Ülevaatus – kümneaastane edulugu

Käesolevaga avaldame Märt-Martin Arengu poolt Soome audiitorite ühenduse palvel kirjutatud artikli ülevaatustest Eestis (LINK).

Review engagements in Estonia – the story so far

Starting a few years before 2010, the Estonian Ministry of Finance, together with the Estonian Auditors’ Association began looking for ways to introduce relevant EU directives and regulations into Estonian law, which required the compulsory use of ISA’s when providing assurance services. During this time it was considered that on the one hand, providing full ISA audits to all small- and medium sized Estonian companies might be an overkill, while at the same time it was obvious that the share- and stakeholders in the small-medium size company sector still require and value an outside expert’s view, some assurance on the financial statements of such companies. Such a realisation was supported by auditors who saw this as an opportunity to continue their co-operation with small- and medium-sized firms while providing them a more relevant service. This is how the novel idea of introducing the compulsory review of small- and medium sized companies’ financial statements came about in Estonia.

Of course, any decision to provide some assurance would have been difficult to implement, had it not been for the International Standard on Review Engagements 2400 (ISRE 2400), developed by IFAC. Luckily this was a perfect fit for the wishes of Estonian decision makers – it’s closely related to ISA’s, but it is significantly shorter, a stand-alone standard that can be used to provide negative assurance – “based on our review, nothing has come to our attention that causes us to believe that these financial statements do not present fairly, in all material respects, the financial position of Company x as at Date…”.

Relevant legislation change took effect on 8th of March, 2010. This meant that all financial statements that were submitted after that date had to be checked against certain criteria when deciding, whether such companies should be audited, reviewed or neither of the services would be necessary. The criteria has been changed somewhat over the years, in the direction of raising both the minimum threshold for reviews; however, as the minimum thresholds for audits has also been raised, this has extended the upper thresholds of reviews (see graph). The financial thresholds are the main criteria to consider, however, there are some other criteria as well: type of company and in some cases also the number of shareholders. Also, it is relevant to mention that it has been always permitted to perform an audit instead of a compulsory review.

How has this change been met by Estonian businesses and auditors? Before looking at the review numbers and feedback from the business community, it is relevant to mention another key change that was done back in 2010, which has greatly facilitated both the effective preparation and submission of financial statements and auditor’s reports as well as performing both quantitative and qualitative analysis on those statements and reports. Together with the introduction of the review service, the compulsory use of ISA’s and ISRE 2400, an online Company Registration Portal was created. The name can be somewhat misleading – it is not only meant for company registration, but also allows as well as requires it to be used when preparing and submitting financial statements. This requirement applies to all Estonian companies, regardless whether they are audited/reviewed or not. It provides a standardised format for the preparation of financial statements that is the only way financial statements can be prepared and submitted to the registry (there are some minor exceptions, but we won’t go into small details here). With the introduction of this portal the accounting behaviour in Estonia greatly changed – all various forms of Word- or Excel-based financial statements disappeared and wereg replaced by a single format for financial statements. For some accountants it initially meant additional work, but most companies are now using such accounting software, which allows for export of an XBRL-standard financial statements that can be imported to the portal, thus automatically preparing the financial statements there.

The reason why the portal is important to describe in such lengths here is that as it (the portal) became the one and only method of submission of financial reports to the registry, the preparation and submission of auditor’s reports was also incorporated in the portal. This means that (unfortunately) Estonian auditors no longer get to use their Parker pens, but have to contend with verifying their auditor’s reports with their digital signature – another unique feature in the Estonian business environment, which goes back to the beginning of the 2000’s. Basically it means that with the use of either a special, personalised ID-card or mobile-ID, any person can give a legally binding signature in a digital format, which applies at least throughout the EU.

Now that we have described both the online submission and the electronic signature, which are both instrumental in understanding the Estonian audit and accounting practices, let’s turn our attention back to the review – one thing is to design things on paper (and in laws), another is, whether they really work. In the Estonian case we can say that this has been a well-received service, both in the business community, among Estonian auditors and even the legislator.

Let’s look at the numbers. As 2010 was not a full year for reviews (as the legislation change was adopted mid-season), let’s take 2011 as the base year. In that year, 2144 reviews were carried out. To put that into context, the number of audits in 2011 was 7973. As both the audit and review thresholds have been raised since 2010, as well as the economy growing, the numbers in 2018 were the following: 2746 reviews and 5027 audits. As some of the smaller companies are chronically late with their submissions, it can be expected that the number of reviews will eventually grow close to 3000, while the number of audits should remain below 5100. So starting with a ratio of 3,7 audits to every review in 2011, we have now reached a situation of 1,7 audits for every review.

The business community has accepted the review service very well – small- and medium-sized companies that are traditionally run by an owner-manager, still get to see a qualified professional annually, they get feedback and advice on their numbers and the stakeholders of such companies get some assurance that the numbers the company is reporting are a fair indicator of their financial performance and capabilities. At the same time, the auditors are really valuing the opportunity of performing a less standardised/regulated risk-based engagement, which does not focus as much on tests of details and checklists, as it does on performing a good quality risk assessment and dealing with the identified risks in an analytical manner, in discussion with the management, while at the same time having the possibility (and the knowledge) of performing audit-like procedures, if the issues encountered so require.

To sum up – the Estonian experience of introducing the audit service has been a success for all relevant parties. The businesses like it, as it is a somewhat less-demanding service, while still providing assurance from a highly skilled professional. The stakeholders like it, as it has kept the level of assurance available in the marketplace higher than it would be without the service (if only audit with its threshold would exist). The auditors like it, as it reminds them of why they wanted to become auditors in the first place – to provide assurance to the market and customers with minimum fuss. The regulator likes it, as they feel good about making the right choices back in 2008-2010. And even the Latvians like it, as they adopted the same model of audits for bigger companies, reviews for small- and medium-sized companies a few years ago.