Under the FRC’s Audit Enforcement Procedure (AEP), Grant Thornton UK faces financial sanctions that include £1.1 million for failures during the 2016 audit and nearly £200,000 for problems that occurred during the 2018 audit. This amounts to total fines of £1.3 million ($1.55 million). The original fines were in excess of £2 million ($2.4 million), but were reduced due to mitigating factors and admissions.
Non-financial sanctions against Grant Thornton UK for the 2016 audit failures require the firm to report to the FRC on “whether changes made to its audit methodology are resulting in a better exercise and documentation of an audit team’s judgement regarding key audit matters.”
Regarding the 2018 audit, Grant Thornton UK must “undertake thematic reviews and report to the FRC as to the efficacy of enhancements it has introduced regarding the audit of inventory provisions of retail entities and the use of audit data analytics to audit revenue.” Furthermore, GT received a “severe reprimand” for both audits and a declaration that the audit report for 2016 and 2018 did not satisfy relevant regulatory requirements.
Individual Sanctions
The FRC also imposed financial and non-financial sanctions against Philip Westerman, a former Grant Thornton UK partner. Westerman faces financial sanction of £110,000 (US$108,000), reduced to the equivalent of $96,000 for early admissions. For non-financial sanctions, Westerman received a “severe reprimand” concerning both audits.
The FRC noted its action concerned only GT and Westerman, not Sports Direct. Furthermore, the FRC stated it didn’t make any finding as to whether the 2016 and 2018 financial statements “failed to provide a true and fair view and/or contained material misstatements. In particular, executive counsel does not make a finding as to whether there was, in fact, a related party transaction.”
Compliance Failures
According to the FRC, the findings concerned “basic and important requirements…designed to ensure the quality and effectiveness of an audit.” Consequently, both the 2016 and 2018 audits “failed in their principal objective of providing reasonable assurance” that the financial statements for these financial years were “free from material misstatement,” the FRC stated.
The FRC found “serious failings” by GT and Westerman in the conduct of the 2016 audit “concerning their assessment as to whether SDI’s financial statements contained the necessary disclosures to draw attention to the possibility that its financial position may have been affected by its relationship with Delivery Company A, whose name was not disclosed.
While Grant Thornton UK and Westerman identified related parties as an area of significant risk, they failed to treat with professional skepticism management’s assertion that Delivery Company A was not a related party of SDI.
Audit Lessons
Others can learn from the compliance failures of Grant Thornton UK and Westerman, including the following called out by the FRC:
- Failure to obtain audit evidence commensurate with the level of risk: The evidence obtained was insufficient for the respondents to reach a reasonable conclusion as to the appropriateness of the related parties disclosure.
- Failure to evaluate whether the overall presentation of the relationship between SDI and Delivery Company A in the financial statements met reporting requirements: In so far as the respondents did consider these issues, they failed to document their consideration, conclusions, and audit evidence.
- Failure to adequately communicate significant risks that were identified: Related parties were identified as a significant risk, but the respondents failed to adequately communicate this to those charged with governance before the 2016 financial statements were finalized.
For the 2018 audit, failures in the respondents’ audit work related to two specific areas of the audit: inventory provisions and website sales revenue. The inventory provision in 2018 was 162.2 million pounds and an increase on the previous audit year. It was a highly material amount.
“Website sales was the second largest area of revenue for SDI in 2018, accounting for 20 percent of total revenue,” the FRC stated. Grant Thornton UK and Westerman identified both as areas of “significant risk” in the 2018 audit.
“The respondents failed to obtain sufficient appropriate audit evidence, evaluate whether information provided by SDI was sufficiently reliable, or to prepare sufficient audit documentation commensurate with the risk in relation to these two areas of the audit,” the FRC stated.
FRC did not assert that these breaches resulted in the financial statements for either 2016 or 2018 being materially misstated. According to the FRC, the breaches were limited to discrete areas of each audit.
“The audit failings in this case were serious and relate to fundamental auditing standards,” stated FRC Deputy Executive Counsel Jamie Symington. “It is particularly important that auditors follow up with due rigor where they have identified potential related party transactions as a significant audit risk.”
“Auditors must adopt a mindset of professional skepticism and exercise good judgment based on sufficient and properly documented evidence,” Symington added. “The package of financial and non-financial sanctions imposed by the FRC on the auditors in this case will help to drive improvements at the firm and the wider industry.”
Jaclyn Jaeger is a contributing editor at Compliance Chief 360° and a freelance business writer based in Manchester, New Hampshire.