Auditing

Developments 

Due to the special requirements for auditors that audit public interest entities, the distinction between audit firms that audit such entities and other audit firms gets more pronounced. At the end of 2021, ten audit firms audited public interest entities. 
 
The largest audit firms have a predominant market position in terms of statutory audit fees. There are nevertheless a number of small audit firms, although the number of firms with just one statutory auditor has fallen in recent years. Technological developments and their bearing on the auditing work are a key issue, especially in the major international audit networks.  
 
Throughout 2021, the audit firms' activities and conduct of audits were still directly and indirectly influenced by the Covid-19 pandemic through their audit clients.

Supervision, monitoring and control 

Finanstilsynet’s supervision of auditors comprises licensing of individuals and firms, registration and supervision of statutory audit work. Finanstilsynet oversees that auditors maintain their independence and perform their work in a satisfactory manner and in compliance with law and good audit practices. Moreover, Finanstilsynet supervises the firms’ compliance with the anti-money laundering legislation.

Periodic quality assurance reviews

According to the Auditors Act, auditors and audit firms that audit public interest entities shall be subject to periodic on-site inspections at least every three years. These inspections are conducted by Finanstilsynet. Other auditors and audit firms are to be reviewed at least every six years. These reviews are conducted by the Norwegian Institute of Public Accountants (DnR) for members and by Finanstilsynet for non-members. Guidelines have been drawn up for DnR’s quality control of its members and for how DnR should relate to Finanstilsynet's supervisory responsibility. According to the guidelines, DnR shall refer the matter to Finanstilsynet if it identifies circumstances that may prompt revocation of an auditor’s licence. On account of the Covid-19 pandemic, DnR agreed with Finanstilsynet not to carry out quality assurance reviews in 2020. Reviews that should have been conducted in 2020 took place in 2021.  
 
In 2021, Finanstilsynet carried out four periodic inspections. Not all of these inspections have been finalised. Two of the audit firms that were reviewed have taken on audit engagements for entities which entail that the audit firm is also subject to periodic quality control by the Public Company Accounting Oversight Board (PCAOB) in the United States. The inspections were conducted jointly with the PCAOB.  

Other supervisory matters

As part of a joint thematic inspection of selected issuers admitted to trading on Euronext Growth Oslo, the audits of these companies were reviewed. This involved three large and one small audit firms. The audits were generally of satisfactory quality, but there were serious deficiencies in the audit carried out by one of the audit firms that was reviewed. The high audit quality was partly attributable to the fact that the three large audit firms in the selection applied the same audit procedures and principles as they would have if the companies had fallen under the definition of public interest entities in the Auditors Act. In addition, the audit teams had representatives with experience from auditing listed companies. The chosen approach must be viewed in light of the fact that most companies admitted to trading on Euronext Growth Oslo plan to seek admission on a regulated market on a later date.  
 
Other supervision is carried out on the basis of Finanstilsynet’s risk assessments, where notifications of possible audit deficiencies are a factor in determining the type of supervision to be implemented.  
 
In 2021, Finanstilsynet registered 63 notifications of possible audit deficiencies from DnR, the tax authorities, bankruptcy administrators, the police and others. Media entries or matters identified by Finanstilsynet in other supervisory areas may also indicate audit deficiencies. All reports are reviewed and assessed for further follow-up by Finanstilsynet. Matters that are not followed up by on-site inspections or some other form of closer control, are likely to conclude with the auditor being asked to conduct a self-evaluation, identify any deficiencies and correct these in future audits. Finanstilsynet informs the auditor that the evaluation and possible measures must be documented, and that these cases will be reviewed by the authority in connection with future inspections. 
 
A total of 31 notifications were followed up in 2021. In 24 of these cases, the auditor was asked to explain how a particular audit engagement was conducted and present audit documentation showing that the auditing was in compliance with good audit practices. 15 of the reports prompted ad-hoc on-site inspections. Finanstilsynet also sent five notifications to audit firms, asking them to carry out a documented self-evaluation of the reports received. 
 
Some of the inspections in 2021 have yet to be finalised. The most serious instances of non-compliance were that the auditor took on assignments that should not have been accepted, continued client relationships that ought to have been terminated and failed to obtain sufficient and appropriate audit evidence as a basis for the issued audit report. The most serious findings concerned audits of revenues and valuations (estimates). This also applied to auditing of public interest entities, including financial institutions. In order to properly perform the role as a representative of the general public, it is important that the auditor demonstrates professional scepticism to management’s assessments in connection with the performance of the audit and change of auditor. In December 2021, Finanstilsynet published an updated circular providing guidance on the auditor's acceptance and continuation assessments.  
 
The thematic inspection addressing auditors’ compliance with the AML legislation, initiated at year-end 2019, was completed in 2021. The inspection encompassed eleven firms and revealed deficiencies in the audit firms’ implementation of business-specific risk assessments and establishment of procedures. A number of the inspections revealed inadequate compliance with requirements for risk classification of customers, internal training and identification of circumstances indicating that funds could be used for money laundering or terrorist financing. Finanstilsynet imposed administrative fines on ten of the audit firms subject to the thematic inspection. The fines ranged from NOK 75 000 to NOK 400 000.

Revocation of auditors’ licences 

	2017	2018	2019	2020	2021
State-authorised auditors	0	0	3	0	3
Registered auditors	2	2	2	0	0
Audit firms	0	0	1	1	0

Matters referred to the Board of Appeal for Audit and Accounting Matters

In 2021, no matters concerning auditors were considered by the Board of Appeal for Auditors and Accountant Matters.

Licensing

Number of licensed auditors and audit firms as at 31 December 2021
A new Auditors Act in effect from 2021 introduced new types of licences in the audit area. This means, among other things, that only licences as a state authorised auditors are granted. As from 2021, registered auditors qualify as state authorised auditors. The were a total of 8 417 state authorised auditors as at 31 December 2021. 
 
Pursuant to the new Act, the auditor's auditor register number is allotted in connection with the authorisation as a state authorised auditor. During a transitional period, not all state authorised auditors are allowed to carry out statutory audits. This applies to 6 665 state authorised auditors.
 

	2017	2018	2019	2020	2021	Licenced in 2021
State-authorised auditors	4 233	4 326	4 476	4 658	8 417	284
Registered auditors	3 574	3 607	3 652	3 707	-	-
Of which statutory auditors	1 532	1 519	1 541	1 508	1 752	-
Audit firms	447	447	458	461	458	21

Finanstilsynet grants authorisations as state authorised auditors. In order to be authorised, the auditor must complete a practical test. In 2021, 520 candidates enrolled for, and 506 passed, the test. Eleven candidates failed the test, while three candidates chose either not to go through with the test or withdrew during the process.

Regulatory development 

The new Auditors Act which, among other things, implements the EU Statutory Audit Directive and the EU Statutory Audit Regulation, was adopted by the Storting (Norwegian parliament) on 20 November 2020. The Act entered into force on 1 January 2021.  
 
The Ministry of Finance adopted new framework regulations to the Auditors Act on 17 December 2021. On 16 December 2021, Finanstilsynet adopted amendments to the regulations on risk management and internal control, which means that audit firms are covered by the regulations in accordance with the requirements of the new Auditors Act.  
 
In 2021, Finanstilsynet was involved in preparing consultative statements submitted by the CEAOB (Committee of European Auditing Oversight Bodies) and IFIAR (International Forum of Independent Audit Regulators) to international standard-setters within auditing.