Sharp increases in the number of multinational audits being performed by U.S. accounting firms means that more CPAs are performing services under the International Federation of Accountants (IFAC) audit and attest standards. Although auditors must comply with the specific standards adopted in each jurisdiction, familiarity with IFAC’s International Ethics Standards Board for Accountants (IESBA) Code of Ethics for Professional Accountants (IESBA Code) in addition to the AICPA Code of Professional Conduct (AICPA Code) is a critical first step. When specifications differ, members should comply with the more restrictive of the applicable standards.
This article compares the AICPA and IESBA codes and highlights the AICPA’s efforts to codify the AICPA ethics standards and align them with the international standards.
COMPARING THE AICPA CODE TO THE GLOBAL STANDARD
The IESBA Code sets the global standard for the accountancy profession. The Code, available at tinyurl.com/372k2wg, was updated and revised in July 2009. The revisions clarified the requirements for all professional accountants and significantly strengthened the independence requirements. The new code is effective Jan. 1, 2011, with early adoption permitted. Several transitional provisions have been incorporated to allow professionals and firms time to implement the more stringent standards.
More similar than different. The IESBA and AICPA codes are more similar than different although some differences are significant. Though this article will focus mainly on the differences, in many cases, applying the codes to the same fact pattern will yield similar results. Also, some differences reflect formatting approaches and drafting conventions. For example, the IESBA Code is divided into three parts: Part A applies to all professional accountants; Part B, only to persons in public accounting; and Part C, to persons in business, in other words, everyone who is not in public practice. The AICPA does not apportion its principles and rules in this manner. Other differences are more substantive.
As for similarities, both codes address areas such as independence, due care, confidentiality and the truthful reporting of information. The principles underlying each code are also similar except that the IESBA addresses confidentiality and marketing as principles (the latter under professional behavior), applicable to all professionals, whereas the AICPA Code includes these as rules applicable to members in public practice. The IESBA ethics requirements for professional accountants in business, such as corporate accountants, are much like those found in the AICPA Code although certain IESBA guidance is more comprehensive (for example, inducements, acting with sufficient expertise).
Principles vs. rules. The IESBA Code is often referred to as a principles-based code while many consider the AICPA Code to be more rules based. Similar to comparisons made between IFRS and U.S. GAAP, these descriptions can be misleading. Professional accountants are required to comply with the fundamental principles of the IESBA Code and apply a “conceptual framework approach” to determine their compliance with the fundamental principles whenever they know (or should know) that circumstances or relationships may compromise their compliance (§ 100.08). While the onus is on the professional accountant to do this, the bulk of the IESBA Code describes how the conceptual framework applies in specific situations, for example:
How providing nonassurance services (such as valuations) to an audit client may threaten an accounting firm’s independence.
How receiving gifts or other inducements from a superior may threaten a corporate accountant’s objectivity.
Like the AICPA Code, the IESBA Code provides guidance for the more common—but certainly not all—practice situations. In all other instances, once a threat is identified, the IESBA requires a professional accountant to:
(i) Evaluate the significance of the threat (that is, determine whether the threat is at an acceptable level, meaning the threat would not compromise or appear to compromise the accountant’s compliance with the principle(s)) and
(ii) If the threat is insignificant (that is, at an acceptable level), no further evaluation is required, or
(iii) If the threat is significant (that is, not at an acceptable level), consider whether safeguards could eliminate or sufficiently reduce the threat to an acceptable level, and
Apply safeguards, as necessary, to eliminate or sufficiently reduce the threat to an acceptable level, or
Decline to perform (or discontinue) the engagement or professional services.
The sidebar “Threats and Safeguards” (at bottom of page) defines the terms and provides examples of each.
Despite the principles vs. rules argument, the IESBA Code does contain de facto rules; in several instances the Code states that the threats are so significant that no safeguards can be applied to reduce or eliminate threat(s) to an acceptable level. For example, an audit team member could not own stock in his or her client and apply safeguards to mitigate the threat to independence because the IESBA Code prohibits audit team members from investing in their clients (§ 290.104). In other words, it explicitly states that the threat to independence is insurmountable.
Differences in approach. Overall, the codes take somewhat different approaches. The IESBA uses the conceptual framework approach (described above) to evaluate ethical conduct throughout its code; the AICPA only requires members to use this approach if the rules do not address their situation. See the Conceptual Framework for AICPA Independence Standards (ET § 100.01 of the AICPA Code)—the “AICPA Conceptual Framework.” Under guidance issued by the AICPA in 2009, members also have the option of applying the Conceptual Framework approach when other rules in the Code do not address their situations. (See Guide for Complying with Rules 102–505 at tinyurl.com/34wyyzn).
Topics addressed. As mentioned, the codes address many of the same topical areas. However, some differences exist. For example, the AICPA Code dictates how members in public practice may structure and name their accounting practices (ET § 505) and describes several “discreditable acts” that violate the Code (ET § 501); the IESBA does not. Likewise, the IESBA Code includes three topics (outside of the independence area) for professional accountants in public practice that are not specifically addressed in the AICPA Code (see Exhibit 1).
Comparing independence. The IESBA Code discusses certain potential independence matters that do not appear in the AICPA independence rules. Examples include Long Association of Senior Personnel (Including Partner Rotation) with a Client (§§ 290.150–.155) and Fees—Relative Size (§§ 290.220–.222). So, for example, a member concerned about the significance of his or her audit fee would apply the AICPA Conceptual Framework (because no AICPA independence rule exists on the subject). Since both codes base their independence standards on the conceptual framework approach, the member should achieve a similar result applying the AICPA Code as he or she would applying the IESBA Code (see sidebar, “Application of the AICPA Conceptual Framework vs. Certain Comparable Provisions in the IESBA Code,” at bottom of page).
Public interest entities. The IESBA Code imposes additional independence provisions that reflect the public’s keen interest in certain types of entities. Public interest entities—or “PIEs”—are listed entities (for example, entities whose securities are listed on a recognized stock exchange) and entities whose auditors are required by law or regulation to comply with the same independence requirements as listed entities, which depending on the jurisdiction, may include certain banks or pension funds. Additional provisions fall into the following areas:
Employment of audit team member or senior/managing partner (one-year “cooling off” period);
Long association of senior audit personnel with audit client;
Information technology system design or implementation services;
Recruitment services; and
The AICPA rules do not include similar provisions for PIEs in these areas; however, the Code broadly requires members to comply with more restrictive rules applicable to their engagements, which can bring about similar results as the IESBA PIE rules. For instance, if B Company lists its common stock on the New York Stock Exchange, it would be considered a PIE under IESBA standards. A member auditing B Company who complies with the independence rules of the SEC and the PCAOB would also be in compliance with the AICPA and the IESBA codes because the SEC/PCAOB rules are as stringent (in some cases, more so) than the IESBA requirements.
Split-level independence. The IESBA also splits its independence requirements into two sections. The first—section 290—provides the strongest proscriptions and applies to audits and reviews of financial statements. The other—section 291—provides generally less restrictive independence standards that apply to all other assurance engagements. The AICPA does not bifurcate its independence standards; however, a very narrow exception exists for certain restricted-use reports issued under the Statements on Standards for Attestation Engagements (SSAEs), and a newly adopted standard on network firms applies only to financial statement audit and review engagements.
Exhibit 2, “IESBA Independence Requirements in § 290 That Generally Exceed AICPA Requirements,” highlights provisions in IESBA Section 290, Independence—Audit and Review Engagements, that are generally more stringent than relevant provisions of the AICPA Code (ET § 101, Independence). Exhibit 3, “AICPA Independence Requirements That Generally Exceed IESBA Requirements,” lists AICPA provisions that are generally more restrictive than the comparable IESBA provisions.
AICPA CODIFICATION AND CONVERGENCE PROJECTS
As a member body of IFAC, the AICPA agrees to have ethics standards that are at least as stringent as the IESBA standards. Since 2001, the AICPA Professional Ethics Executive Committee (PEEC) has undertaken certain convergence projects to align the AICPA Code with the IESBA Code (for example, network firms, AICPA Conceptual Framework). Efforts are ongoing and currently include initiation of a task force to evaluate the IESBA provisions for members in business and industry and another to review the application of independence rules to affiliates of an attest client.
Meaning of convergence. “Convergence” in this context means PEEC may propose new or revised interpretations of AICPA rules if they are less strict than comparable guidance in the IESBA Code. Any proposed changes to the Code follow full due process under the AICPA bylaws, which includes exposure of the proposed standard to the membership and consideration of all comments at PEEC meetings that are open to the public. Convergence does not mean that PEEC will adopt lower standards when the IESBA standards are less strict.
Ethics Codification Project. In December 2008, the AICPA launched an Ethics Codification Project to reformat and enhance its ethics literature. Today, the literature exists in multiple locations, such that similar subject matters are sometimes disjointed, making it difficult for members to know for certain whether they have considered all the relevant matters. Similar to the FASB Accounting Standards Codification, the AICPA ethics literature will be put into a logically structured, topical format and redrafted using consistent wording conventions and styles. PEEC is re-evaluating ethics guidance that is outside the AICPA Code (for example, informal AICPA staff positions and basis for conclusions documents, which carry no authority but provide helpful guidance or background on the rules) to determine whether that guidance should be proposed for inclusion in the Codification as part of the authoritative standards.
The primary objective of the Codification Project is to improve the Code by making it topical and easier to use. Other important goals are to improve research capability through technology and to enhance the clarity of the Code. At the time this article was developed, PEEC’s Codification Task Force was considering the IESBA Code as a structural model for the Codification. AICPA members who perform audit and attest services under IFAC standards may find it simpler to understand any differences and comply with both codes if they are structured similarly. This approach is also consistent with recommendations in the U.S. Treasury Department’s Advisory Committee on the
Auditing Profession’s October 2008 report to promote the understanding of and compliance with professional independence requirements.
Member and other constituent feedback. Due to the significant changes PEEC expects to make to the style and structure of the AICPA Code, the committee will expose the Codification to the membership and consider those comments before adopting the new Code. PEEC will also communicate with and request input from constituent groups, including AICPA members, state boards of accountancy, CPA societies, accounting regulators and others, to keep them informed about the proposed changes and solicit their feedback.
The Codification Project is scheduled to be completed in about two years. Members and other interested parties are encouraged to relay their comments and questions about this project to PEEC at email@example.com.
Threats and Safeguards