Procedures for Employees of Audit Firms to Report Breaches

 


Audit Firms should note that in accordance with Article 30e of the EU Statutory Auditor Directive, there is a requirement for firms to establish appropriate internal procedures for their employees to report potential or actual breaches of the EU Audit Directive and Regulation on statutory audit.

Procedures will be reviewed through the quality assurance process.


DIRECTIVE 2006/43/EC OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL on Statutory Audits of Annual Accounts and Consolidated Accounts
 
Article 30e Reporting of breaches

1. Member States shall ensure that effective mechanisms are established to encourage reporting of breaches of this Directive or of Regulation (EU) No 537/2014(on the Statutory Audit of Public Interest Entity) to the competent authorities.

2.The mechanisms referred to in paragraph 1 shall include at least:

(a) specific procedures for the receipt of reports of breaches and their follow-up;

(b) protection of personal data concerning both the person who reports the suspected or actual breach and the person who is suspected of committing, or who has allegedly committed that breach, in compliance with the principles laid down in Directive 95/46/EC;

(c) appropriate procedures to ensure the right of the accused person to a defence and to be heard before the adoption of a decision concerning him or her, and the right to seek an effective remedy before a tribunal against any decision or measure concerning him or her.
 
3. Member States shall ensure that audit firms establish appropriate procedures for their employees to report potential or actual breaches of this Directive or of Regulation (EU) No 537/2014 internally through a specific channel.