Transparency Report 2021 - TSATR - Audit Services LLC - EY
←
→
Page content transcription
If your browser does not render page correctly, please read the page content below
Contents Message from the leaders.................................................................................................................................3 About us ..........................................................................................................................................................5 Legal structure, ownership and governance....................................................................................................5 Network arrangements..................................................................................................................................6 Creating long-term value for society ..............................................................................................................8 Commitment to Sustainable Audit Quality .........................................................................................................9 Infrastructure supporting quality ...................................................................................................................9 Instilled professional values.........................................................................................................................12 Internal quality control system ....................................................................................................................14 Client acceptance and continuance ..............................................................................................................16 Performance of audits.................................................................................................................................17 Review and consultation..............................................................................................................................19 Rotation and long association ......................................................................................................................20 Audit quality reviews...................................................................................................................................21 External quality assurance review ................................................................................................................22 Root cause analysis.....................................................................................................................................22 Compliance with legal requirements.............................................................................................................22 Independence practices ..................................................................................................................................24 Continuing education and investing in exceptional talent .................................................................................26 Development of EY people...........................................................................................................................26 Revenue and remuneration .............................................................................................................................28 Financial information ..................................................................................................................................28 Partner remuneration .................................................................................................................................28 Appendix 1: list of PIE audit clients .................................................................................................................30 TSATR – Audit Services LLC PIE audit clients ................................................................................................30 Appendix 2: approved EYG member firms .......................................................................................................31 Transparency Report 2021 | 2
Message from the leaders Welcome to the Transparency Report 2021 of TSATR – Audit Services LLC (the name before 11 April 2022 - Ernst & Young LLC). We believe that how we advance audit quality, manage risk and maintain our independence as auditors should be transparent to stakeholders. This report is one of the ways in which we provide an update on what we are doing in these areas. Executing high-quality audits continues to be the top priority, and is at the heart of our commitment to serve the public interest. Auditors play a vital role Alexander Ivlev in the functioning of capital markets by promoting transparency and EY Russia supporting investor confidence. Companies, regulators and other stakeholders Managing Partner count on us to deliver excellence in every engagement. We are focused on investing in tools to improve what we do, creating high- performing, diverse and inclusive teams, and building trust and confidence through the audits we perform. EY Russia’s reputation is based on and grounded in providing high-quality professional audit services, objectively and ethically, to every company we audit. We embrace the transparency objectives of the applicable UK and EU Dmitry Neverko regulations (“Regulations”), which require Russian statutory auditors (as a EY Russia Assurance Leader third country auditors) of companies incorporated outwith the UK whose transferable securities are admitted to trading on the UK regulated market General Director of TSATR (PIEs) to publish annual transparency reports. – Audit Services LLC The TSATR – Audit Services LLC Transparency Report 2021 complies with the Regulations. In this report, you can learn about how we are creating long-term value for society; our commitment to Sustainable Audit Quality (SAQ), including how we instill professional values, the performance of audits and internal quality control; independence practices; and the impact of the COVID- 19 pandemic on operations. The focus on delivering high-quality audits has remained paramount during the global pandemic. A comprehensive set of actions has been developed to assess and respond to risk, with a particular focus on fraud risks. There has also been a continuing commitment to sustainability, as part of the global organization’s NextWave strategy, to create long-term value for all stakeholders. This includes an ambition to be carbon negative in 2021, following the achievement of carbon neutrality in 2020, and to be net zero in 2025, which is an important step in the EY sustainability journey. EY Russia is doing its part in achieving these goals. We remain focused on enhancing audit quality and upholding our independence, informed by several factors, including external and internal inspection results. Continuous improvement of audit quality requires us to challenge approaches to audit execution, and we concentrate on this by evaluating inspection findings and taking responsive actions. Transparency Report 2021 | 3
About us • TSATR – Audit Services LLC branch in Legal structure, ownership and Novosibirsk governance • TSATR – Audit Services LLC branch in Rostov-on- Don In Russia, TSATR – Audit Services LLC is a limited • TSATR – Audit Services LLC branch in Saint- liability company organized in Moscow and is a Petersburg member firm of Ernst & Young Global Limited, a UK company limited by guarantee (EYG). • TSATR – Audit Services LLC branch in Vladivostok TSATR – Audit Services LLC is owned by individuals EYG member firms are grouped into three geographic (EY partners), all members of the Russian self- Areas: Americas; Asia-Pacific; and Europe, Middle regulated organization of auditors. East, India and Africa (EMEIA). The Areas comprise The former name of TSATR – Audit Services LLC was multiple Regions. Regions are groupings of member Ernst & Young LLC. The new name was registered on firms along geographical lines with the exception of 11 April 2022. the Financial Services Organization (FSO) Regions, which comprise the financial services activities of the EY Russia also includes the other EYG member firms relevant member firms within an Area. in Russia: EY Russia is part of the EMEIA Area, which comprises • Center for Audit Technologies and Solutions EYG member firms in 96 countries. Within the EMEIA Limited Liability Company Area, there were previously 10 Regions, and, from 1 • Moscow branch of Ernst & Young (CIS) B.V. July 2021, the number has reduced to 8. EY Russia • Ernst & Young Business Advisory Services is part of the Central, Eastern and Southeastern Limited Liability Company Europe & Central Asia (CESA) Region • Ernst & Young IT Limited Liability Company Ernst & Young (EMEIA) Limited (EMEIA Limited), an • Ernst & Young Valuation and Advisory Services English company limited by guarantee, is the Limited Liability Company principal coordinating entity for the EYG member • EY Academy of Business Limited Liability firms in the EMEIA Area. EMEIA Limited facilitates Company the coordination of these firms and cooperation In this report, we refer to ourselves as “EY Russia” between them, but it does not control them. EMEIA “we,” “us” or “our.” EY refers collectively to the Limited is a member firm of EYG, has no financial global organization of the member firms of EYG. operations and does not provide any professional Operationally, EYG member firms in Russia are services. managed by the Country Managing Partner, and each Each Region elects a Regional Partner Forum (RPF), firm is managed by a General Director. For more whose representatives advise and act as a sounding information on EY governance please refer to board to Regional leadership. The partner elected as “Network Arrangements” section. Presiding Partner of the RPF also serves as the TSATR – Audit Services LLC has the following Region’s representative on the Global Governance branches in Russia: Council (see page 7). • TSATR – Audit Services LLC branch in Ekaterinburg • TSATR – Audit Services LLC branch in Kazan • TSATR – Audit Services LLC branch in Krasnodar Transparency Report 2021 | 5
EY Areas, Regions and Countries* Asia-Pacific 6 Regions 23 Countries Americas 8 Regions 34 Countries EMEIA 8 Regions 96 Countries *Figures are as of 1 July 2021’ Network arrangements EY is a global leader in assurance, tax, strategy and transactions, and consulting services. Worldwide, over 312,000 people in member firms in more than 150 countries share a commitment to building a better working world, united by shared values and an unwavering commitment to quality, integrity and professional skepticism. In today’s global market, the integrated EY approach is particularly important in the delivery of high-quality multinational audits, which can span nearly every country in the world. This integrated approach enables EY member firms to develop and draw upon the range and depth of experience required to perform such diverse and complex audits. EYG coordinates the member firms and promotes cooperation among them. EYG does not provide services, but its objectives include the promotion of exceptional high-quality client service by member firms worldwide. Each member firm is a separate legal entity. Each member firm’s obligations and responsibilities as a member of EYG are governed by the regulations of EYG and various other agreements. The structure and principal bodies of the global organization, described below, reflect the principle that EY, as a global organization, has a common shared strategy. At the same time, the network operates on a Regional level within the Areas. This operating model allows for greater stakeholder focus in the Regions, permitting member firms to build stronger relationships with clients and others in each country, and be more responsive to local needs. Transparency Report 2021 | 6
Global Governance Council The GE’s responsibilities include the promotion of global objectives and the development, approval and, The Global Governance Council (GGC) is a key where relevant, implementation of: governance body of EYG. It comprises one or more • Global strategies and plans representatives from each Region, other member firm partners as at-large representatives and • Common standards, methodologies and policies to be promoted within member firms independent non-executives (INEs). The Regional representatives, who otherwise do not hold senior • People initiatives, including criteria and processes for admission, evaluation, management roles, are elected by their RPFs for a development, and reward and retirement of three-year term, with provision for one successive partners reappointment. The GGC advises EYG on policies, • Quality improvement and protection programs strategies, and the public interest aspects of its decision-making. The GGC approves, in some • Proposals regarding regulatory matters and public policy instances upon the recommendation of the Global Executive (GE), certain matters that could affect EY. • Policies and guidance relating to member firms’ service of international clients, business Independent Non-Executives development, and markets and branding • EY’s development funds and investment Up to six Independent Non-Executives (INEs) are priorities appointed from outside EY. The INEs are senior • EYG’s annual financial reports and budgets leaders from both the public and private sectors and reflect diverse geographic and professional • GGC recommendations on certain matters backgrounds. They bring to the global organization, The GE also has the power to mediate and adjudicate and the GGC, the significant benefit of their varied disputes between member firms. perspectives and depth of knowledge. The INEs also form a majority of the Public Interest Sub-Committee GE committees (PIC) of the GGC. The role of the PIC includes public Established by the GE, and bringing together interest aspects of decision-making and stakeholder representatives from across the organization, the GE dialogue, issues raised under whistleblowing policies committees are responsible for making and procedures, and engagement in quality and risk recommendations to the GE. In addition to the Global management discussions. The INEs are nominated by Audit Committee, examples of other committees a dedicated committee, approved by the GE and include Assurance, Consulting, Tax, Strategy and ratified by the GGC. Transactions, Global Markets and Investments, Global Accounts, Emerging Markets, Talent and Risk Global Executive Management. The GE brings together EY’s leadership functions, services and geographies. As of 1 July 2021, it is Global Practice Group chaired by the Chairman and CEO of EYG, and The Global Practice Group brings together the includes its Global Managing Partners of Client members of the GE, GE committees, Regional leaders Service and Business Enablement; the Area Managing and sector leaders. It seeks to promote a common Partners; the global functional leadership for Talent; understanding of EY’s strategic objectives and helps the leaders of the global service lines — Assurance, drive consistency of execution across the Consulting, Strategy and Transactions, and Tax; and organization. one EYG member firm partner on rotation. EYG member firms The GE also includes the Global Vice Chair of Markets, the Global Vice Chair of Transformation, the Under the regulations of EYG, member firms commit Chief Client Technology Officer, the Chair of the themselves to pursue EY’s objectives, such as the Global Accounts Committee, the Chair of the provision of high-quality service worldwide. To that Emerging Markets Committee, as well as a end, the member firms undertake the representative from the Emerging Markets practices. implementation of global strategies and plans, and work to maintain the prescribed scope of service The GE and the GGC approve nominations for the capability. They are required to comply with common Chairman and CEO of EYG and ratify appointments of standards, methodologies and policies, including the Global Managing Partners. The GE also approves those regarding audit methodology, quality and risk appointments of Global Vice Chairs. The GGC ratifies management, independence, knowledge sharing, the appointments of any Global Vice Chair who talent and technology. serves as a member of the GE. Above all, EYG member firms commit to conducting their professional practices in accordance with Transparency Report 2021 | 7
applicable professional and ethical standards, and all The EY social impact ambition applicable requirements of law. This commitment to integrity and doing the right thing is underpinned by The global corporate responsibility program, the EY Global Code of Conduct and EY values (see EY Ripples, brings together the global EY network page 13). with a goal of positively impacting one billion lives by 2030. To date, EY Ripples initiatives have Besides adopting the regulations of EYG, member cumulatively benefited more than 45 million people, firms enter into several other agreements covering aided by: aspects of their membership in the EY organization, • A rigorous focus on three areas (supporting the such as the right and obligation to use the EY name, next generation workforce, working with impact and knowledge sharing. entrepreneurs, and accelerating environmental Member firms are subject to reviews to evaluate sustainability) where the distinctive skills, adherence to EYG requirements and policies knowledge and experience of EY people can governing issues, such as independence, quality and make the biggest difference. risk management, audit methodology and HR. • A collaboration with other like-minded Member firms unable to meet quality commitments organizations to build ecosystems capable of and other EYG membership requirements may be creating change at scale. For example, the TRANSFORM initiative with Unilever and the UK subject to termination from the EY organization. Foreign, Commonwealth and Development Office, which aims to change the lives of 150 Creating long-term value for society million people across sub-Saharan Africa and South Asia by 2030, by tackling inequality. While capitalism has created enormous global prosperity, it has also left too many people behind. The EY carbon ambition Extreme poverty is already on the rise as a result of EY aims to become carbon negative in 2021 and net the COVID-19 pandemic, and climate change is zero in 2025. EY endeavors to achieve this by threatening to deepen inequality still further as significantly reducing absolute carbon emissions, and vulnerable communities are hit first and worst by its then removing or offsetting more than the remaining effects. EY believes an economic system that is fairer, amount every year. To reach net zero by FY25, EY more trustworthy and capable of addressing member firms plan to reduce absolute emissions by humanity’s most profound challenges is urgently 40% across Scopes 1, 2 and 3 (versus an FY19 needed. baseline), consistent with a 1.5°C science-based From advising governments on how to build more target approved by the Science Based Targets sustainable and inclusive economies, to encouraging initiative (SBTi). Specific actions include: businesses to focus and report on their creation of • Reducing business travel emissions, with a target long-term value for all stakeholders, EY services to achieve a 35% reduction by FY25 against the already play a vital role in this. However, more can FY19 baseline and must be done. • Reducing overall office electricity usage, and procuring 100% renewable energy for remaining As a proud participant in the United Nations Global needs, earning RE100 membership by FY25 Compact (UNGC) since 2009, EY is committed to • Structuring electricity Power Purchase integrating the UNGC Ten Principles and the UN Agreements (PPAs) to introduce more renewable Sustainable Development Goals (SDGs) into EY electricity than EY consumes into national grids strategy, culture and operations. • Using nature-based solutions and carbon- Among other things, this commitment is reflected in: reduction technologies to remove from the atmosphere or offset more carbon than emitted, every year Corporate responsibility governance • Providing EY teams with tools to calculate, then structures work to reduce, the amount of carbon emitted in carrying out client work Corporate responsibility across EY is coordinated by the EY Corporate Responsibility Governance Council • Requiring 75% of EY suppliers, by spend, to set (CRGC). This body includes members of the EY Global science-based targets by no later than FY25 Executive and provides senior leadership • Investing in EY services and solutions that help representation from across EY services lines, clients create value from decarbonizing their businesses and provide solutions to other functions and geographic areas. sustainability challenges and opportunities Transparency Report 2021 | 8
Commitment to Sustainable Audit Quality engagements and input for the quality of in-process Infrastructure supporting quality engagements, which helps achieve compliance with professional standards and EY policies. Quality in the EY service lines The Global Vice Chair of Assurance coordinates NextWave is the EY global strategy and ambition to member firms’ compliance with EY policies and deliver long-term value to clients, people and society. procedures for services provided by Assurance. It has put EY in a strong position to adapt and innovate, while the EY purpose of Building a better working world continues to inspire EY people not only Global Audit Quality Committee to serve clients, but also to use EY knowledge, skills The EY Global Audit Quality Committee (GAQC) is an and experiences to support the communities in which important element of the culture of continuous we live and work. The insights and quality services we improvement. It comprises senior leaders from across deliver help build trust and confidence in the capital the EY organization with extensive, diverse and markets and in economies around the world. highly relevant experience. The GAQC advises EY Assurance leadership on the many aspects of the In response to disruptions in the environment, EY organization’s business, operations, culture, talent member firms adapted to maintain the delivery of strategy, governance and risk management that high-quality audits. EY provided its audit affect audit quality. professionals with additional training and enablement to help detect fraud. In addition, through a data-first The committee develops innovative ideas and approach enabled by analytics and digital tools, approaches to delivering high-quality audits and is a teams were able to deliver high-quality audits with forum for sharing best practices of EY member firms. independence, integrity, objectivity and professional The committee also helps develop audit quality skepticism. indicators (AQIs) and other forms of quality monitoring that feed into the continuous EY member firms continue to develop the audit of the improvement cycle. future, including ever more sophisticated data analytics, efficiently delivering greater insight and Quality Enablement Leaders assurance in support of the high-quality audits that are valued by the companies that EY audits and the The EY Quality Enablement Leaders (QEL) network is capital markets. a group of senior Assurance leaders around the world who drive improvements in audit quality by providing Our people are our greatest asset in delivering support to engagement teams. quality and value and building trust. We are elevating their experiences, using data and technology, so they Their responsibilities include: coaching teams; can spend more time addressing risks and exercising supporting internal and external inspections; advising professional judgment. By applying cutting-edge teams on remediating the root causes of significant technologies and sophisticated data analytics, all audit deficiencies; driving practice and project while serving the public interest, our people are able management; supporting portfolio risk analyses; and to connect and contribute to the overall EY purpose implementing processes related to the EY system of of Building a better working world. quality management, including global AQIs. EYG member firms and their service lines are Using EY Canvas and Milestones (see page 12), as accountable for delivering high-quality engagements. well as ever more sophisticated artificial intelligence EY member firms’ service lines manage the overall (AI) tools, the QELs are able to build a picture of audit process for quality reviews of completed quality performance in real time. This, in turn, gives Transparency Report 2021 | 9
greater clarity over where resources should be used by member firm professionals to execute audits deployed to support audit teams and the companies consistently and effectively. The Global, Area, they audit. Regional and Country PPDs, together with other professionals who work with them in each member Professional Practice firm, are knowledgeable about EY people, clients and processes, and they are readily accessible for The Global Vice Chair of Professional Practice, consultation with audit engagement teams. referred to as the Global Professional Practice Director (PPD), is overseen by the Global Vice Chair Additional resources often augment the Global of Assurance and works to establish global audit Professional Practice group, including networks of quality control policies and procedures. Each of the professionals focused on: Area PPDs as well as the Global Delivery Service • Internal-control reporting and related aspects of center PPD is overseen by the Global PPD and the the EY audit methodology related Area Assurance Leader. This helps provide • Accounting, auditing and risk issues for specific greater assurance as to the objectivity of audit topics, industries and sectors quality and consultation processes. • Event-specific issues involving areas of civil and The Global PPD also leads and oversees the Global political unrest; pandemics; or sovereign debt Professional Practice group. This is a global network and related accounting, auditing, reporting and of technical subject-matter specialists in accounting disclosure implications and auditing standards who consult on accounting, • General engagement matters and how to work auditing and financial reporting matters; and perform effectively with audit committees various practice monitoring and risk management activities. Assurance Governance* * Illustrative to show global alignment; actual reporting lines may vary based on legal, regulatory and structural considerations The Global PPD oversees the development of the EY Global Audit Methodology (EY GAM) and related audit policies and technologies so that they are consistent with relevant professional standards and regulatory requirements. The Global Professional Practice group also oversees the development of the guidance, training and monitoring programs, and processes Transparency Report 2021 | 10
Risk Management adjust the handling of travel and events, enable a fully remote workforce and plan for recovery. Risk Management (RM) coordinates organization- With a robust GCMP in place, we were able to act wide activities designed to help EY people meet quickly to keep EY people safe — the top priority global and local compliance responsibilities and throughout the entire process. Throughout the support client-facing teams in delivering quality and pandemic, the GCMP team: exceptional client service. Responsibility for high- quality service and ownership of the risks associated • Created guidance for various stages of the with quality is placed with the member firms and pandemic and developed a resource library on their service lines. the Global Security SharePoint portal to serve as a centralized repository Among other things, the Global RM Leader helps • Maintained a daily list of high-risk locations and monitor the identification and mitigation of these provided a consolidated daily report for each risks, as well as other risks across the organization as Area part of the broader enterprise risk management • Produced a daily report for leadership on the (ERM) framework. The ERM priorities are Global, Area, Region and local impacts communicated to member firms. The GCMP also had a role in managing confirmed The Global RM Leader is responsible for establishing cases by: globally consistent risk management execution • Developing pandemic checklists for local crisis priorities and co-ordinating risk management across management teams to manage confirmed cases EY. in the workforce • Conducting training on how to respond to Member firm partners are appointed to lead risk confirmed cases management initiatives (supported by other staff and • Assisting Talent with contact tracking for professionals), including coordinating with the confirmed cases service lines on such matters. • Providing input and advice on travel, meetings There have been additional complexities as the world and events, resulting in several global directives continued to deal with the COVID-19 pandemic. This • Identifying international travelers to help them has required a coordinated response across EY via return to their home countries safely activation of the local crisis management plans Now that the focus has shifted to a safe return to the (CMPs) that reside in nearly all EY member firm office, the GCMP team has developed a recovery plan offices. CMPs detail specific actions to be taken to that includes: both protect the EY workforce and respond in the • Leading the effort to develop return-to-work event of a COVID-19 infection within an EY protocols and track the easing of government workspace. However, while individual offices had to restrictions deal with issues around contact tracing and safe • Creating a timeline for reopening offices workspace practices, there was a need to provide a set of uniform guidance across all EY Areas. Even • Determining worksite leader responsibilities and procedures for building management, office before the World Health Organization (WHO) declared setup, workspaces and meetings the existence of a pandemic, the EY Global Crisis • Establishing personal responsibilities including Management Program (GCMP) was activated. The office entry, workspaces, breaks and meetings GCMP allowed for the creation of a Steering Committee led by the Global RM Leader who • Developing a post-vaccine recovery plan convened key Global and Area leadership daily for six Global Confidentiality Policy months (and thereafter regularly but less frequently) to address issues relevant to all geographies and Protecting confidential information is ingrained in the service lines. everyday activities of EYG member firms. Respect for intellectual capital and all other sensitive and The Steering Committee issued regular guidance on restricted information is required by the EY Global EY’s COVID-19 response protocols and addressed Code of Conduct, which provides a clear set of issues related to travel, meetings and events as well principles to guide the behaviors expected of all as adoption and promotion of best practices, and those who work with EY. The Global Confidentiality relayed specific safe working practices guidance from Policy further details this approach to protect the WHO. Guidance is still being issued and risk information and reflect ever-changing restrictions on factors are being monitored during the second year the use of data. This policy provides added clarity for of the global pandemic. those who work with EY member firms and forms the In implementing the GCMP, the goal was to keep fundamental broader guidance that includes key people safe and informed, manage confirmed cases, policies on conflicts of interest, personal data privacy and records retention. Other guidance includes: Transparency Report 2021 | 11
• Social media guidance Components of our audit quality • Information-handling requirements control program In addition, the global policy on reporting fraud, In the following sections, we describe the principal illegal acts and other noncompliance with laws and components of the audit quality control program, regulations, and EY’s Global Code of Conduct which EY Russia follows: requires EY professionals to speak up on observing • Instilled professional values behavior that is believed to be a violation of a law or • Internal quality control system regulation, the applicable standard or EY’s Global Code of Conduct. This includes the unauthorized or • Client acceptance and continuance improper disclosure of confidential information. • Performance of audits • Review and consultation Global Personal Data Protection Policy • Rotation and long association The global policy on personal data protection • Audit quality reviews supports and builds upon provisions within the EY • External quality assurance reviews Global Code of Conduct, regarding respecting and • Root cause analysis protecting personal information, in accordance with • Compliance with legal requirements applicable law, regulatory frameworks and professional standards. This has been updated to be Instilled professional values consistent with the EU General Data Protection Regulation (GDPR) and other local regulations across Sustainable Audit Quality the globe. Quality is the foundation of our work and central to Cybersecurity EY member firms’ responsibility to provide confidence to the capital markets. This is reflected in Managing the risk of major and complex cyberattacks the Sustainable Audit Quality (SAQ) program, which is a part of conducting business for all organizations. continues to be the highest priority for EY member While no systems are immune from the threat of firms’ Assurance practices. cyberattacks, EY Russia is vigilant in the steps it takes to secure and protect client data. SAQ establishes a strong governance structure that enables each member firm to provide high-quality The EY approach to cybersecurity is proactive and audits. It is implemented locally, and coordinated and includes the implementation of technologies and overseen globally. The word “sustainable” in SAQ is processes necessary to manage and minimize used to demonstrate that this is not a one-off, short- cybersecurity risks globally. EY information security term initiative, but an ongoing process of and data privacy programs, consistent with industry improvement. practices and applicable legal requirements, are designed to protect against unauthorized access to There are six SAQ pillars: tone at the top; exceptional systems and data. There is a dedicated team of talent; simplification and innovation; audit cybersecurity specialists, who constantly monitor and technology and digital; enablement and quality defend EY systems. support; and accountability. These pillars are supported by a foundation of serving the public Beyond technical and process controls, all EY people interest. are required to annually affirm in writing their understanding of the principles contained in the EY Significant progress has been made through SAQ. EY Global Code of Conduct and their commitment to member firms’ internal and external inspection abide by them. There are also required security findings globally are improving, and there is greater awareness learning activities. Various policies outline consistency in execution. The trend in results also the due care that must be taken with technology and reflects the involvement of the QEL network and a data, including, but not limited to, the Global focus on culture and behaviors. Information Security Policy, and a global policy on EY has deployed leading technological tools that the acceptable use of technology. EY cybersecurity enhance the quality and value of EY audits, including policies and processes recognize the importance of the EY Canvas online audit platform, EY Helix timely communication. analytics platform and EY Atlas research platform. EY people receive regular and periodic EY Canvas facilitates the use of the “Milestones” communications reminding them of their project management functionality, which helps audit responsibilities outlined in these policies and of teams stay on pace with their audit execution and general security awareness practice. drive executive involvement. The EY Canvas Client Portal, which is a component of EY Canvas, magnifies its importance in having a secure and user-friendly Transparency Report 2021 | 12
platform in transmitting data between engagement communications. Senior leadership regularly teams and the companies audited while effectively reinforce the importance of performing quality work, monitoring the pacing of the audit. This suite of tools complying with professional standards, adhering to played a key role in helping EY navigate this past EY policies and leading by example. In addition, EY year: having the right technology and tools in place member firms assess the quality of professional for EY audit teams to work together effectively in a services provided as a key metric in evaluating and remote environment continues to be a key success rewarding EY professionals. factor and differentiator. The EY culture strongly supports collaboration and Additionally, EY Helix and the entire suite of data places special emphasis on the importance of analytic tools represent key ways to address the risk consultation in dealing with complex or subjective of fraud in audit execution. Increasing the required accounting, auditing, reporting, regulatory and use of these tools provides a more robust response to independence matters. We believe it is important to audit risks associated with companies facing determine that engagement teams and clients economic challenges, especially in light of the correctly follow consultation advice, and we pandemic. Broader adoption of these data analytic emphasize this when necessary. tools is occurring this year. EY Atlas is a cloud-based platform for accessing and The consistent stance of EY Russia has been that searching accounting and auditing content, including no client is more important than our professional external standards, EY interpretations and thought reputation — the reputation of EY Russia and the leadership. reputation of each of our professionals. Current SAQ initiatives are focused on supporting EY teams in understanding the business of the companies audited. By leveraging data and Global Code of Conduct technology and executing enhanced engagement risk assessment, EY is continuing to drive quality audit We promote a culture of integrity among our execution. Additionally, we a building a network of professionals. The EY Global Code of Conduct coaches to actively support engagement teams in provides a clear set of principles that guide our staying on track with respect to the pace of their actions and our business conduct and are to be audits, drive timely executive involvement and followed by all EY personnel. The EY Global Code of providing positive direction and enablement when Conduct is divided into five categories: necessary. • Working with one another Audit quality is something that every team member • Working with clients and others must understand and be committed to implementing • Acting with professional integrity locally. SAQ is essential to all our goals and • Maintaining our objectivity and independence ambitions, and each Regional and Area leader has a • Protecting data, information and intellectual role in achieving these goals. capital The SAQ infrastructure demonstrates that audit Through our procedures to monitor compliance with quality is the single most important factor in our the EY Global Code of Conduct and through frequent decision-making and the key measure on which our communications, we strive to create an environment professional reputation stands. that encourages all personnel to act responsibly, including reporting misconduct without fear of Tone at the top retaliation. EY Russia’s leadership is responsible for setting the right tone at the top and demonstrating EY’s Whistleblowing commitment to building a better working world The EY Ethics Hotline provides EY people, clients and through behavior and actions. While the tone at the others outside of the organization with a means to top is vital, EY people also understand that quality confidentially report activity that may involve and professional responsibility start with them and unethical or improper behavior, and that may be in that within their teams and communities, they are violation of professional standards or otherwise leaders too. EY shared values, which inspire EY inconsistent with the EY shared values or Global Code people and guide them to do the right thing, and the of Conduct. EY commitment to quality are embedded in who we are and in everything we do. When a report comes into the EY Ethics Hotline, either by phone or internet, it receives prompt The EY approach to business ethics and integrity is attention. Depending on the content of the report, contained in the EY Global Code of Conduct and other appropriate individuals from Risk Management, policies and is embedded in the EY culture of Talent, Legal or other functions are involved in consultation, training programs and internal Transparency Report 2021 | 13
addressing the report. The same procedures are followed for matters that are reported outside of the Our values: who we are EY Ethics Hotline. People who People with People who Diversity and inclusiveness demonstrate energy, build EY has a long-standing commitment to diversity and integrity, enthusiasm relationships respect, and the based on inclusiveness (D&I). This commitment to building teaming and courage doing the high-performing, diverse and inclusive teams is inclusiveness to lead right thing especially important in audit, where diverse 1 2 3 perspectives drive professional skepticism and critical thinking. Greater diversity and inclusive environments drive better decision-making, stimulate Internal quality control system innovation and increase organizational agility. Structure EY has been on a D&I journey for decades, and while substantial progress has been made, under the global EY Russia’s reputation for providing high-quality NextWave strategy and ambition EY has committed to professional audit services independently, objectively increasing D&I progress throughout the organization. and ethically is fundamental to our success as The Global Executive has made a visible commitment independent auditors. We continue to invest in to EY people and to the market to accelerate D&I at initiatives to promote enhanced objectivity, EY through signing the Global Executive Diversity & independence and professional skepticism. These are Inclusion Statement. Not only does this reinforce that fundamental attributes of a high-quality audit. D&I is a key business lever, it ensures that EY At EY Russia, our role as auditors is to provide member firms hold themselves accountable for assurance on the fair presentation of the financial progress, starting with the tone at the top. statements of the companies audited. We bring There has been a particular focus on promoting together qualified teams to provide audit services, gender diversity over recent years. In 2021, 36.8% of drawing on our broad experience across industry new audit partners, globally, were women. A strong sectors and services. We continually strive to improve pipeline of female leadership has been built, quality and risk management processes so that the supported by 52.4% of all audit hires across the globe quality of our service is at a consistently high level. in 2020 being female. In today’s environment, characterized by continuing Inclusive organizations maximize the power of all globalization, rapid movement of capital and the differences. Employees need to feel they are working impact of technological changes, the quality of our for an organization that not only values them as audit services has never been more important. As individuals, but also sees differences as strengths part of NextWave, there is a continued and strong and values their contributions. Fostering this sense of investment in the development and maintenance of belonging is critical to helping the EY organization the EY audit methodology, tools and other resources attract the most talented individuals, and helping our needed to support high-quality audits. professionals stay motivated and engaged. In the November 2020 employee listening survey, While the market and stakeholders continue to 82% of auditors said the EY organization prepares demand high-quality audits, they also demand an them to work effectively with clients and colleagues increasingly effective and efficient delivery of audit from different countries and cultures, and 86% services. In addition to the investments mentioned, agreed that the people they work with make them EY continues to seek ways to improve the feel that they belong to a team. effectiveness and efficiency of its audit methodology and processes, while improving audit quality. Leaders across EY make D&I a priority and it is a key metric across all the organization’s talent EY works to understand where member firms’ audit management programs. To enable greater quality may not be up to their own expectations and accountability across the EY organization, the Global those of stakeholders, including independent audit D&I Tracker helps track progress with consistent regulators. This includes seeking to learn from diversity and inclusiveness metrics and reporting external and internal inspection activities and to across the organization globally. EY also created the identify the root causes of adverse quality Global Social Equity Task Force (GSET) to develop occurrences to enable a continual improvement of cohesive action plans specifically addressing inequity audit quality. and discrimination, including racism. It includes EY leaders with a wide range of backgrounds and perspectives, spanning geographies, service lines and functions. Transparency Report 2021 | 14
Effectiveness of the quality control system Update to the control framework – ISQM 1 EY has designed and implemented a comprehensive In September 2020, the IAASB approved a quality set of global audit quality control policies and management standard that includes significant practices. These policies and practices meet the changes to the way professional accountancy firms requirements of the International Standards on manage quality. The International Standard on Quality Control issued by the International Auditing Quality Management 1 (ISQM 1) will replace the and Assurance Standards Board (IAASB). EY Russia current International Standard on Quality Control 1 has adopted these global policies and procedures and (ISQC 1) and requires a more proactive and risk- has supplemented them as necessary to comply with based approach to managing quality at the firm level. local laws and professional guidelines, and to address ISQM 1 requires firms to design, implement, monitor specific business needs. and evaluate the overall system of quality We also execute the EY Audit Quality Review (AQR) management (SQM) that provides reasonable program to evaluate whether our system of audit assurance a firm will meet prescribed quality quality control has operated effectively to provide objectives. reasonable assurance that EY Russia and our people The standard includes more robust requirements for comply with applicable professional standards, the governance, leadership and culture of internal policies and regulatory requirements. professional accountancy firms, and introduces a risk assessment process for firms to assess risks to The results of the AQR program and external achieving quality objectives and design responses inspections are evaluated and communicated within that address those risks. It also requires more EY Russia to provide the basis for continual extensive monitoring of the SQM to identify improvement in audit quality, consistent with the deficiencies that require corrective actions and to highest standards in the profession. provide the basis for evaluating the overall The Global Executive has responsibility for the effectiveness of the SQM. coordination of quality improvement implementation. The EY approach is to design an SQM that is As such, it reviews the results of the internal AQR consistently applied across the entire network of program and external audit firm regulatory reviews, member firms to promote consistent engagement as well as any key actions designed to address areas quality and operating effectiveness. This is especially for improvement. important in a global economy where many audits are The recent results of such monitoring, together with transnational and involve the use of other EY feedback from independent audit regulators, provide member firms. EY Russia with a basis to conclude that our internal The standard requires firms to design and implement control systems are designed appropriately and are a system of quality management by December 2022. operating effectively. EY Russia has commenced work to implement the new standard alongside the EY System of Quality Audit quality indicators Management transformation program. Our initial Audit quality is not defined in professional standards, steps have included: and stakeholders may have different views on how it • Identifying the functions and service lines that should be measured. While no single reportable provide support for, or perform engagements metric or set of metrics can be viewed as a sole within the scope of ISQM 1 indicator of audit quality, a set of metrics can be used • Establishing a program governance structure to to give an indication of audit quality. manage design and implementation of a system Assurance leadership monitors the execution of the of quality management that complies with ISQM EY strategy and vision by local geographies through a 1 with representatives from various functions and service lines combination of metrics or audit quality indicators (AQIs). These include: external and internal • Identifying and assessing quality risks, and documenting responses in accordance with the inspection results; Milestones performance; people network-developed approach surveys; and retention rates. • Identifying and understanding network resources AQI dashboards help to inform the leadership about and their implementation or use by the country whether particular actions are having the intended in its SQM effect, to provide an early warning where • Challenging and identifying enhancements to the intervention is warranted and to support the existing quality control system to achieve effectiveness of the overall EY system of quality compliance with the new standard management. We believe that implementing the requirements within ISQM 1 will be useful to improving quality at Transparency Report 2021 | 15
the firm and engagement level, because an effective efficiently coordinating client and engagement system of quality management is foundational to acceptance and continuance activities in line with achieving consistent engagement quality. global, service line and member firm policies. PACE takes users through the acceptance and continuance Client acceptance and continuance requirements, and identifies the policies and references to professional standards needed to Global policy on client and engagement assess both business opportunities and associated acceptance risks. The EY global policy on client and engagement As part of this process, we carefully consider the risk acceptance sets out principles for member firms to characteristics of a prospective client or engagement determine whether to accept a new client or a new and the results of due diligence procedures. Before engagement, or to continue with an existing client or taking on a new engagement or client, we determine engagement. These principles are fundamental to whether we can commit sufficient resources to maintaining quality, managing risk, protecting EY deliver quality service, especially in highly technical people and meeting regulatory requirements. The areas, and if the services the client wants are objectives of the policy are to: appropriate for us to provide. The approval process is • Establish a rigorous process for evaluating risk rigorous, and no new audit engagement may be and making decisions to accept or continue accepted without the approval of Regional or clients or engagements local PPD. • Meet applicable independence requirements In the EY annual client and engagement continuance • Identify and deal appropriately with any conflicts of interest process, we review our service and ability to continue to provide a quality service, and confirm that clients • Identify and decline clients or engagements that share EY Russia’s commitment to quality and pose excessive risk transparency in financial reporting. The lead audit • Require consultation with designated engagement partner of each audit, together with our professionals to identify additional risk management procedures for specific high-risk Assurance leadership, annually reviews our factors relationship with the audit client to determine whether continuance is appropriate. • Comply with legal, regulatory and professional requirements As a result of this review, certain audit engagements The acceptance and continuance procedures address are identified as requiring additional oversight the risks relating to the client’s compliance with procedures during the audit (close monitoring), and money laundering regulations. some audit clients are discontinued. As with the client acceptance process, our country PPD is In addition, the EY global policy on conflicts of involved in the client continuance process and must interest defines global standards for addressing agree with the continuance decisions. categories of potential conflicts of interest and a Decisions about acceptance or continuance of clients process for identifying them. It also includes and engagements consider the engagement team’s provisions for managing potential conflicts of interest assessment of several risk factors across a broad as quickly and efficiently as possible, using range of categories including management’s attitude, appropriate safeguards. Such safeguards may include internal controls and related parties. obtaining client consent to act for another party where a conflict of interest may exist, establishing separate engagement teams to act for two or more parties, implementing appropriate separations between engagement teams or declining an engagement to avoid an identified conflict. The EY global policy on conflicts of interest and associated guidance consider the increasing complexity of engagements and client relationships, and the need for speed and accuracy in responding to clients. They also align with the latest International Ethics Standards Board for Accountants (IESBA) standards. Putting policy into practice We use the EY Process for Acceptance of Clients and Engagements (PACE), an intranet-based system, for Transparency Report 2021 | 16
Performance of audits both auditing standards and EY policies. The forms and examples include leading practice illustrations EY continuously invests in improving audit and assist in performing and documenting audit methodologies and tools, with the goal of performing procedures. the highest-quality audits in the profession. This investment reflects the EY commitment to building EY GAM can be “profiled” or tailored to present the trust and confidence in the capital markets, and in relevant requirements and guidance, depending on economies the world over. the nature of the entity being audited — e.g., there are profiles for listed entities and for those Working in a virtual world considered non-complex entities. There are two types of consideration when delivering EY GAM has been transformed with a new approach a high-quality audit in an increasingly virtual business that puts data at the heart of the audit. Known as environment. The first category includes how EY Digital GAM, this methodology facilitates the analysis member firms work, how their people can work of full populations of an organization’s data to remotely in an effective way, and how that can produce a fuller picture of the business, driving impact their own risks. The second category covers higher quality through a data-first audit approach. how businesses are evolving to work in a virtual world, where transactions are carried out online, Digital GAM enhances and often replaces the across borders, without the need for physical traditional audit testing approach with new, risk- interaction. based, technology-enabled techniques that simplify and refine the focus of EY auditors on to relevant EY Russia understands the risks that a virtual world risks. In turn, EY auditors can analyze whole can have on the way its people work; this populations of an organization’s data from multiple incorporates concerns about mental health and well- perspectives, building a body of evidence and being, and the need to establish an appropriate producing a deeper view into the operational work/life balance for an individual. However, it is also environment. understood that the businesses that EY Russia works with face similar issues. High turnover of staff can Other enhancements have been made to address create risks, and evolving business practices can emerging auditing issues and matters, create new risks, which in turn requires an evolution implementation experiences and external and in audit planning and practices. internal inspection results. Recently, enhancements have been made to EY GAM to emphasize the holistic Audit methodology approach to identifying, assessing and responding to fraud risks. This approach includes applying the fraud EY GAM provides a global framework for delivering triangle as a lens on the information obtained from high-quality audit services through the consistent our risk assessment procedures. This approach also application of thought processes, judgments and emphasizes evaluating the results of our audit procedures in all audit engagements, regardless of procedures in the context of responding to the risk of the size. EY GAM also requires compliance with material misstatement in the financial statements relevant ethical requirements, including due to fraud. independence from the audited entity. Making risk assessments; reconsidering and modifying them as In addition, current and emerging developments are appropriate; and using these assessments to monitored, and timely audit planning and execution determine the nature, timing and extent of audit communications are issued that emphasize areas procedures are fundamental to EY GAM. The noted during inspections as well as other key topics methodology also emphasizes applying appropriate of interest to local audit regulators and the professional skepticism in the execution of audit International Forum of Independent Audit Regulators procedures. EY GAM is based on International (IFIAR). With respect to the impact that COVID-19 is Standards on Auditing (ISAs) and is supplemented in having on the global economy, we continue to refresh Russia to comply with Russian regulatory or guidance to address the accounting and financial statutory requirements. reporting concerns that audited entities are facing, as well as audit considerations when performing Using an online tool, EY Atlas, an EY auditor is audits in the current environment. presented with a version of EY GAM, organized by topic, and is designed to focus the audit strategy on the financial statement risks, and the design and execution of the appropriate audit response to those risks. EY GAM consists of two key components: requirements and guidance; and supporting forms and examples. The requirements and guidance reflect Transparency Report 2021 | 17
You can also read