We define “audit quality” as the outcome when audits are executed consistently, in line with the requirements and intent of applicable professional standards within a strong system of quality management.
All of our related activities are undertaken in an environment of the utmost level of objectivity, independence, ethics and integrity.
To that end, KPMG has a Global Quality Framework (GQF) which guides how we work and how we approach the audit. It helps ensure a consistent approach with quality at its heart. In this section, we show how the GQF is helping us do this with reference to each individual component of the framework. For three of the components – Live our culture and values; Be independent and ethical; and Nurture diverse skilled teams – we have redirected to other parts of the report.
In the UK, we support our GQF with our Single Quality Plan (SQP); a dynamic and responsive plan that monitors our response to quality-related issues which is reviewed and refreshed throughout the year. This helps us focus on the key areas we have identified that will enable us to continue to deliver sustainable quality.
Alongside this, we recognise that harnessing new technology, including AI and machine learning, is key to the future of audit, especially as audited entities themselves integrate these technologies into their businesses. We have therefore continued to invest heavily, in the UK and across our global network, in building new technologies into how we work (embedded into our smart audit platform, KPMG Clara) and strengthening our significant partnerships with major technology providers such as Microsoft.
Our focus on delivering sustainable audit quality is at the heart of our strategy, supported by our other strategic priorities: empowering our people, supporting seamless delivery, and maintaining robust growth. Our risk management principles (see the Quality Control and Risk Management section) ensure we appropriately manage risk across the firm and help to support audit quality.
We are seeing the fruits of our strategy in our audit quality journey with sustained improvement in our AQR inspection results and an improved three-year average across both FTSE 350 and other audits.
KPMG has a number of regulators due to the types of services we provide. This includes the Financial Reporting Council (FRC), the Institute of Chartered Accountants in England and Wales (ICAEW), the Financial Conduct Authority (FCA), the Solicitors Regulation Authority (SRA), audit third country regulators, and other regulatory and oversight bodies (including HM Government). We’re committed to meeting the expectations of our regulators and ensuring our regulatory engagement is based on the principles of openness, transparency, integrity and accountability. [FRC and ICAEW noted in intro section so decide if spell out in full in that section depending on revisions to final para]
The regulatory environment continues to evolve. Accordingly, we continually scan the horizon and prepare the firm for incoming regulatory changes. In particular, we continue to engage and work with the FRC to help shape the future for a profession that is attractive and retains skilled professionals who produce high-quality audits, acting in the public interest.
The results from the FRC’s Audit Quality Review (AQR) inspection, as well as the ICAEW’s annual inspection, together with the results of our own internal monitoring programme, and those of any other regulator including the Public Company Accounting Oversight Board (PCAOB) in the US, provide an overview of our performance of quality engagements. In addition, the FRC’s Audit Market Supervision (AMS) team assesses the firm’s ongoing design and operation of our Systems of Quality Management (SoQM). The FRC’s Audit Firm Supervision (AFS) team is responsible for the overall supervision of Public Interest Entity (PIE) audit firms, drawing together the results of work undertaken by the AMS and AQR as well as other areas of the FRC.
Audit quality is our number one priority, and we value the constructive input and challenge from the FRC through their inspection and supervision process. We continue to work closely with the FRC to understand their identified areas of good practice, and importantly where we need to continue to focus to ensure that we build trust and confidence in our profession and the markets.
89% of FRC inspections required no more than limited improvements
2023/24
(2022/23: 74%)
(2021/22: 84%)
88% of FTSE 350 inspections required no more than limited improvements
2023/24
(2022/23: 78%)
(2021/22: 91%)
No audits inspected required significant improvements
2023/24
(2022/23: One)
(2021/22: None)
FRC’s Audit Quality Inspection and Supervision Report 2024
The FRC's Audit Quality Inspection and Supervision report listed areas of good practice and aspects where improvement was required.
In individual audits, good practice included examples relating to risk assessment and planning, execution, and completion and reporting. Areas for improvement included instances relating to estimates, risk assessment and response to internal control deficiencies.
2023/24 was a transitional inspection cycle covering both the International Standard on Quality Management (UK) 1 (ISQM1) and the International Standard on Quality Control (UK) 1 (ISQC1). The report included a section for the first time on our firm-wide SoQM, with examples of good practice and areas for improvement.
Section 4 of the report focused on the FRC’s forward-looking supervisory approach – identifying and prioritising what firms must do to improve audit quality and enhance resilience. There, we saw recognition of how our SQP is embedded in the business and supporting our strategy:
The firm’s SQP is at the forefront of the firm’s regulatory strategy, integral to the business and a driver to sustained audit quality.”
The report also called out the significant process we have made in the last year with our Root Cause Analysis (RCA).
The firm has responded positively to feedback on its RCA process – investing significantly in the RCA team, redesigning the approach and refreshing the categories of causes. The benefits have been visible through the FRC’s engagement in 2023, including in the RCAs performed by the firm on six of the 2023/24 AQR inspections. The changes helped to ensure a clear thought process with multiple data sources when identifying the root cause.”
We will continue to evolve our root cause and remediation processes, focusing on evaluating the effectiveness of actions.
The FRC's report is available to read at the above link.
10 reviews were performed by the Quality Assurance Department of the ICAEW
2023
(2022: 11)
(2021: 12)
70% of the ICAEW reviews were assessed as “Good / generally acceptable”
2023
(2022: 91%)
(2021: 75%)
One audit reviewed required improvements
2023
(2022: None)
(2021: One)
FRC’s Audit Quality Inspection and Supervision Report, 2024
The ICAEW identified good practice across the files reviewed which included:
Our ICAEW results saw a slight decline this year. Our continuing commitment to enhancing audit quality saw two teams challenging prior period accounting in the year following the reviews. They identified an arising difference in the subsequent period’s financial statements which the firm reported to the ICAEW, prior to the finalisation of their review. We consider it good practice for teams to continuously improve audit quality and realise the benefit from the independent challenge of reviews.
For a summary of the QAD’s review findings, refer to the FRC’s Audit Quality Inspection and Supervision report for KPMG LLP (2024).
KPMG in the UK is subject to inspection every three years by the US PCAOB. In accordance with this cycle, the PCAOB was due to inspect during 2021. However, as a result of the COVID-19 pandemic, the PCAOB deferred its inspection to 2022. The firm received the final inspection report in 2024 with no Part I Inspection Observations and is required to respond to the findings by the deadline of March 2025.
At the end of the financial year, there was one ongoing FRC investigation into matters announced in previous years, in respect of the audit of Carr’s Group plc for the period ended 28 August 2021.
No new FRC investigations were opened during the year.
One matter, which related to an audit in 2018, was closed during the year:
One ICAEW investigation outcome was announced during the year. This related to the audit of the financial statements of two entities by KPMG LLP.
1 Where the FRC or other regulatory body has exercised discretion not to publicise a particular inquiry or investigation, the details of such matters are not disclosed in this report.
KPMG firms have agreed to use quality monitoring and compliance programmes developed by KPMG International are used by KPMG firms to identify quality issues, perform root cause analysis and develop remedial action plans, both for individual audits and for their overall SoQM. The programmes evaluate:
The internal monitoring and compliance programmes also contribute to the evaluation of our SoQM operating effectiveness. These programmes include:
The results of the integrated monitoring and compliance programmes are communicated at local, regional and global levels (as relevant) and we establish action plans to make improvements where needed. Results are also considered by KPMG International.
The Audit QPR programme is the cornerstone of our efforts to monitor engagement quality. It assesses engagement level performance and identifies opportunities to improve engagement quality.
All engagement leaders of statutory and non-statutory audits and other assurance engagements are generally subject to selection for review at least once in a three-year cycle. A risk-based approach is used to select engagements.
We conduct the annual QPR programme in accordance with KPMG International QPR instructions, which promote consistency across the KPMG organisation. Responsibility for the QPR programme lies with our firm’s Risk Management Partner. Reviews are overseen by an independent experienced lead reviewer from another KPMG firm. QPR results are reported to KPMG International.
Across the global organisation, consistent criteria are used to determine engagement ratings and KPMG firm Audit practice evaluations. Definitions of engagement ratings are explained below:
When the audit work performed, the evidence obtained and the documentation compiled comply with internal policies, auditing standards and legal and regulatory requirements in all significant respects with no or only minor instance(s) of non-compliance; and key judgements concerning significant matters in the audit and audit opinion are appropriate.
When the auditor’s report is supported by evidence and is not incorrect in any material respects, but the independent reviewer required additional information to reach the same conclusion as the auditor; or where supplementary information obtained as part of the audit was not sufficiently documented in the audit; or where specific requirements of our audit methodology were not embedded; or where improvements to audit procedures were identified as needed in one or more areas and such improvements were judged to be more than minor but not significant. A ‘CIN’-rated engagement is not considered an adverse quality outcome.
When the auditor did not perform the engagement in line with KPMG’s professional standards and policies in a more significant area, or where there are deficiencies in the related financial statements. Where appropriate, in a limited number of cases we remediate engagement files to ensure the audit evidence obtained is adequately documented and engagement teams undertake specific incremental or remedial training. In addition, engagement leaders receiving a Not Compliant rating are subject to at least one follow-up review.
Prior to the finalisation of the review, there is a rigorous moderation process to ensure consistency of grading. A remedial action plan is created for quality audit and assurance in which deficiencies were identified which are considered to be significant, applicable at an engagement and a firm level. We share our findings from the Audit QPR programme through internal training tools and in periodic partner, manager and team meetings. Any issues are also emphasised in subsequent monitoring and compliance programmes to gauge the extent of continuous improvement and the effectiveness of the implementation of remedial actions. Lead engagement partners are notified when an assurance engagement on a cross-border subsidiary or affiliate of their audited entity receives a Not Compliant rating.
Our Audit QPR programme is designed to hold audit teams to quality levels that assess not only compliance with auditing standards but also adherence to internal requirements such as the performance of specified procedures or completion of specific mandated consultations. As such, teams that perform audits that are very substantially compliant with auditing standards may receive a rating other than Compliant in our internal reviews. Accordingly, it is difficult to make direct comparisons between the results of our internal and external inspection processes.
Rating / Compliant
Rating / Compliant - improvements needed
Rating / Not Compliant
Number of engagements reviewed
The KQCE programme encompasses the testing and evaluation requirements of a KPMG firm’s SoQM which are necessary to support both their compliance with ISQM1, and compliance with the firm’s quality and risk management policies. KQCE programme requirements are mandated for all KPMG firms. The 2024 KQCE programme covers the period from 1 October 2023 to 30 September 2024.
Monitoring activities include:
The evaluation of the SoQM involves the identification and assessment of findings from our monitoring activities, including any deficiencies. Judgement is required to assess whether findings result in a deficiency, and the severity and pervasiveness of any deficiencies, individually and in aggregate. Those judgements include considering both the significance of findings to the achievement of quality objectives and the extent to which actions taken up to the evaluation date mitigate the effects on the SoQM. Such judgements are made by the monitoring team, overseen by the Chief Risk Officer, and the final evaluation is scrutinised and independently challenged by the Audit Committee. Our evaluation of the effectiveness of our SoQM is set out here.
During the year, member firms were required to self-assess their overall levels of compliance with quality and risk management policies not in scope of the SoQM as either compliant, substantially compliant or non-compliant.
For the year ended 30 September 2024, our approach to quality and risk management policies was rated [Update this when evaluation completed (early December, but likely to be same outcome)] substantially compliant (defined as where significant compliance findings are not pervasive in nature and action plans to address their identified causes have either already been implemented or substantially implemented or are planned to be implemented within a timeline which will allow for compliance testing in the succeeding period).
Action plans to address the identified root causes of SoQM Deficiencies and Compliance Findings have been developed and are in the process of being delivered. The status of remediation is monitored by the Risk, Operations and Audit Executives and is overseen by the Audit Committee.
The GQCR program is a KPMG International monitoring program. The objective of the GQCR program is to assess a firm’s compliance with selected KPMG International policies, including those related to governance and SoQM.
Firms are selected for review using a risk-based approach, which considers a number of factors, including financial conditions, country risks, results of monitoring programmes and people surveys, with each firm subject to a GQCR at least once in a four-year cycle.
The GQCR team performing the review comprises partners and managers who are independent of the firm subject to review.
The UK firm was subject to a GQCR review during 2024 when (this needs to be updated when the GQCR report is finalised in mid-September) a number of opportunities for improvement were identified, including areas which were also generally identified by the UK firm’s Audit Quality and Banking Audit Quality Improvement Plans, Risk Compliance Programme/KPMG Quality and Compliance Evaluation and other compliance and quality control processes. Implementation of these improvements is largely complete.
How an audit is conducted is as important as the result. Everyone at KPMG is expected to demonstrate behaviours consistent with our values and follow policies and procedures in the performance of effective and efficient audits.
We consider all audit evidence obtained during the course of the audit, including consideration of anything that is contradictory or inconsistent. This analysis requires each of our team members to exercise professional judgement, maintain professional scepticism and demonstrate appropriate challenge to obtain sufficient and appropriate audit evidence.
Professional judgement and scepticism training is embedded in our core audit technical training programme for junior staff and ongoing training and workshops for more experienced staff.
The engagement leader is responsible for the overall quality of the audit engagement and therefore for its direction, supervision and performance. Involvement and leadership from the engagement leader early in the process helps set the appropriate scope and tone for the audit. To reinforce this, we mandate the completion and review of audit planning activities within specified timeframes to evidence completion of the relevant planning activities.
The engagement leader reviews key audit documentation – in particular, documentation relating to significant matters arising during the audit and conclusions reached. The engagement manager assists the engagement leader in meeting these responsibilities as well as in the day-to-day liaison with the audited entity and monitoring of engagement milestones.
Our Second Line of Defence team is a group made up of senior auditors which supports our higher risk engagements with a focus on public interest and listed entities. The team performs in-flight reviews of audits to improve the quality of audit execution and documentation, including effective challenge of management in judgemental areas. These senior auditors also help throughout the audit cycle, to identify issues before they impact audit quality. This has a dual purpose: firstly, to enable coaching of teams and, secondly, to act as another level of review and challenge to help engagement teams in the delivery of high-quality audits. In addition, it informs our ongoing horizon scanning for emerging issues that may require broader responses.
Our engagement teams have access to a network of specialists, which may include involving UK specialists or those from other KPMG member firms. Our audit methodology requires the involvement of relevant specialists in the core audit engagement team when certain criteria are met or where the audit team considers it appropriate or necessary.
Our Engagement Quality Control Reviewers (EQCRs) are independent of the engagement team and have appropriate experience and knowledge to perform an objective review and challenge of the more critical and judgemental elements of the audit. The audit report can only be released when the EQCR is satisfied that all significant questions raised have been resolved.
An EQCR is appointed for the audits, including any related review(s) of interim financial information, of all listed entities, non-listed entities with a high public profile, engagements that require an EQCR under applicable laws or regulations, and other engagements as designated by the Audit Risk Management Partner or the Chief Auditor.
To invest in building the skills and capabilities of our professionals, we adopt a continuous learning environment. We support a coaching culture throughout KPMG as part of enabling colleagues to achieve their full potential.
Our Coaching for Quality programme, which was developed with the support of external behavioural psychologists, gives colleagues the tools they need for productive coaching conversations.
New engagement leaders are also provided with an experienced mentor to support their transition into this critical role.
Audit documentation records the audit procedures performed, evidence obtained, and conclusions reached on significant matters on each audit engagement. Our policies require review of documentation by more experienced engagement team members.
Standardised approaches and workpapers assist our audit teams with appropriately supported and documented conclusions.
The results of our external and internal monitoring processes can be found in the ‘Activities during the year’ tab above.
At the centre of our Global Quality Framework is continuous improvement. Our Single Quality Plan (SQP) is at the heart of this – we use it to drive measurable improvements in critical areas. Our SQP supports us in being dynamic to respond to emerging issues and is a key driver in delivering sustainable audit quality. We have been pleased with the recognition of the quality and utility of our SQP as we have worked to embed it in our processes, use it to monitor our progress, and support us in identifying areas for remediation.
Our SQP supports us in evaluating information from a range of data points including our Emerging Issues process, inspection and review findings, Second Line of Defence themes, root cause analysis reporting, the Annual Risk Review, and executive meetings such as the Quality Council and Audit Executive.
We regularly assess what topics have escalated in priority or have been resolved and we track these movements on our dynamic heat map. The heat map helps us identify and keep focus on both our priority and foundational programmes. The status of these programmes can change throughout the year as we evaluate the effectiveness of actions taken using a range of specific and focused KPIs to measure success.
Our priority programmes at the start of the year were:
By the end of the year our Banking Audit Quality Improvement Programme had commenced transition to a business-as-usual state with a focus on sustainable execution, following clear improvements achieved by the broad array of activities within the programme.
Following findings in AQR inspections and internal monitoring, we prioritised activities relating to our audit of non-compliance with laws and regulations and risk assessment – both of which moved to priority programmes during the year. Further, a key theme of ‘Simplification’ was identified driven by the need to ensure our audit product is suitably scalable across the portfolio – this was escalated in the SQP to a priority programme with the aim of challenging our approach in a range of ways.
Our foundational programmes, which we expect to be an enduring focus as they support our ability to deliver sustainable audit quality, are:
Each month we assess our progress through a combination of progress and effectiveness KPIs which are a blend of qualitative and quantitative measures, linked to the objectives of each programme. As these measures can fluctuate during the year, we look for trends and evidence that the measures we are taking are being effective. This will be key in ensuring we have an effective response to audit quality related issues.
Over the past couple of years, we have invested in both our root cause and remediation teams to ensure that we learn from the findings of both internal and external reviews, have robust processes to embed best practices, and have appropriate actions plans developed to address learnings. Both teams have been set up to be operationally separate from audit teams and report through the Chief Auditor to the Head of Audit Quality.
The root cause team performs reviews on the findings from AQR, QAD and internal monitoring inspections. Ad hoc reviews can also be undertaken to consider audit-wide matters identified through a variety of other sources such as the firm’s Audit risk team, Office of General Counsel and the emerging issue process. The root cause team uses a variety of data points to inform interview questions and seeks to get to the bottom of why the issues occurred. We now have a stable RCA taxonomy with different levels of aggregation and disaggregation created to enable clear identification of root causes and enhance the design of targeted remedial actions. Categories have been drawn so that Quality Monitoring, Skills and External Factors are separately identified.
The severity of root causes is assessed with the classifications being primary, secondary or contributory. Primary and secondary are subject to aggregation and reporting.
The remediation team takes the outputs from the root cause team to develop appropriate responses and monitors the effectiveness of these actions, proposing adjustments where they are not having the desired impact. Regular monitoring of the impact of remedial actions is a key part of our RCA programme so that we can adapt our approach as new issues arise. We apply a mix of remedial actions focusing on both firmwide and specific engagement team actions with an overarching goal of driving a sustainable High Challenge, High Support culture.
In the past year we have embedded the improvements in the process established during 2023 and introduced a soft controls model to assist in the identification of factors which drive individual behaviours. The investment made in the team has resulted in an increase in the extent and breadth of reviews undertaken during the year. The remediation team has analysed the forms of remediation previously undertaken and the effectiveness of those actions to provide a framework to assess the likelihood of success for future actions.
The adoption of KCw as our global audit tool has enhanced the independent monitoring of the status of our audits. We have developed milestones that audit teams are challenged to meet through the audit cycle with the objective of completing as much work as possible in advance of the post-year end compressed time frame, ensuring that teams have the requisite time to stand back and assimilate their audit findings before signing their opinions. This, together with the use of data mining tools to increase real-time visibility of progress and identify the need for direct intervention to provide additional support to teams, helps ensure that the right work is being undertaken by the right people at the right time.
We’re pleased with the progress made in re-phasing work across our portfolio to date, but there is more to do as we work with companies on improving the timeliness and quality of management information which is needed to achieve the milestones and avoid rework. We have refreshed our requirements and enhanced our monitoring process this year to further support our engagement teams. We continuously analyse the data and use it to improve and evolve our monitoring process, allowing us to more proactively monitor and support our entire engagement portfolio.
Integrated quality monitoring and compliance programmes enable KPMG firms to identify quality deficiencies, perform root cause analysis and develop, implement and report remedial action plans, both in respect of individual audit engagements and the overall SoQM.
We focus on ensuring our work continues to meet the needs of participants in the capital markets. To achieve this goal, we employ a broad range of mechanisms to monitor our performance, respond to feedback and understand our opportunities for continuous improvement:
This is at the heart of how we drive a mindset focused on quality and continuous improvement.
The People and culture section sets out in detail how we are placing a culture of “High Challenge, High Support” at the centre of our values-based approach, to help drive audit quality and create an environment of continuous improvement.
It’s not just what we do at KPMG that matters — we also pay attention to how we do it. The KPMG values are our core beliefs, guiding and unifying our actions and behaviours. Shared across all colleagues and in every country, jurisdiction and territory in which we operate, they are the foundation of KPMG’s unique culture.
The People and culture section sets out in detail how we are embedding these factors to help drive audit quality and create an environment of continuous improvement.
Robust application of our well-established acceptance and continuance policies enables us to make swift, consistent and sound decisions about which entities we work with and what work we do.
We evaluate all prospective audited entities at a number of points in the onboarding process, starting with the decision to participate in a tender. Checks cover areas including conflicts of interest, independence and the identity and integrity of management and owners.
All new entity evaluations and entity evaluations where there is a change in risk grade are reviewed by a second partner. Engagement continuance evaluations that are medium risk or those that have an increase in their risk rating from the previous year are subject to review by a second partner. All new evaluations, including those deemed high risk and evaluations with a decreased risk rating compared to the prior year, will be reviewed by the Audit Chief Risk Officer (and/or their delegates). The review process may identify additional mitigations to be put in place against specific audit risks including delivery risks such as information security and data privacy.
We reconsider whether to continue as auditor on each audit annually. We take into consideration any perceived weaknesses within the audited entity’s governance structure, control environment, finance function, culture and behaviours, and where applicable any known or suspected non-compliance with laws and regulations. Where there are issues that pose a significant risk to audit quality, we may impose conditions on our continuance as auditor.
The issuing of conditions on continuance, in writing, to those charged with governance allows the engagement leader to document the issues experienced during the course of the audit and to outline the necessary steps and/or actions that need to be taken by those charged with governance.
We have developed tools that support engagement leaders who have imposed conditions on continuance to perform regular ongoing monitoring of progress against the conditions. Where there is little evidence of progress, the engagement leader will escalate the case to the Head of Business Risk for consideration of next steps which could include a formal continuance panel.
We work with audited entity management to agree any conditions on continuance and monitor progress against commitments.
Rigorous client and engagement acceptance and continuance policies are vital to being able to provide high-quality professional services.
We evaluate all prospective audited entities before accepting them. This includes a review of any non-audit services provided to the entity and of other relevant relationships and matters which may have a bearing on our independence. We also perform background checks on the prospective audited entity, its key management and beneficial owners. A key focus is on the integrity of management.
A second partner, as well as the evaluating partner, approves the prospective audited entity evaluation. Where the audited entity is considered to be ‘high risk’, the Risk Management Partner is involved in approving it. Each prospective engagement is also evaluated. The engagement leader evaluates this in consultation with other senior colleagues and Risk Management leadership as required.
Controls are built into our engagement management system to ensure we complete the audited entity and engagement acceptance process appropriately.
Additional safeguards may be introduced to help mitigate any identified risks, and potential independence or conflict of interest issues are documented and resolved prior to acceptance.
We will decline a prospective audit engagement if a potential independence or conflict issue cannot be resolved satisfactorily.
Audit services are reviewed at least annually. Ongoing monitoring means that audited entities are re-evaluated earlier if there is an indication that there may be a change in their risk profile. Recurring or long-running engagements are also subject to periodic re-evaluation.
We are committed to being a place where diverse talent can flourish and recognise that it is the quality of our people that will ultimately determine our success.
The People and culture section explains the measures and policies we have in place to ensure we remain focused on diversity, skills and quality.
Across the global organisation KPMG people make the real difference and are instrumental in shaping the future of audit at KPMG. We put quality and integrity at the core of our audit practice. KPMG auditors have diverse skills and capabilities to address complex problems.
We are committed to equipping our people with the skills and tools they need to deliver high-quality work for our stakeholders and for the entities that we audit.
One of the key drivers of quality is making sure we assign people with the right level of skills and experience to the right engagements. This requires a focus on recruitment, development, promotion and retention of our people and the development of robust capacity, accreditation and resource management processes.
You can read more about our UK people strategy in the People and culture section.
We continue to benefit from investments in Audit Quality. Our KPMG Clara workflow (KCw) platform continues to be the foundational tool for delivering our audits and supports our people in executing high-quality audits and responding consistently to identified risks.
KCw is accompanied by the KPMG Audit Execution Guide (KAEG) which sets out our methodology requirements. The methodology is based on the requirements of the International Standards on Auditing (ISAs) and all member firms are required to follow it. KAEG also includes additional requirements that go beyond the ISAs and which KPMG believes enhance the quality and value of our audits.
At KPMG in the UK, we add local requirements and guidance to comply with additional professional, legal or regulatory requirements specific to the UK, our own internal policies, and to proactively respond to economic or industry events. KCw provides our audit teams with access to such requirements and industry knowledge with smart libraries embedded within the tool. This allows for a consistent approach, tailored by industry, and focused on key audit risks. To further support our teams, standardised workpapers and guidance assist our audit teams in consistent delivery. Last year we introduced our UK Audit Requirements Tool to support the scalable delivery of such standardised workpapers to our people in a manner that is consistent with, and complementary to, KCw.
We are committed to ensuring that audit professionals have appropriate audit, accounting and industry knowledge, experience and training. Our accreditation process enables us to ensure the right partners and employees are assigned to engagements and are licensed where necessary.
Our formal audit training programme supports the development of technical expertise and knowledge within our audit practice. It includes mandatory audit and accounting technical training, industry-specific training and risk courses. This is supported by centrally run fortnightly technical briefings, lunch and learns (including a new programme on core audit skills and fundamental knowledge), drop-in clinics and locally run sessions using centrally developed content.
This year, our flagship training programme, KPMG Audit University (KAU), ran over three days and was attended by 3,062 (to be updated by Jo T) (FY23: 3,062) Audit and IT Audit colleagues. The theme for our 2024 KAU was Empowering through Accountability and had a particular focus on building rapport in a digital world, the revised ISA 600, and putting AI in the hands of every auditor for use on every KPMG audit over the next 12 months. Consistent with previous years, the content also covered a broader range of areas from across the audit lifecycle. This year that included risk assessment, sustainability, and journals testing, delivered in a mix of plenary and breakout sessions. As well as linking multiple UK locations for the event kick-offs, we also ran some sessions directly with our offshore KPMG Global Services (KGS) colleagues, who completed the same content at their events.
Beyond KAU, the mandatory learning curriculum includes biannual updates focusing on performing an effective quality audit with different topic areas included as relevant. An Audit Quality and Risk Workshop is delivered twice a year for engagement leaders and focuses on key messages driven by internal and external monitoring findings. This content is also extended to audit managers and senior managers through live and recorded workshops.
In addition, partners and audit professionals must complete training relevant to their grade and role. This includes sector-specific training as well as training to support staff in their roles, such as working on US engagements, and has included a new global banking curriculum this year. Completion of such training is built into accreditation requirements to work on specified engagements, which we manage through our eQualify system. Our curriculum extends beyond audit technical learning. For example, our ‘Building Trust’ risk training has this year focused on conflicts of interest, client acceptance, our Code of Conduct, protecting information, and firm and personal independence. As well as the technical curriculum, auditors spend time on skills programmes to support their career and professional development.
Internal consultation, both formal and informal, is a fundamental contributor to quality; it is always encouraged and is mandated in certain circumstances. We provide appropriate consultation support to audit engagement professionals through professional practice resources – this includes our Chief Auditor, Chief Accountant, DPP (Department of Professional Practice) Accounting & Reporting, DPP Audit, and Audit Risk Management. Mandatory consultation requirements include matters such as where we identify non-compliance with laws and regulations, where a team proposes to deviate from our standard methodology, or where certain risks such as issues with going concern are identified. Consulting on issues is a fundamental part of our High Challenge, High Support culture.
The Second Line of Defence team provides coaching and technical support through their hot review programme which provides feedback on both the audit approach and the clarity of audit documentation. Our US Accounting and Reporting group (USARG) based in London provides coaching and technical support for our US engagement teams, while further technical support is also available through our International Standards Group, as well as the US Capital Markets Group based in New York for work on SEC registrants.
We also have Audit Risk Panels, led by an audit quality or audit risk management partner and supported by an experienced field partner. These enable direct challenge of the approach to the key audit issues on our highest risk audits and support the team in reaching robust conclusions on approach and timing.
Across the global organisation, KPMG is committed to continuing to build on our professionals’ technical expertise and knowledge recognising its fundamental role in delivering quality audits.
We are committed to ensuring that audit professionals have appropriate audit, accounting and industry knowledge, experience and training. Our accreditation process enables us to ensure the right partners and employees are assigned to engagements and are licensed where necessary.
KPMG International (“KPMGI”) has established a quality framework across its network of member firms based on the International Standard on Quality Management (ISQM1) issued by the International Auditing and Assurance Standards Board (IAASB) and the Code of Ethics for Professional Accountants issued by the International Ethics Standards Board for Accountants (IESBA), which apply to professional services firms that perform statutory audits and other assurance and related services engagements.
The policies and associated procedures within this framework enable member firms to comply with relevant professional standards, and with regulatory and legal requirements, and help our partners and employees act with integrity and objectivity, performing their work with diligence.
KPMG in the UK supplements KPMG International’s quality framework with additional policies and procedures that address its specific business risks as well as rules and standards issued by the FRC, the ICAEW and other relevant regulators, such as the US Public Company Accounting Oversight Board (PCAOB).
Refer to: Quality control and risk management (Our quality control and risk management systems)
We continue to refine our processes and controls to ensure we can mitigate and respond to risks which could affect audit quality. Our key quality control processes include:
The Audit Quality Council is a forum for the leaders of our Audit Quality central teams and those with a role in driving audit quality activity in our Audit Performance Groups to discuss and agree on actions to implement our audit quality strategy. The Council meets monthly and receives updates from our Audit Quality central teams on their observations and activity for the month together with consideration of actions to address any emerging issues. Progress on both internal and external inspections are discussed and also the monitoring of remedial actions from prior reviews and inspections. Our audit learning plan is also approved at the Quality Council on an annual basis. The meeting is chaired by the Head of Audit Quality with members of the Quality Council including the heads of the Audit Quality teams e.g., Departments of Professional Practice, Second Line of Defence, Chief Auditor, Chief Accountant, and heads of internal and external inspections. The meeting is also attended by the Chief Risk Officer (CRO) for Audit, Audit Learning Director, Head of Culture for Audit and the partners who lead on Quality in the Audit Performance Groups including our offshore Quality Team.
The Audit Risk & Quality sub-committee meets monthly to assess and proactively address the risks that threaten audit quality. This could be across our Public Interest Entity, Other Entities of Public Interest or wider audited entity portfolios. The main areas considered by the sub-committee include the assessment and challenge of the safeguards and mitigations in place in response to the movement in internally calculated risk scores associated with individual audited entities and sectors; the response to the Second Line of Defence team’s assessment of individual audit engagements; updates on regulatory developments and the status of associated regulatory commitments; and the identified actions in response to entities, engagements and themes included on the capability risk watchlist. Membership of the sub-committee includes the Audit Chief Risk Officer as Chair, Head of Audit Quality, Chief Auditor, Chief Accountant, Head of Audit Regulatory Compliance, risk partners and performance group leaders from the key performance groups across the Audit capability.
The Chief Risk Officer for Audit assesses RI (Responsible Individual) workload by considering a multitude of factors including but not limited to size of portfolio, pinch points, quality metrics, significant internal roles, hours worked and sickness. These factors are weighted and red, amber or green (RAG) score ratings are then attributed to in-scopeRIs. Each RI completes a questionnaire and is then interviewed by a former partner or partner outside of their Performance Group where they can discuss their RAG score, portfolio, personal wellbeing, level of support across their portfolio of engagements, and any other concerns they may have. Ratings may then be adjusted based on the outcomes from the questionnaire and the interview process. Findings are reported to Audit Risk Management and Audit Leadership, who take action as required.
To drive continuous improvement of audit quality, we need to have the right people with the right skills, doing the right work at the right time.
Our audit portfolio has been divided into segments based on the risk and nature of the entities subject to audit. This has resulted in three defined main accreditation segments for managers and above – Listed and Regulated, Private Capital and Public Sector.
Each main accreditation segment is in turn made up of a number of sub-segments, enabling targeted competence and capability requirements within the overall accreditation segment.
Additional technical audit requirements apply to individual audits of certain entities. Each technical overlay has additional technical capabilities and some involve specific training over and above those of the three accreditation segments. Those technical overlays without specific training requirements are awarded at the discretion of the Audit CRO or Chief Auditor.
Accreditation requirements are determined at the engagement level and are driven by the sub-segment of the audited entity.
On an annual basis, all auditors from Manager to Partner are awarded a Certificate of Accreditation on the basis of their experience and training.
eQualify software tracks whether individuals hold the accreditations needed to work on an audit in a more robust fashion. eQualify is a one-stop solution to people’s accreditations. Phase one deals with technical overlays, which are requirements specific to individual audited entities as discussed above. Each individual in KPMG in the UK and KGS in India has a profile in eQualify and can see at a glance what Audit Technical overlays they hold. They can also see if they need any further technical overlays which are linked to the jobs in their portfolio. If they do, the detail in the technical overlay links directly to our Learning Management system and each person can assign themselves the relevant training without the need to consult. Once they have completed the relevant training, the technical overlay is automatically marked “green” in the audited entity on which they are working. Phase two, which is now live, includes audit accreditations and allows engagement leaders and engagement managers to ensure that everyone requiring an accreditation on their engagement has one on a timely basis.
With effect from 5 December 2022, new regulations introduced by the FRC require all audit engagement leaders who sign UK public interest entity audits to be registered on the PIE Auditor Register (PAR). Our accreditation process supports our assessment of those engagement leaders registered to audit UK PIEs. As at 30 September 2024, the firm had 101 Responsible Individuals included on the PAR.
Audit risk panels are held at planning and completion stage on high-risk engagements to challenge the audit team on their key judgements and planned audit approach. These panels are held prior to key communications with audit committees and include a review of the planned communications and financial statements (including the audit report). Each panel is chaired by an audit quality partner and supported by an experienced field partner and includes key members from the engagement team as well as the Second Line of Defence reviewer. Actions coming from the panel are monitored by the panel chair and in previous years have included to delay signing, to consult further with a technical expert, to adjust the audit approach, or to challenge further the clarity of disclosures in the annual report. In a survey of engagement teams, an overwhelming majority found them a useful process for challenging and refining their approach.
Our Second Line of Defence team is a coaching function that provides challenge and support to selected audit teams to enhance audit quality. It seeks to mitigate execution risk in the most significant areas of the audit for relevant engagements by evaluating and providing feedback on both the audit approach and the clarity of audit documentation. We have continued to grow our Second Line of Defence team in the current year and to enhance the approach that is followed. Notable developments this year included:
Our Second Line of Defence reviewers provide monthly reporting to Performance Group Leaders with an assessment of the engagements they are supporting and a RAG rating of the risks facing the engagement team from a resourcing or quality point of view. The RAG rating will alert the Performance Group Leader to the need to take remedial action to mitigate any delivery risks.
For listed or high-risk entities, an independent review of their annual reports is carried out by the Department of Professional Practice prior to the audit report being signed. This review seeks to identify, and as a result resolve, instances of material non-compliance with reporting requirements and areas where disclosures are unclear or could be improved.
The final element of the pre-issuance review is, of necessity, conducted when a final draft of the annual report is available, which tends to be in the final section of the audit process. This year we have continued to develop our pre-issuance review guidance and process to further support audit teams and enhance the quality of the audit through acceleration of discussion of issues and transactions that could affect the review. We encourage audit teams to hold upfront planning discussions with their pre-issuance reviewer and encourage ongoing dialogue between the audit team and the reviewer.
For identified highest-risk engagements, pre-issuance review teams are allocated early in the audit cycle to encourage discussion of accounting and reporting matters with the reviewer throughout the course of the audit. This aims to reduce the number of issues identified late in the audit process.
In addition, we continue to encourage entities to progress their annual reports earlier to facilitate pre-issuance reviews on an earlier draft of the document. Where this is not possible, the pre-issuance reviewer can review individual disclosure notes where these are new or considered by the audit team to be higher risk.
The Emerging Issues (EI) process is a standard reporting framework which captures emerging audit quality issues, to determine and evaluate common issues identified across our technical teams, findings from internal and external quality reviews, and other external sources. The purpose of the EI process is to stay abreast of issues arising and take necessary action. Actual or potential emerging issues are identified from a number of sources including audit leadership, field auditors, the Audit Centre of Excellence (ACE) and audit quality monitoring activities (on both live and completed engagements). In addition, other potential emerging issues are identified from third party sources such as FRC announcements, press comments and other regulatory announcements. This allows us to capture an inventory of possible emerging issues, based on the activities of ACE and more widely across the audit practice. The EI process aggregates themes, prioritises them and provides mitigating responses to the audit practice in a timely manner.
The Chief Auditor presents a monthly summary discussion paper at the Audit Quality Council (AQC) for approval of the proposed actions. Root Cause Analysis (RCA) will be used to investigate selected issues where more detailed insight is needed before a response can be developed and deployed. This complements the existing RCA process focused on quality review findings.
The EI framework is designed to capture emerging issues and deliver timely responses to them. However, we recognise that, from time to time, a faster reaction may be needed. For example, issues may arise that are considered by the AQC to be of sufficient significance (i.e., they relate to a matter that audit teams more generally need to be aware of in short order to ensure audit quality) as to require a more immediate response, or an interim response while a longer-term solution is developed. These urgent escalations will either be in the form of communication in the DPP Bulletin or via an immediate communication from relevant audit leadership if an even swifter response is required.
We monitor the effectiveness of actions taken through existing monitoring processes in liaison with the action owners.
The quality of a KPMG audit rests on our SoQM and KPMG’s global approach to ISQM 1 emphasizes consistency and robustness of controls within KPMG firms’ processes.
Our key quality control processes include:
In line with the KPMG Global SoQM Methodology, KPMG in the UK conducts an iterative risk assessment process (iRAP). This continuous process, overseen by those with operational responsibility for the SoQM and the Audit Committee, looks at a range of internal and external sources to assess whether there are any additional risks relevant to the SoQM that may require the implementation of additional controls or formal inclusion of existing controls within the SoQM. Once identified, controls are subject to monitoring and evaluation activities.
Under ISQM1, we are required to evaluate the effectiveness of our SoQM on an annual basis.
KPMG Clara, our global smart audit platform, puts collaboration, workflow, analytics and automation capabilities into the hands of more than 90,000 audit professionals across the world.
In 2024 we launched KPMG Clara AI chat, our proprietary generative AI tool built on Microsoft Azure’s OpenAI service, to all UK auditors.
Following the announcement of our strategic alliance with MindBridge in May 2023, we have embedded its AI and machine learning capabilities into KPMG Clara, called KPMG Clara Transaction scoring. This capability allows us to analyse 100% of the transactions in a general ledger, enabling rapid conclusions over accounts and the identification of outliers to focus efforts on the higher risk transactions.
Internationally, KPMG is investing $2bn to embed AI and cloud technology throughout our Audit, Tax & Advisory businesses.
Our steps to progressively embed AI in the audit are geared around enhancing KPMG Clara, our global smart audit platform, which is now fully deployed across the world. KPMG Clara facilitates collaboration through a standardised use of workflow, automation and analytics to drive a consistent, data-driven digital audit across the globe. Our auditors in the UK are getting the most out of these capabilities:
Collaboration – Through real-time, secure interaction between our teams and the businesses we audit, we have more than 1,600 audit engagements using this capability to manage secure information exchange.
Automation – We are using automation to support data extraction, risk assessment, controls, and substantive testing. We have also deployed a proprietary cryptocurrency audit tool to help verify cryptocurrency holdings and transactions where these are used by the companies we audit.
Analytics – Analytics are at the heart of our work, driving a truly risk-based audit. The new transaction scoring capability builds on long-standing capabilities to analyse journal entries and other sub-ledger information.
AI will transform the future of audit – so we are continuing to make significant investments in both AI technology and training. Our Microsoft Alliance is key to this.
Emerging technology like generative AI will have a significant impact on all professional services, including audit. Our current deployment of KPMG Clara AI chat is just the first step in our generative AI journey. Over time, this capability will be integrated into KPMG Clara, along with Microsoft Copilot, creating a new, highly effective team member. It will help engagement teams effectively track and report audit progress, navigate the KPMG Clara workflow, improve documentation and deliver deeper audit insights.
AI, coupled with advanced analytics routines, will drive a more robust analysis of accounting records. This effort will deliver enhanced risk assessment and ensure our efforts are focused on the transactions that matter. We have already seen this through our deployment of KPMG Clara Transaction scoring which has been deployed to nearly 900 audits in the UK.
While we continue to invest in more seamless data extraction capabilities of our own to enable our digital audits, we are also investing in a future where AI and analytics capabilities run on our audited entities’ data environments. This means that analytics will be able to run automatically without time and effort being spent – including by the businesses we audit – on extracting data.
Our vision is that AI will not only support enhanced audit quality, but will also improve the audit experience, for the companies we audit and our own people.
We continue to invest in our central audit technology team, increasing headcount from 258 at the end of FY23 to 273 at the end of FY24. The team works closely with auditors across the business to develop and deploy the latest technology into our digital audits.
Alongside this, we have a comprehensive training and upskilling programme for all our audit professionals in new technology. For example, at our 2024 KPMG Audit University we trained all of our auditors in prompt engineering to ensure they are equipped to engage with, challenge and get the most out of KPMG Clara AI chat in a responsible way.
At KPMG, we are anticipating the technologies that can shape our near future and are driving an ambitious innovation agenda. KPMG has transformed the audit experience for KPMG professionals and clients. The alliances and leading technologies used across the global organisation are enhancing audit quality by increasing our ability to focus on the issues that matter.
Technology is at the heart of our efforts to enhance audit quality, create greater consistency and drive efficiencies in how we deliver our audits. It’s why we are making smart technology our business-as-usual mode of audit delivery – it’s simply the way a modern audit is carried out.
Matching the power of smart technology with curious and inquisitive minds and professional scepticism will enhance audit quality. We are now using our smart audit platform, KPMG Clara, on all of our audits and this is having a positive impact.
We continue to use data analytics to identify and respond to risks, ensuring our work is data-driven.
We’re also investing in a range of emerging technologies including ensuring we have solutions in place to audit the use of artificial intelligence by the companies we audit as they start to invest in new technology.
We have continued to emphasise the importance of the ecosystem in supporting high audit quality this year. This includes a continued focus from our engagement leaders on the messages from the Spring Report, published the Audit Committee Chairs’ Independent Forum (ACCIF), supporting higher quality conversations with audit committee Chairs and changes in some processes with some of the companies we audit. Effective, transparent and robust dialogue between auditors and audit committee Chairs is key to delivering a high-quality audit as assessed by our regulators. We welcome the recognition of the importance of each party playing its role by ACCIF and the FRC and will continue to work with both groups, and representatives of other firms, on future similar projects.
Throughout the year, the firm has been actively involved in the latest Audit and Corporate Governance reform developments. This includes engaging with and responding to consultations and calls for evidence from the FRC and the Department for Business and Trade. In particular, this has included providing our feedback on revisions to the UK Corporate Governance Code which introduce a provision for boards to make a statement about the effectiveness of their material internal controls.
We were pleased to see the Draft Audit Reform and Corporate Governance Bill announced in the King’s Speech in July 2024. The creation of the new regulator ARGA (the Audit, Reporting and Governance Authority) with statutory powers to regulate across the boardroom will have a positive impact, supporting well-functioning financial markets, business investment and growth. In our view, the outcome of the legislation should be proportionate, ensuring that the UK remains an attractive destination for business, investment and talent, as well as maintaining the UK’s position as a leading provider of professional services. We are committed to working closely with the corporate reporting ecosystem as the draft legislation is developed.
The CPIA was established during the year, bringing together leaders from across the profession as a single, standalone voice to support reform, shape best practice in UK public interest entity audit and challenge the status quo. As a firm, we are supportive of the CPIA and have been part of the initiative to establish this entity. An Audit partner from KPMG is also a member of the CPIA Board .
Our Audit Committee Institute (ACI) helps audit committee members enhance their awareness, commitment and ability to implement effective processes – with a view to contributing positively to the long-term sustainability of UK plc.
With financial reporting, compliance, risk and internal control environments being put to the test by an array of challenges – from global economic volatility and the wars in Ukraine and the Middle East, to cybersecurity risks and ransomware attacks, and preparations for climate and sustainability reporting requirements – our audit committee seminars and thought leadership have covered a wide range of topics. Of particular note have been our discussions around the government’s audit and corporate governance reform agenda, ESG, Gen AI, cyber security and financial crime; with our seminars on corporate culture and the science behind why people commit financial deception being particularly well received. Thought leadership highlights have included a comprehensive toolkit for audit committee members, and our seminal papers ‘On the Audit Committee Agenda’, ‘ESG for audit committees’, and ‘Oversight of Gen AI’.
The ACI in the UK now has around 2,354 (2023: 2,277) members across both the private and public sectors. 53 FTSE 100 companies (2023: 56) have engaged with the programme through the active attendance of one or more board members. The audit committee chairs of 71 FTSE 100 companies (2023: 6174) are members – receiving our thought leadership, guidance, updates and surveys.
High-quality information and effective governance are an essential foundation for strong capital markets. KPMG’s Investor Insights programme has been set up to facilitate communication between auditors, who provide vital assurance over financial statements issued to the markets, and investing shareholders, who rely on that assurance.
Our programme aims to:
The programme is sponsored by the Audit Executive, reports to (and is challenged by) our Audit Board and Public Interest Committee, and is delivered with the support of some of our most experienced audit partners. We have continued to extend our engagement with investors and investor organisations to better understand their needs and inform how we can best respond.
We have held meetings and events to better understand views on topics of mutual interest such as governance (including the FRC’s revisions to the UK Corporate Governance Code), reporting and sustainability matters. We also shared insights on how audits are performed, how to interpret audit reports and the journey to ESG assurance. This dialogue has generated valuable insight into how audit and assurance might need to change to meet the evolving needs of users of corporate reporting.
We believe engagement between key stakeholders across the ecosystem is essential and invite investor representatives to speak at our Board Leadership Centre events to promote dialogue with Non-Executive Directors. Our Independent Non-Executives and Audit Non-Executives also attend some of our events and we ensure there is ongoing dialogue between the investment community and our leadership.
We greatly value the insight and challenge provided by investors over the course of this year and encourage investors to continue to engage with us as we help shape the future of audit.
To find out more about our programme, our publications and how to get in touch, visit our Investor Insights website.
ESG in audit and assurance
Investors continue to be very focused on developments in the ESG agenda, and in particular sustainability and climate risks and how their impact is being reflected in financial statements. We continue to engage with the investor community to better respond to calls for additional transparency in our audit reports and discuss how material climate risk exposures are factored into our audit process. We include insight into our assessment in the long form audit report of every FTSE 350 company.
Increases in the demand and requirement for ESG assurance in global markets continue at pace. We have a dedicated ESG Assurance team working closely with Audit teams, providing additional assurance over KPIs that are of greatest interest to investors. In addition to the voluntary assurance that companies are seeking, we have been assuring European market Corporate Sustainability Reporting Directive (CSRD) disclosures for the first time this year.
As a leading professional services firm, we recognise the importance of engaging with politicians, policy makers and our regulators on issues of importance to business and society. We are committed to ensuring that our political engagement is based on principles of transparency, integrity and accountability, and we maintain a position of political neutrality at all times. We have a firm-wide political relationships and activity policy that all colleagues must comply with to ensure we demonstrate best practice at all levels of engagement.
Further details of our approach to political engagement can be found here.
We have a monthly online news publication, Talking Audit, that supports the cascade of progress and updates aligned to our strategic priorities for Audit (Empowering Our People, Delivering Sustainable Quality, Supporting Seamless Delivery, and Maintaining Robust Growth). We have continued to shape our communication around our Audit of the Future vision, all of which underpins our ambition to become the most trusted firm.
Cath Burnet, Head of Audit, shares practice and firm-wide updates via a monthly video, and we spotlight leaders and colleagues to drive further engagement across topics and teams.
We share a cascade pack tri-annually (‘Team Talk’), providing leaders with all of the information they need to share updates in a way that best suits their team’s needs. We continuously seek and evaluate feedback to allow us to enhance our communication strategy and outputs.
Our Audit people stories, ‘Life Accounts’, are published monthly online. They explore the variety of roles and career paths within the practice, helping bring to life our approach to supporting inclusion, diversity and equity and our High Challenge, High Support culture. We also publish ‘win’ stories in online article format to celebrate our Audit successes and share learnings.
Another way in which we engage colleagues with our progress is via the Audit Progress Dashboard, which is published quarterly. The dashboard includes metrics showing the progress we are making against our four strategic priorities.
To ensure leadership are informed on topical updates (from economic, regulatory and governance issues to strategy, quality and people matters), monthly calls for the Audit partner and director population are hosted via Teams, including the opportunity to ask questions and discuss complementary key messages and actions.
We also host an annual ‘Audit Connect’ event (alternating between in-person and remote) for Audit partners and directors where we look back on progress, share successes and learnings, and galvanise leaders around the strategy and opportunities for the upcoming year.
A regional roadshow schedule for colleagues at all levels further supports both leadership visibility and the ability for colleagues to have open and honest dialogue in an informal face-to-face setting with leaders.
Finally, we keep our Audit people manager population updated on all planned communications via a weekly email to prepare them and enable them to engage their individual teams with communications when it’s most relevant and timely.
We recognise that another important contributor to upholding audit quality is to obtain and promptly act upon feedback from key stakeholders.
Effective communication is critically important, both externally to key stakeholders and internally to staff and audit teams.
External communication audiences include our regulators through reporting and regular dialogue, as well as investors and other interested parties primarily via our audit reports. We also communicate with the entities we audit through two-way channels. Confidentiality, information security and privacy are also essential concerns that we take extremely seriously.
Wider communication to all stakeholders who may take an interest in our business is a growing priority too – as evidenced by the time and resource we commit to our public reporting via this Transparency Report and other reports linked to our Annual Review, such as our: Planet Impact Report; Community Impact Report; Pay Gap Report; Partner Diversity Report; Climate, Energy and Carbon Report; and our Members’ Report and Financial Statements. This is all hosted on Our Impact, which is the home for all of KPMG in the UK’s corporate reporting.
Strong internal communication is also key, to ensure that our people know what is expected of them, how the practice is performing, and priorities moving forward – and also to give our staff a mechanism to have their views and feedback heard by audit leaders. Annually, all KPMG colleagues are invited to participate in KPMG’s Global People Survey, to share their perception on their experience of working at KPMG. Each member firm is responsible for taking appropriate actions to communicate and respond to its findings.
These are crucial attributes for anyone connected to Audit.
The Quality control and risk management section explains the processes and controls we have in place to ensure we meet the standards required.
Auditor independence is a cornerstone of international professional standards and regulatory requirements.
As described in the Quality control and risk management section, we have adopted the KPMG Global Independence Policies which are derived from the IESBA Code, and, in the UK, supplement them with other policies to ensure compliance with the FRC’s 2019 Ethical Standard.
These policies and processes cover areas such as firm independence, personal independence, firm financial relationships, employment relationships, partner rotation, and approval of audit and non-audit services.
Compliance with laws, regulations and standards is a key aspect for everyone at KPMG. In particular, we have zero tolerance of bribery and corruption.
We prohibit involvement in any type of bribery – even if such conduct is legal or permitted under applicable law or local practice. We also do not tolerate bribery by third parties, including by the entities we audit, our suppliers or public officials.
More about KPMG lnternational’s position and policies on anti-bribery and corruption can be found on the anti-bribery and corruption site.
