audit quality
• Information-handling requirements control program
In addition, the global policy on reporting fraud, In the following sections, we describe the principal
illegal acts and other noncompliance with laws and components of the audit quality control program,
regulations, and EY’s Global Code of Conduct which EY Slovenia follows:
requires EY professionals to speak up on observing • Instilled professional values
behavior that is believed to be a violation of a law or
• Internal quality control system
regulation, the applicable standard or EY’s Global
Code of Conduct. This includes the unauthorized or • Client acceptance and continuance
improper disclosure of confidential information. • Performance of audits
• Review and consultation
Global Personal Data Protection Policy • Rotation and long association
The global policy on personal data protection • Audit quality reviews
supports and builds upon provisions within the EY • External quality assurance reviews
Global Code of Conduct, regarding respecting and • Root cause analysis
protecting personal information, in accordance with • Compliance with legal requirements
applicable law, regulatory frameworks and
professional standards. This has been updated to be Instilled professional values
consistent with the EU General Data Protection
Regulation (GDPR) and other local regulations across Sustainable Audit Quality
the globe.
Quality is the foundation of our work and central to
Cybersecurity EY member firms’ responsibility to provide
confidence to the capital markets. This is reflected in
Managing the risk of major and complex cyberattacks the Sustainable Audit Quality (SAQ) program, which
is a part of conducting business for all organizations. continues to be the highest priority for EY member
While no systems are immune from the threat of firms’ Assurance practices.
cyberattacks, EY Slovenia is vigilant in the steps it
takes to secure and protect client data. SAQ establishes a strong governance structure that
enables each member firm to provide high-quality
The EY approach to cybersecurity is proactive and audits. It is implemented locally, and coordinated and
includes the implementation of technologies and overseen globally. The word “sustainable” in SAQ is
processes necessary to manage and minimize used to demonstrate that this is not a one-off, short-
cybersecurity risks globally. EY information security term initiative, but an ongoing process of
and data privacy programs, consistent with industry improvement.
practices and applicable legal requirements, are
designed to protect against unauthorized access to There are six SAQ pillars: tone at the top; exceptional
systems and data. There is a dedicated team of talent; simplification and innovation; audit
cybersecurity specialists, who constantly monitor and technology and digital; enablement and quality
defend EY systems. support; and accountability. These pillars are
supported by a foundation of serving the public
Beyond technical and process controls, all EY people interest.
are required to annually affirm in writing their
understanding of the principles contained in the EY Significant progress has been made through SAQ. EY
Global Code of Conduct and their commitment to member firms’ internal and external inspection
abide by them. There are also required security findings globally are improving, and there is greater
awareness learning activities. Various policies outline consistency in execution. The trend in results also
the due care that must be taken with technology and reflects the involvement of the QEL network and a
data, including, but not limited to, the Global focus on culture and behaviors.
Information Security Policy, and a global policy on EY has deployed leading technological tools that
the acceptable use of technology. EY cybersecurity enhance the quality and value of EY audits, including
policies and processes recognize the importance of the EY Canvas online audit platform, EY Helix
timely communication. analytics platform and EY Atlas research platform.
EY people receive regular and periodic EY Canvas facilitates the use of the “Milestones”
communications reminding them of their project management functionality, which helps audit
responsibilities outlined in these policies and of teams stay on pace with their audit execution and
general security awareness practice. drive executive involvement. The EY Canvas Client
Portal, which is a component of EY Canvas, magnifies
its importance in having a secure and user-friendly
Transparency Report 2021 | 12platform in transmitting data between engagement reinforce the importance of performing quality work,
teams and the companies audited while effectively complying with professional standards, adhering to
monitoring the pacing of the audit. This suite of tools EY policies and leading by example. In addition, EY
played a key role in helping EY navigate this past member firms assess the quality of professional
year: having the right technology and tools in place services provided as a key metric in evaluating and
for EY audit teams to work together effectively in a rewarding EY professionals.
remote environment continues to be a key success The EY culture strongly supports collaboration and
factor and differentiator. places special emphasis on the importance of
Additionally, EY Helix and the entire suite of data consultation in dealing with complex or subjective
analytic tools represent key ways to address the risk accounting, auditing, reporting, regulatory and
of fraud in audit execution. Increasing the required independence matters. We believe it is important to
use of these tools provides a more robust response to determine that engagement teams and clients
audit risks associated with companies facing correctly follow consultation advice, and we
economic challenges, especially in light of the emphasize this when necessary.
pandemic. Broader adoption of these data analytic
tools is occurring this year. The consistent stance of EY Slovenia has been
EY Atlas is a cloud-based platform for accessing and that no client is more important than our
searching accounting and auditing content, including professional reputation — the reputation of EY
external standards, EY interpretations and thought Slovenia and the reputation of each of our
leadership. professionals.
Current SAQ initiatives are focused on supporting EY
teams in understanding the business of the Global Code of Conduct
companies audited. By leveraging data and
technology and executing enhanced engagement risk We promote a culture of integrity among our
assessment, EY is continuing to drive quality audit professionals. The EY Global Code of Conduct
execution. Additionally, a network of coaches is provides a clear set of principles that guide our
actively supporting engagement teams in staying on actions and our business conduct and are to be
track with respect to the pace of their audits, driving followed by all EY personnel. The EY Global Code of
timely executive involvement and providing positive Conduct is divided into five categories:
direction and enablement when necessary. • Working with one another
Audit quality is something that every team member • Working with clients and others
must understand and be committed to implementing • Acting with professional integrity
locally. SAQ is essential to all our goals and • Maintaining our objectivity and independence
ambitions, and each Regional and Area leader has a
• Protecting data, information and intellectual
role in achieving these goals. capital
The SAQ infrastructure demonstrates that audit Through our procedures to monitor compliance with
quality is the single most important factor in our the EY Global Code of Conduct and through frequent
decision-making and the key measure on which our communications, we strive to create an environment
professional reputation stands. that encourages all personnel to act responsibly,
including reporting misconduct without fear of
Tone at the top
retaliation.
EY Slovenia’s leadership is responsible for setting the
right tone at the top and demonstrating EY’s Whistleblowing
commitment to building a better working world The EY Ethics Hotline provides EY people, clients and
through behavior and actions. While the tone at the others outside of the organization with a means to
top is vital, EY people also understand that quality confidentially report activity that may involve
and professional responsibility start with them and unethical or improper behavior, and that may be in
that within their teams and communities, they are violation of professional standards or otherwise
leaders too. EY shared values, which inspire EY inconsistent with the EY shared values or Global Code
people and guide them to do the right thing, and the of Conduct. Globally, the hotline is operated by an
EY commitment to quality are embedded in who we external organization that provides confidential and,
are and in everything we do. if desired, anonymous hotline reporting.
The EY approach to business ethics and integrity is
When a report comes into the EY Ethics Hotline,
contained in the EY Global Code of Conduct and other
either by phone or internet, it receives prompt
policies and is embedded in the EY culture of
attention. Depending on the content of the report,
consultation, training programs and internal
appropriate individuals from Risk Management,
communications. Senior leadership regularly
Transparency Report 2021 | 13Talent, Legal or other functions are involved in perspectives, spanning geographies, service lines and
addressing the report. The same procedures are functions.
followed for matters that are reported outside of the
EY Ethics Hotline. Our values: who we are
Diversity and inclusiveness
People who People with People who
EY has a long-standing commitment to diversity and demonstrate energy, build
inclusiveness (D&I). This commitment to building integrity, enthusiasm relationships
high-performing, diverse and inclusive teams is respect, and the based on
teaming and courage doing the
especially important in audit, where diverse inclusiveness to lead right thing
perspectives drive professional skepticism and critical
thinking. Greater diversity and inclusive
1 2 3
environments drive better decision-making, stimulate
innovation and increase organizational agility. Internal quality control system
EY has been on a D&I journey for decades, and while
substantial progress has been made, under the global
Structure
NextWave strategy and ambition EY has committed to EY Slovenia’s reputation for providing high-quality
increasing D&I progress throughout the organization. professional audit services independently, objectively
The Global Executive has made a visible commitment and ethically is fundamental to our success as
to EY people and to the market to accelerate D&I at independent auditors. We continue to invest in
EY through signing the Global Executive Diversity & initiatives to promote enhanced objectivity,
Inclusion Statement. Not only does this reinforce that independence and professional skepticism. These are
D&I is a key business lever, it ensures that EY fundamental attributes of a high-quality audit.
member firms hold themselves accountable for
progress, starting with the tone at the top. At EY Slovenia, our role as auditors is to provide
assurance on the fair presentation of the financial
There has been a particular focus on promoting
statements of the companies audited. We bring
gender diversity over recent years. In 2021, 36.8% of
together qualified teams to provide audit services,
new audit partners, globally, were women. A strong
drawing on our broad experience across industry
pipeline of female leadership has been built,
sectors and services. We continually strive to improve
supported by 52.4% of all audit hires across the globe
quality and risk management processes so that the
in 2020 being female.
quality of our service is at a consistently high level.
Inclusive organizations maximize the power of all
differences. Employees need to feel they are working In today’s environment, characterized by continuing
for an organization that not only values them as globalization, rapid movement of capital and the
individuals, but also sees differences as strengths impact of technological changes, the quality of our
and values their contributions. Fostering this sense of audit services has never been more important. As
belonging is critical to helping the EY organization part of NextWave, there is a continued and strong
attract the most talented individuals, and helping our investment in the development and maintenance of
professionals stay motivated and engaged. the EY audit methodology, tools and other resources
needed to support high-quality audits.
In the November 2020 employee listening survey,
82% of auditors said the EY organization prepares While the market and stakeholders continue to
them to work effectively with clients and colleagues demand high-quality audits, they also demand an
from different countries and cultures, and 86% increasingly effective and efficient delivery of audit
agreed that the people they work with make them services. In addition to the investments mentioned,
feel that they belong to a team. EY continues to seek ways to improve the
Leaders across EY make D&I a priority and it is a key effectiveness and efficiency of its audit methodology
metric across all the organization’s talent and processes, while improving audit quality.
management programs. To enable greater EY works to understand where member firms’ audit
accountability across the EY organization, the Global quality may not be up to their own expectations and
D&I Tracker helps track progress with consistent those of stakeholders, including independent audit
diversity and inclusiveness metrics and reporting regulators. This includes seeking to learn from
across the organization globally. EY also created the external and internal inspection activities and to
Global Social Equity Task Force (GSET) to develop identify the root causes of adverse quality
cohesive action plans specifically addressing inequity occurrences to enable a continual improvement of
and discrimination, including racism. It includes EY audit quality.
leaders with a wide range of backgrounds and
Transparency Report 2021 | 14Effectiveness of the quality control system Update to the control framework – ISQM 1
EY has designed and implemented a comprehensive In September 2020, the IAASB approved a quality
set of global audit quality control policies and management standard that includes significant
practices. These policies and practices meet the changes to the way professional accountancy firms
requirements of the International Standards on manage quality. The International Standard on
Quality Control issued by the International Auditing Quality Management 1 (ISQM 1) will replace the
and Assurance Standards Board (IAASB). EY Slovenia current International Standard on Quality Control 1
has adopted these global policies and procedures and (ISQC 1) and requires a more proactive and risk-
has supplemented them as necessary to comply with based approach to managing quality at the firm level.
local laws and professional guidelines, and to address ISQM 1 requires firms to design, implement, monitor
specific business needs. and evaluate the overall system of quality
We also execute the EY Audit Quality Review (AQR) management (SQM) that provides reasonable
program to evaluate whether our system of audit assurance a firm will meet prescribed quality
quality control has operated effectively to provide objectives.
reasonable assurance that EY Slovenia and our The standard includes more robust requirements for
people comply with applicable professional the governance, leadership and culture of
standards, internal policies and regulatory professional accountancy firms, and introduces a risk
requirements. assessment process for firms to assess risks to
achieving quality objectives and design responses
The results of the AQR program and external
that address those risks. It also requires more
inspections are evaluated and communicated within
extensive monitoring of the SQM to identify
EY Slovenia to provide the basis for continual
deficiencies that require corrective actions and to
improvement in audit quality, consistent with the
provide the basis for evaluating the overall
highest standards in the profession.
effectiveness of the SQM.
The Global Executive has responsibility for the The EY approach is to design an SQM that is
coordination of quality improvement implementation. consistently applied across the entire network of
As such, it reviews the results of the internal AQR member firms to promote consistent engagement
program and external audit firm regulatory reviews, quality and operating effectiveness. This is especially
as well as any key actions designed to address areas important in a global economy where many audits are
for improvement. transnational and involve the use of other EY
The recent results of such monitoring, together with member firms.
feedback from independent audit regulators, provide The standard requires firms to design and implement
EY Slovenia with a basis to conclude that our internal a system of quality management by December 2022.
control systems are designed appropriately and are EY Slovenia has commenced work to implement the
operating effectively. new standard alongside the EY System of Quality
Management transformation program. Our initial
Audit quality indicators
steps have included:
Audit quality is not defined in professional standards,
• Identifying the functions and service lines that
and stakeholders may have different views on how it
provide support for, or perform engagements
should be measured. While no single reportable within the scope of ISQM 1
metric or set of metrics can be viewed as a sole
• Establishing a program governance structure to
indicator of audit quality, a set of metrics can be used manage design and implementation of a system
to give an indication of audit quality. of quality management that complies with ISQM
Assurance leadership monitors the execution of the 1 with representatives from various functions
and service lines
EY strategy and vision by local geographies through a
combination of metrics or audit quality indicators • Identifying and assessing quality risks, and
documenting responses in accordance with the
(AQIs). These include: external and internal
network-developed approach
inspection results; Milestones performance; people
surveys; and retention rates. • Identifying and understanding network resources
and their implementation or use by the country
AQI dashboards help to inform the leadership about in its SQM
whether particular actions are having the intended • Challenging and identifying enhancements to the
effect, to provide an early warning where existing quality control system to achieve
intervention is warranted and to support the compliance with the new standard
effectiveness of the overall EY system of quality We believe that implementing the requirements
management. within ISQM 1 will be useful to improving quality at
Transparency Report 2021 | 15the firm and engagement level, because an effective global, service line and member firm policies. PACE
system of quality management is foundational to takes users through the acceptance and continuance
achieving consistent engagement quality. requirements, and identifies the policies and
references to professional standards needed to
assess both business opportunities and associated
risks.
Client acceptance and continuance
As part of this process, we carefully consider the risk
Global policy on client and engagement characteristics of a prospective client or engagement
acceptance and the results of due diligence procedures. Before
The EY global policy on client and engagement taking on a new engagement or client, we determine
acceptance sets out principles for member firms to whether we can commit sufficient resources to
determine whether to accept a new client or a new deliver quality service, especially in highly technical
engagement, or to continue with an existing client or areas, and if the services the client wants are
engagement. These principles are fundamental to appropriate for us to provide. The approval process is
maintaining quality, managing risk, protecting EY rigorous, and no new audit engagement may be
people and meeting regulatory requirements. The accepted without the approval of Regional or
objectives of the policy are to: local PPD.
• Establish a rigorous process for evaluating risk In the EY annual client and engagement continuance
and making decisions to accept or continue process, we review our service and ability to continue
clients or engagements to provide a quality service, and confirm that clients
• Meet applicable independence requirements share EY Slovenia’s commitment to quality and
• Identify and deal appropriately with any conflicts transparency in financial reporting. The lead audit
of interest engagement partner of each audit, together with our
• Identify and decline clients or engagements that Assurance leadership, annually reviews our
pose excessive risk relationship with the audit client to determine
• Require consultation with designated whether continuance is appropriate.
professionals to identify additional risk As a result of this review, certain audit engagements
management procedures for specific high-risk
are identified as requiring additional oversight
factors
procedures during the audit (close monitoring), and
• Comply with legal, regulatory and professional some audit clients are discontinued. As with the
requirements
client acceptance process, our Regional PPD is
In addition, the EY global policy on conflicts of involved in the client continuance process and must
interest defines global standards for addressing agree with the continuance decisions.
categories of potential conflicts of interest and a
Decisions about acceptance or continuance of clients
process for identifying them. It also includes
and engagements consider the engagement team’s
provisions for managing potential conflicts of interest
assessment of several risk factors across a broad
as quickly and efficiently as possible, using
range of categories including management’s attitude,
appropriate safeguards. Such safeguards may include
internal controls and related parties.
obtaining client consent to act for another party
where a conflict of interest may exist, establishing
separate engagement teams to act for two or more
parties, implementing appropriate separations
between engagement teams or declining an
engagement to avoid an identified conflict.
The EY global policy on conflicts of interest and
associated guidance consider the increasing
complexity of engagements and client relationships,
and the need for speed and accuracy in responding to
clients. They also align with the latest International
Ethics Standards Board for Accountants (IESBA)
standards.
Putting policy into practice
We use the EY Process for Acceptance of Clients and
Engagements (PACE), an intranet-based system, for
efficiently coordinating client and engagement
acceptance and continuance activities in line with
Transparency Report 2021 | 16You can also read
