Third Country Audit Entities

1. Why do third-country auditors and audit entities have to register with authorities in Member States?

The EU Statutory Audit Directive (“Directive 2006/43/EC”) sets the minimum regulatory requirements for statutory audits across the European Union/European Economic Area (“EU/EEA”). The interrelation of capital markets underlines the need to ensure that auditors/audit entities from third countries carry out high quality audit work in relation to capital markets within the EU/EEA. Directive 2006/43/EC, therefore, requires that the relevant statutory audit entities and auditors from third countries should be entered on a public register, and subject to a level of regulation equivalent to the minimum required for EU/EEA auditors. In addition the European Commission has made transitional measures to facilitate the introduction of these new requirements.

Registration is required according to Article 45 of Directive 2006/43/EC if a third-country auditor or audit entity provides an audit report concerning the annual or consolidated accounts of a relevant audit client (see FAQ no. 3.). According to Article 2 (4) of Directive 2006/43/EC a ‘third-country audit entity’ means an entity, regardless of its legal form, which carries out audits of the annual or consolidated accounts of a company incorporated in a third-country.

Should the third country auditor or audit entity fail to comply with the registration requirement, the issued auditor’s opinion will not be legally valid in the EU.

top

2. Who should use this Form? [Item 1.0]

Form A can only be used by a third-country auditor or audit entity whose home country is one of the third countries to which the European Commission has granted a transitional period under the Decision 2008/627/EC in accordance with Article 46(2) of the Directive 2006/43/EC. These third countries are Argentina, Australia, Bahamas, Bermudas, Brazil, Canada, Cayman Islands, Chile, China, Croatia, Guernsey, Jersey, Isle of Man, Hong Kong, India, Indonesia, Israel, Japan, Kazakhstan, Malaysia, Mauritius, Mexico, Morocco, New Zealand, Pakistan, Russia, Singapore, South Africa, South Korea, Switzerland, Taiwan, Thailand, Turkey, Ukraine, United Arab Emirates, and United States of America.

The home country is ordinarily the country where the third-country auditor or audit entity and the audit client are incorporated or have their main office. In cases where the country of incorporation of the audit client differs from the country where the third country auditor or audit entity is incorporated or has its main office, you should contact IAASA at info@iaasa.ie for further guidance.

According to the EU Statutory Audit Directive ("Directive 2006/43/EC") a third country auditor or audit entity is "an entity, regardless of its legal form, which carries out audits of the annual or consolidated accounts of a company incorporated in a third country".

top

3. What is a “relevant audit client”? [Item 7.0]

For the purposes of registration in Ireland, a relevant audit client is a company incorporated outside the EU/EEA whose transferable securities are admitted to trading on a regulated market in Ireland within the meaning of point 14 of Article 4(1) of Directive 2004/39/EC. This refers to an issuer as defined in Article 2(1)(d) of Directive 2004/109/EC, except when:

a. the company is an issuer exclusively of debt securities admitted to trading on a regulated market in Ireland within the meaning of Article 2(1)(b) of Directive 2004/109/EC, the denomination per unit of which is at least €50,000 or, in case of debt securities denominated in another currency, equivalent, at the date of issue, to at least €50,000; or

b. the company is an issuer exclusively of units issued by collective investment undertakings other than closed-end type, or units acquired or deposited of in such collective investment undertakings within the meaning of Article 1 (2) of Directive 2004/109/EC.

Applicants should only include audit clients for which they have been appointed as statutory auditor of the annual accounts in respect of financial years starting after 29 June, 2008. Applicants should submit applications in each Member State where the audit client's securities are admitted to trading on a regulated market.

top

4. Does registration entitle third-country auditors/audit entities to provide statutory audit services in the EU/EEA?

No. Registration does not confer approval/authorisation to carry out statutory audits as required by Community law (see Article 2(1) of Directive 2006/43/EC). Nor does it recognise the qualifications of third-country auditors.

top

5. What are the requirements for registration as a third-country auditor/audit entity under the Commission Decision on transitional provisions?

The Commission Decision states that Member States shall not apply Article 45 in respect of the audit reports of the relevant issuers for financial years starting during the period from 29 June, 2008 to 1 July, 2010, issued by auditors or audit entities from specified third countries where the third-country auditor or audit entity concerned provides:

(a) the name and address of the auditor or audit entity concerned and information about its legal structure;

(b) where the auditor or the audit entity belongs to a network, a description of the network;

(c) the auditing standards and independence requirements which have been applied to the audit concerned;

(d) a description of the internal quality control system of the audit entity;

(e) an indication of whether and when the last quality assurance review of the auditor or audit entity was carried out and necessary information about the outcome of the review.

These requirements are reflected in the information required on Form A.

top

6. How does a third-country auditor/audit entity apply for registration in the EU/EEA?

The Directive does not provide for a single registration across the EU/EEA, although Member States are cooperating closely on the implementation of these requirements. Therefore, registration is the responsibility of each Member State. Applications must be made with the relevant competent authority in each Member State where a registration is required.

In Ireland, applications under the European Communities (Transitional Period Measures in respect of Third Country Auditors) Regulations 2009, which give effect to the Commission Decision 2008/627/EC should be submitted to the Irish Auditing and Accounting Supervisory Authority (‘IAASA’)

top

7. When will third-country auditors/audit entities be able to apply for registration in the EU/EEA?

In accordance with Regulation 1(2) of the European Communities (Transitional Period Measures in respect of Third Country Auditors) Regulations 2009 IAASA will accept applications for third country auditor registration under the Commission Decision 2008/627/EC of 29 July, 2008 from the 26 June, 2009.

top

8. Will the information submitted by the third-country auditor/audit entity be treated as confidential?

Yes. According to Article 36(2) of Directive 2006/43/EC the obligation of professional secrecy shall apply to all persons who are employed or who have been employed by competent authorities. In particular, this applies with regard to the outcome of an external quality assurance review in accordance with Article 1(1)(e) of the Commission Decision. Information covered by professional secrecy may not be disclosed to any other person or authority except by virtue of the laws, regulations or administrative procedures of a Member State. Some information will be stored in the register in electronic form and shall be electronically accessible to the public (see FAQ no. 18).

top

9. Will the information submitted by the third-country auditor/audit entity be subject to data protection rules?

Yes. All authorities in the Member States are subject to data protection provisions according to Directive 95/46/EC. However, some information will be publicly available in the register (see FAQ no. 18).

top

10. Which countries are members of the EU/EEA? [Item 1.0]

Members of the EU: Austria, Belgium, Bulgaria, Cyprus, Czech Republic, Denmark, Estonia, Finland, France, Germany, Greece, Hungary, Ireland, Italy, Latvia, Lithuania, Luxembourg, Malta, Netherlands, Poland, Portugal, Romania, Slovakia, Slovenia, Spain, Sweden, United Kingdom. Members of the EEA that are not members of the EU: Iceland, Liechtenstein and Norway.

top

11. What language should be used for registration purposes?

Applications to IAASA for registration under the European Communities (Transitional Period Measures in respect of Third Country Auditors) Regulations 2009 should be in English.

top

12. What is a network? [Item 2.0]

According to Article 2(7) of Directive 2006/43/EC a ‘network’ is:

(a) the larger structure which is aimed at cooperation and to which the applicant belongs, and

(b) which is clearly aimed at profit- or cost-sharing or shares common ownership, control or management, or shares common quality-control policies and procedures, or shares a common business strategy, or shares the use of a common branch-name or shares a significant part of professional resources.

top

13. What is the difference between a registration as a third-country auditor/audit entity and registration as an audit firm in a Member State of the EU/EEA? [Item 4.0]

An entity should apply as a ‘third-country auditor/audit entity’ with a member state of the EU/EEA when it meets the criteria of FAQ no. 1. However, it is possible that a third-country auditor/audit entity may also be registered as an ‘audit firm’ in a member state of the EU/EEA when it wishes to carry out audits of annual accounts or consolidated accounts required by the law of that member state (‘statutory audit according to Article 2 (1) of Directive 2006/43/EC’). Statutory audits may only be carried out by audit firms which are approved by the member state requiring the statutory audit (see Article 3 (1) of Directive 2006/43/EC).

top

14. What should be included in the description of the applicant’s internal quality control system? [Item 5.0]

A description of the applicant’s internal quality control system should include at least a description of:

• the policies designed to provide reasonable assurance that the firm and its personnel comply with professional standards and regulatory and legal requirements, and that reports issued by the firm or engagement partners are appropriate in the circumstances, and

• the procedures necessary to implement and monitor compliance with these policies.

top

15. What is an external quality assurance review? [Item 6.0]

The external quality assurance review can be:

• a peer review under the supervision of a professional body or an independent public oversight body,

• a review carried out by a professional body,

• a review carried out by a professional body under the supervision of an independent public oversight body, or

• an inspection by an independent public oversight body in any jurisdiction.

The external quality assurance review should comprise both an assessment of the firm-wide procedures (including compliance with applicable auditing standards and independence requirements, of the quantity and quality of resources spent, of the audit fees charged and of the internal quality control system of the audit firm) and adequate testing of selected audit files.

top

16. What is “necessary information”? [Item 6.10]

Applicants should provide information as to the outcome, the main shortcomings, and the main measures the applicant has undertaken to address the shortcomings and to prevent them from recurring. Where possible the applicant should provide a full copy of the last quality assurance review report, e.g. an inspection report issued by the competent body in the home country.

top

17. What information provided in the form will be available on the public register?

The information provided under Items 1.1, 1.4 to 1.8 and 1.10 of Form A will be stored in the register in electronic form and shall be electronically accessible to the public.

top

18. Is there a registration fee?

A fee of €2,000 will be charged for each application, received on or after 1 June 2010, for registration under the Commission Decision 2008/627/EC and such fee is payable on submission of the application form.

Applicants should pay the fee by a direct bank transfer (in euro) or by Euro cheque payable to the Irish Auditing and Accounting Supervisory Authority. Please email us at info@iaasa.ie. for further information on the direct bank transfer method.

top

19. What does the third country auditor/audit entity need to do to update registration information?

According to Regulation 4 of the European Communities (Transitional Period Measures in respect of Third Country Auditors) Regulations 2009, third country audit entities must notify the Authority of any change in information listed in the subparagraphs (a) to (e) of Article 1(1) of the Commission Decision 2008/627/EC.

In practice, IAASA would expect to be notified, of any amendments to the information, as provided under Articles 1(1) (a) to (e) of the Commission Decision 2008/627/EC, within one month from the relevant amendment.

top