Modern Format of Audit Activity Regulation
Abstract: The focus of this article is the paradigm of regulation of auditing activities at the present stage. The subject of the study is a number of provisions of the Concept of development of auditing activities until 2024. This program document determined the further vector of development of state regulation and self-regulation of auditing activities. The separate novelties of the legislation in the context of the modern format of regulation of audit activity are analyzed. The article summarizes the emergence of a "regulatory triangle" in the audit services market in connection with the granting of control powers to the Bank of Russia, which leads to excessive regulation of auditing activities. The main changes in the institute of self-regulation of auditing activities are noted: updating the conceptual apparatus, abandoning standardization and the numerical composition of the self-regulating organization. The article provides an assessment of a two-level system of requirements imposed on the subjects of audit activity. Positively assessing the institution of mandatory requirements, the author of the article is skeptical about the second direction of regulation - recommendations. Consideration of the recommendations as a prototype of the standards of a self-regulatory organization is not reflected in the legislation on auditing. The problems of excessive regulation of the audit services market due to the granting of control powers to the Bank of Russia are outlined. The author sees an opportunity to improve the quality of audit services provided in the form of a return to the practice of issuing qualification certificates in certain areas, in particular, in the direction of "audit of credit institutions". Thus, strict filtering of subjects should be carried out at the stage of access to the audit market, and control powers under this model should remain with the Federal Treasury and the self-regulatory organization. The refusal to standardize auditing activities, the functioning of only one self-regulating auditing organization devalues the very idea of self-regulation. Under such conditions, self-regulation of audit activity does not act as a worthy alternative or continuation of state regulation.
Keywords:audit, audit activity, state regulation, self-regulation, mandatory requirements, recommendations, standards, self-regulating organization, Bank of Russia, certificate
This article is automatically translated. You can find original text of the article here.
The issue of regulation of entrepreneurial activity has traditionally been given great attention in science. It should be noted that today the regulation of entrepreneurial activity is divided into two major blocks: state regulation and self-regulation. State regulation has deep historical roots, has been studied in detail and has proven itself well. It is important to note that the long period of functioning of state regulation does not indicate its stagnation. Individual institutions of state regulation of entrepreneurial activity need inventory and further modernization. As an example, the Institute of state control in the field of entrepreneurship can be cited. Thus, as part of the reform of the regulatory guillotine, the task of reviewing a vast array of regulatory legal acts for duplication of requirements, identifying obsolete acts, and changing the approach to business inspections was outlined. The key result of the reform was the adoption of Federal Law No. 247-FZ of July 31, 2020 "On Mandatory Requirements" (hereinafter – the Law on Mandatory Requirements)  and Federal Law No. 248-FZ of July 31, 2020 "On State Control (Supervision) and Municipal Control in the Russian Federation" (hereinafter – The Law on State Control) .
Naturally, in a market economy, one cannot rely solely on state regulation, an alternative is needed, which today is the institute of self-regulation of entrepreneurial and professional activities. As a general rule, the association into self-regulating organizations takes place on a voluntary basis, but for certain areas the legislator provides for mandatory membership in these organizations (for example, for auditors, appraisers, arbitration managers). In this case, we are talking about the transfer of redundant functions of the state to self-regulating organizations.
It should be noted that in some industries, the regulatory format goes beyond the designated framework and differs in its originality. Let's illustrate this thesis by the example of auditing activities.
Initially, audit activity was subject exclusively to state regulation . However, since July 1, 2009, licensing has been replaced by mandatory membership of auditors and audit organizations in self-regulatory organizations . A sufficiently long period of functioning of the institute of self-regulation of audit activity allows us to speak with confidence about the successes achieved and certain failures in the field of the relations under consideration. In part, the interim results of the evaluation of the Institute of self-regulation are reflected in the Concept of the Development of Auditing Activities in the Russian Federation until 2024 . This policy document systematizes the main institutional problems in the field of auditing (the state of the business and investment environment, price dumping, the decline in the prestige of the profession, low level of involvement in the international audit community, insufficient level of corporate governance in the self-regulatory organization of auditors, etc.) and outlines the further vector of development.
To implement the provisions of this Concept, Federal Law No. 359-FZ of July 2, 2021 "On Amendments to Certain Legislative Acts of the Russian Federation and Invalidation of Certain Provisions of Legislative Acts of the Russian Federation" was adopted  a number of amendments were made to the legislation of the Russian Federation on auditing, in particular, to the Federal Law of December 30, 2008 No. 307-FZ "On Auditing Activities" .
In the context of the subject of our research, we will focus on those provisions of the Concept on the Development of Auditing Activities in the Russian Federation until 2024, which allow us to get an idea of the modern format of regulation of auditing activities. The general characteristic of the regulation of auditing activities is a combination of forms of influence on the industry by all regulatory entities. The regulatory system should be based on the presentation of two types of requirements to the audit community:
Mandatory requirements , which include international treaties, the legislation of the Russian Federation, auditing standards, the rules of independence of auditors and audit organizations, the Code of professional ethics of auditors, the rules of independence of auditors and audit organizations.
The mention of mandatory requirements in general correlates with the modern idea of creating an institution of mandatory requirements imposed on business entities. The Law on Mandatory Requirements eliminates the problem of "conflicting requirements" that has become a nuisance. In practice, there have been many situations when conscientious fulfillment by an entrepreneur of some requirements automatically led to violation of other requirements. Currently, the legislation on mandatory requirements provides that in the event of conflicting mandatory requirements established by regulatory legal acts of equal legal force, a person is considered to be in good faith complying with mandatory requirements and is not liable if he has ensured compliance with one of such mandatory requirements (article 3 of the Law on Mandatory Requirements).
Today, the register of mandatory requirements is functioning in a test mode. Business entities, having specified the OKVED, can receive a list of mandatory requirements for their type of activity, as well as information about regulatory legal acts that contain these requirements. Such an information resource will be a great help for entrepreneurs.
The key subject of regulation in relation to mandatory requirements in the field of audit will be the state . However, the self-regulating organization of auditors does not withdraw from the scope of mandatory requirements, and will also provide support in this direction. Note that the self-regulating organization of auditors is interested in implementing such a model of regulation. So, the SRO Association "Commonwealth" has developed a Program for the prevention of violations of mandatory requirements . The main tasks for the prevention of violations of mandatory requirements are to form a uniform understanding of mandatory requirements among all members of a self-regulating organization; to identify outdated and repetitive mandatory requirements; to detect typical violations. For the convenience of the members of the SRO Association "Commonwealth", the website presents a list of legal acts that contain mandatory requirements. As an example, we can designate Federal Law No. 115-FZ of August 7, 2001 "On countering the legalization (laundering) of proceeds from crime and the financing of terrorism" . This act provides for the obligation of auditors and audit organizations to notify Rosfinmonitoring of the existence of any grounds to believe that transactions or financial transactions of the audited entity could or could be carried out for the purpose of legalization (laundering) of proceeds from crime or financing of terrorism).
The concept of development of auditing activities until 2024 focuses on the need for proportional regulation in the development of the system of mandatory requirements. Only such a balance can ensure the protection of public interests and reduce administrative pressure on auditors. Accordingly, the regulatory impact on the industry cannot cover only mandatory requirements.
Thus, the second direction of regulation of the audit services market is the publication of recommendations . The current state of the audit services market dictates the need to accumulate the best practices in the field of auditing, as a result of familiarization with which auditors will be able to gain competitive advantages. Such a regulatory format assumes a prevailing impact on the industry from the self-regulatory organization of auditors. The Concept of Development of Auditing Activities in the Russian Federation until 2024 highlights the problem of underestimating the role and importance of regulating auditing activities by issuing appropriate recommendations. The developers of the program document voiced the tendency of excessive formalization of the rules of auditing, which contradicts the nature of the activity itself and the generally recognized international practice of regulation based on the principles fixed, in particular, in the international standards of auditing, and also discredits the institution of professional opinion of the auditor. Note that the self-regulating organization is taking steps to correct the situation in this direction as well. Thus, the Committee of SRO Auditors of the Association "Commonwealth" on Standardization and methodology of Accounting and Reporting has prepared recommendations on the procedure for accounting for inventory results and on the formation of unified reporting of non-credit financial organizations compiled according to industry accounting standards and international financial reporting standards .
However, the second direction of regulation of audit activity in the form of developing recommendations raises questions. So, there is a feeling that in the Concept of development of auditing activities until 2024, an attempt was made to duplicate the idea of standardization in the field of self-regulation. Recall that when establishing the institute of self-regulation, the legislator was based on the idea of a two-level system of standards. Some standards had to come from the state and provide a minimum of requirements for the proper level of quality of services provided, work performed, and other standards were the prerogative of the business or professional community itself within the framework of a self–regulatory organization. The unity of the two types of standards consisted in the obligation of their application by the subjects of the relevant activities, and differentiation – in the subject responsible for the development. In the Concept of development of auditing activities until 2024, mandatory requirements, in fact, replace federal standards, and recommendations are a prototype of the standards of a self–regulatory organization. However, can the recommendations and standards of the SRO be considered equivalent? Of course not. After all, SRO standards must be developed without fail, since this is one of the conditions for a non-profit organization to acquire self-regulatory status. In turn, the publication and application of recommendations is carried out exclusively on a voluntary basis.
We believe that today the second direction in the form of recommendations is exclusively declarative in the system of regulatory impact on the audit industry.
Let us also pay attention to the "regulatory triangle" that has arisen in the field of auditing. Changes in the auditing legislation of July 2, 2021 predetermined that the self-regulating organization of auditors, the Federal Treasury and the Bank of Russia are the control (supervisory) bodies in the field of auditing. The status of the Bank of Russia as another regulator in the audit services market also determines the specifics of regulatory impact in the sphere of the relations under consideration.
The issue of granting the Bank of Russia control powers in the field of the relations under consideration is ambiguous. On the one hand, the "triad of regulators" represented by the Federal Treasury, the Bank of Russia and the self-regulatory organization of auditors Association "Commonwealth" can lead to excessive "overregulation", which, as a rule, has a negative impact on the market. Thus, the following thesis is formulated in the doctrine: "excessive is unacceptable in the formation and implementation of the regulatory policy of the state. This is an immutable requirement of the Constitution in relation to entrepreneurial activity"[9, p.33]. On the other hand, the Bank of Russia is interested in regulating only one segment of the market and improving the quality of audit services provided exclusively to its supervised organizations. Everything that is outside the financial market is not included in the area of increased attention of the mega-regulator. From this point of view, "diversification of regulatory impact" seems to be a reasonable solution.
In fairness, we note that the practice of giving the banking supervision authority powers in the field of audit exists in a number of countries. So, on August 24, 2022, a meeting of the Presidium of the Advisory Council of Auditors of the EAEU was held. Aboisheva A.M., Deputy Chairman of the Audit Chamber of the Republic of Belarus, outlined the indicators of the audit services market in the Republic of Belarus for 2020 and 2021 and noted that state regulation of auditing activities is carried out by the President of the Republic of Belarus, the Council of Ministers of the Republic of Belarus, the National Bank and the Ministry of Finance .
However, it is worth noting that the audit community itself once criticized the granting of supervisory powers to the Bank of Russia due to the special status of a mega-regulator, which can also act as an audited entity . The audit of the supervisory authority leads to a conflict of interests between the auditor and the audited entity, violation of the principle of independence . Note that the doctrine also has a positive assessment of such an initiative. Thus, in his dissertation research, T.S. Anisiforov notes that "the granting of the Bank of Russia with appropriate powers will lead to a significant improvement in the supervisory process of the audit as a whole...however, maintaining high criteria for acquiring SRO status will negatively affect the economic stability of the state and the effective operation of the Bank of Russia as a whole in view of the current oligopolistic regime in the audit services market"[13, pp. 98-99]. On the one hand, we cannot fully agree with this conclusion of the author, since the audit market in the context of self-regulation can rather be characterized as monopolistic rather than oligopolistic. On the other hand, a fair further rejection of really overstated requirements regarding the quantitative composition of SRO auditors, unfortunately, did not change the structure of the audit market in the conditions of the existence of one self-regulating audit organization. Thus, the new regulator represented by the Bank of Russia both interacted and continues to work with one self-regulatory organization of auditors.
We believe that the interest of the Bank of Russia in the audit market is related to the need to improve the quality of audit services in the financial market. Previously, it was a common practice to issue "positive" audit opinions to credit institutions, whose license was later revoked. In our opinion, the cancellation of the issuance of qualification certificates in certain areas, in particular, in the direction of "audit of credit institutions", led to a similar state of affairs. The currently existing unified qualification certificate does not provide for knowledge of the specifics of the banking sector. But is it worth introducing another regulatory player in the person of the Bank of Russia to improve the quality of audit services provided in the financial market? Is it possible to avoid excessive regulation, while maintaining an appropriate level of quality of audit services provided? We believe that in order to achieve the goal of providing high-quality audit services, it is necessary to strictly filter subjects at the stage of market access, that is, at the stage of passing the qualification exam and issuing a certificate, and further control could, as before, be carried out by the self-regulatory organization of auditors and the Federal Treasury. In this regard, it seems appropriate to return to the issuance of qualification certificates of auditors in certain areas, in particular in the direction of "audit of credit institutions". With such a model of regulatory impact, the focus will shift from subsequent control to preliminary control, which will ensure the quality of audit services and avoid disproportion in regulation.
Let's turn to the characteristics of the next institute of the auditing profession and the audit market – a self-regulating organization . In general, the institute of self-regulation of auditing activities is evaluated ambiguously by experts. The main criticism is that due to legislative changes in relation to the number of SRO auditors, their sharp reduction has occurred. Currently, there is only one self-regulating audit organization on the market. Can self-regulation of the audit industry be considered full-fledged in such conditions? We believe not. Such a model of self-regulation with an obvious monopolization of the audit market actually tends to the state format of regulation.
We will present an overview of individual changes related to the self-regulation of the audit market.
Firstly , since January 1, 2022, the concept of a self-regulating organization of auditors has changed. Thus, a self-regulatory organization of auditors should be understood as a non-profit organization uniting audit organizations and auditors on the basis of mandatory membership, created to represent and protect the common, including professional, interests of its members, to ensure the conditions for auditing activities, to maintain a high professional level of auditing activities in the public interest, which has been granted the status of a self-regulatory organization. In our opinion, the updated definition does not make a significant contribution to the development of the conceptual apparatus in the field of auditing. The definition focuses more on the need to consolidate the audit community to protect common interests. It is assumed that the cohesive work of auditors and audit organizations within the framework of a self-regulatory organization should improve the quality of audit services provided, and as a result, ensure the proper level of trust on the part of consumers. In general, the proposed definition is more declarative than practice-oriented.
Secondly , the legislator abandoned the idea of a minimum threshold for the number of self-regulating organization of auditors and brings to the fore the percentage of the total share of audit services rendered. Thus, it is assumed that audit organizations and (or) individual auditors will unite as members of the SRO, whose total share of services rendered in the total volume of audit services for the calendar year preceding the year of filing an application for the status of a self-regulatory organization of auditors is more than 50 percent. Information on the volume of audit services rendered for a calendar year is calculated based on the data contained in the forms of the relevant federal statistical observation. We believe that the rejection of the minimum quantitative threshold is due to practical considerations, since at the moment there is only one self-regulating organization of auditors on the market, and there is no prospect of new organizations appearing in the near future. There is no need to set requirements for the number of SRO members in one organization in order to obtain or maintain the status of "self-regulating". Moreover, the rapidly changing situation in the political arena also does not contribute to maintaining the requirements for the minimum composition of a self-regulatory audit organization. Previously, the main share was accounted for by the auditors of the "big Four" who left the Russian market. Now regional auditors have great opportunities, respectively, quantitative indicators in terms of numbers should not become a barrier to joining the professional community.
Thirdly , the approach to standardization of audit activity has changed. Traditionally, the content of self-regulation and the basic requirement for a non-profit organization applying for self-regulatory status is the development of standards and rules of entrepreneurial or professional activity. For example, one of the requirements for the inclusion of a non-profit organization in the state register of SRO arbitration managers is the existence of standards and rules of professional activity of arbitration managers developed and mandatory for the members of a self-regulating organization of arbitration managers. A similar requirement is provided for in the field of evaluation activities. Thus, one of the grounds for the inclusion of a non-profit organization in the unified state register of SRO appraisers is the availability of standards and rules for evaluation activities. However, now, with regard to auditing activities, the legislator focuses on completely different local acts of the self-regulatory organization of auditors. Is this approach justified?
Previously, the implementation of auditing activities was based on international auditing standards and standards of SRO auditors. International auditing standards are mandatory for audit organizations, auditors, self-regulatory organizations of auditors and their employees. The auditing standards of the self-regulatory organization of auditors should have defined the requirements for audit procedures, additional to the requirements established by international auditing standards, if this is due to the specifics of the audit or the specifics of the provision of audit-related services; may not contradict international auditing standards; should not create obstacles to the implementation of auditing activities by audit organizations, individual auditors; are mandatory for audit organizations, auditors who are members of the specified self-regulatory organization of auditors. Note that self-regulating organizations of auditors have not introduced auditing standards.
However, now for the assignment of the status of SRO auditors, it is necessary not to have standards developed by SRO, but to have approved rules for external control of the activities of SRO auditors, rules for the independence of auditors and audit organizations, as well as the code of professional ethics of auditors. There is no doubt that the approved rules for the implementation of external quality control of the work of SRO auditors, the rules of independence and the code of ethics do not replace the standards of activity . It can be assumed that an extensive database of international standards is quite sufficient and SRO auditors simply do not need to form their own standards in addition to existing ones, as this will lead to a formal approach and duplication of the provisions of international standards. Obviously, it is for this reason that in the new version of the Audit Law, the legislator clarifies the concept of "auditing standards" and excludes the mention of auditing standards of self-regulatory organizations. Thus, in the future, auditing standards should be understood exclusively as international auditing standards adopted by the International Federation of Accountants and recognized in accordance with the procedure established by the Government of the Russian Federation.
In our opinion, such an approach contradicts the very essence of self-regulation. According to the legal definition of self-regulation, it is the development of standards and rules that constitutes the content of self-regulation. Refusal to standardize auditing activities on the part of a self-regulating organization devalues the very idea of self-regulation. We believe that today the SRO of auditors does not perform the function of standardization properly, which makes us think about the need to preserve the institution of self-regulation in auditing activities [14, pp.54-55].
Thus, the Concept of development of auditing activities until 2024 adheres to the following approach – a combination of state regulation and self-regulation. It should be noted that the doctrine has repeatedly emphasized the idea of a versatile regulatory impact on a particular type of entrepreneurial activity. Thus, Professor I.V. Ershova notes that "state regulation and self–regulation are two links in a single chain of influence on economic entities" [15, p. 151]. A similar conclusion is shared by Professor M.A. Egorova, who writes that "there is no rigid demarcation line between self-regulation and state regulation. On the contrary, they interact with each other and complement each other" [16, p. 23]. Conceptually, you should align yourself with these positions. However, in practice, in the field of auditing, the mechanisms of state regulation and self-regulation are not without drawbacks: excessive "overregulation" of the market due to the granting of control powers to the Bank of Russia; the functioning of only one self-regulating audit organization in the market; the absence of standards and rules of auditing developed by the self-regulating organization of auditors, unfortunately, do not contribute to the active development of auditing activities. Under such conditions, self-regulation of auditing activities cannot be a worthy alternative or continuation of state regulation. Due to recent legislative changes, the modern format of regulation of auditing activities tends to be more centralized by the state and the weakening of the institution of self-regulation.