Upholding audit quality: key insights from the DFSA Audit Monitoring Report 2022/23

The Dubai Financial Services Authority (DFSA) remains steadfast in its mission to uphold the highest international standards of audit quality and regulatory oversight.

The recently released Audit Monitoring Report (Report) for 2022/23 underscores the DFSA's commitment to transparency and accountability within the Dubai International Financial Centre (DIFC). This report highlights the DFSA's rigorous inspection processes and its proactive stance in addressing audit quality challenges, ensuring the DIFC maintains its status as a globally trusted financial hub.

Principal Findings

The DFSA's role in maintaining the integrity of financial services within the DIFC is crucial. The authority oversees Registered Auditors who provide audit services to public listed companies, authorised firms, market institutions, and funds within the DIFC. The recent Report has indicated a downturn in audit quality, prompting the DFSA to issue regulatory concern letters and warnings.

Key findings from the Report include:

1. Audit Principal Responsibilities

The DFSA Regulatory Law[1] and Rulebook outline the duties of an Audit Principal in managing audit conduct. Concerns identified include:

• Lack of evidence of Audit Principal's review in audit files.
• Ineffective review procedures.
• Audit Principals acting outside their scope of registration.

In response, the DFSA is monitoring resource utilisation at all registered auditors to ensure Audit Principals are not overburdened, safeguarding audit quality.

2. Assessing Independence Threats

A focus area in 2022 was compliance with the IESBA Code, particularly section 524, which addresses maintaining independence in audit engagements. Concerns raised include:

• Inadequate documentation of independence considerations.
• Failure to consider indirect financial interests of audit team members.
• Incorrect references to independence requirements in engagement letters and auditor reports.
• Lack of independence declarations in audit files.
• Insufficient consideration of former RA employees joining clients’ finance teams.

The DFSA will monitor compliance of the independence requirements. Firms should ensure adequate procedures are in place along with regular mandatory training to raise awareness of their obligations under the IESBA Code.

3. Risk Assessment and Audit Evidence

Another risk area identified by the DFSA was the identifying and assisting the risk of material misstatement.[2] A comprehensive review during the planning stage of an audit, mitigates the risk of audit failures. However, concerns identified by the DFSA were:

• Insufficient understanding and documentation of internal control environments.
• Inadequate determination of significant accounts and relevant assertions.
• Poor assessment of fraud risk in revenue recognition and management controls.
• Insufficient consideration of information from the client acceptance process.

The DFSA will persist in reviewing audit teams' risk assessments, urging firms to ensure robust audit planning and risk management processes.

4. Controls to Evidence Reviews

The DFSA found instances where audit teams failed to document the audit process, posing challenges for review and future compliance. The DFSA is conducting a review of systems and controls for audit file assembly and record-keeping, stressing the need for accurate reporting and secure file retention.

5. Fraud Risk

Revenue recognition is particularly susceptible to management bias, fraud, or error. Concerns include:

• Inadequate responses to the risk of management override of controls.
• Insufficient procedures for revenue IT systems and reports.
• Poor sample selection, cut-off testing, and audit approaches.

The DFSA will maintain its focus on fraud risk, given its significant threat to audit integrity.

Additionally, the Report identified instances of non-compliance with ISAS, the IESBA Code, DFSA legislation and Rules, and IFRS. Registered Auditors must adhere to these standards when conducting audits within the DIFC.

Key Takeaways

The DFSA's Audit Monitoring Report reinforces its dedication to high standards in financial reporting and auditing practices. It serves as a reminder of the critical role Registered Auditors play and the stringent expectations placed upon them. The DFSA’s vigilant oversight fosters global confidence in authorised firms.

For 2024, the DFSA will focus on areas such as engagement file assembly, audit conduct management, and related-party transactions. While focus areas may evolve, Registered Auditors must ensure robust audit processes, adherence to independence requirements, and compliance with the DFSA's regulatory framework to maintain audit quality.

If you require assistance with ensuring compliance with the DFSA's stringent requirements, Clyde & Co's expert team is here to help. Our professionals possess in-depth knowledge and extensive experience in navigating the complex regulatory landscape of the DIFC. We are committed to providing you with the guidance and support necessary to maintain the highest standards of audit quality and regulatory compliance.