A new Code of Ethics was adopted at the XXII INCOSAI in Abu Dhabi. The new Code responds to needs of the current public auditing environment.
WHY DO WE NEED OUR OWN CODE OF ETHICS?
Ethical behavior is of key importance to Supreme Audit Institutions (SAIs) in establishing a positive reputation and building trust with stakeholders. A code of ethics provides SAIs (and staff) a set of values and principles to guide behavior. Since the environment of public sector auditing often differs from that of the private sector, the international SAI community requires a dedicated code of ethics that incorporates guidance on how to embed values and principles into daily work, as well as particular situations.
The first International Organization of Supreme Audit Institutions (INTOSAI) Code of Ethics was adopted at the XVI Congress in Montevideo in 1998. INTOSAI regularly evaluates pronouncements to ensure needs are met and current challenges are addressed, and ISSAI 30: INTOSAI Code of Ethics came under such review some 15 years after the original code’s adoption.
OUT WITH THE OLD, IN WITH THE NEW
The entire INTOSAI community provided input through an online survey, where SAIs were asked whether the extant Code of Ethics was in need of a revision to ensure relevancy, and, if so, what directions should such revisions take. Results showed a desire for the Code to be updated as to create more useful, more relevant standards for SAIs. A large majority of replies indicated that the Code should include provisions, more detailed guidance and good practice examples.
A team composed of SAI representatives from Albania, Chile, Hungary, Indonesia, Kuwait, Mexico, Namibia, the Netherlands, New Zealand, Poland (Team Leader), Portugal, South Africa, the United Kingdom, the United States and the International Ethics Standards Board for Accountants (IESBA) united to develop this new Code.
Following the Due Process that establishes INTOSAI pronouncement revision principles, the Team developed a draft that was exposed for public opinion from November 1, 2015 to February 1, 2016. During the exposure period, which provides a unique opportunity for all INTOSAI members, partners and stakeholders to voice opinions and present suggestions for changes, the Team received nearly 300 comments, many of which were used to amend the draft. Commentary analysis represented quite the challenge, as the Team had to satisfy two opposing needs: (1) some SAIs required more detailed definitions, examples and solutions, and (2) the document had to be universal—applicable to all INTOSAI members globally.
The current Code incorporates universality along with specific application suggestions and ready-made practical solutions. With its new approach and structure, the Code responds to the needs of the SAI community, expressed first in the survey and later during the exposure period.
THE NEW CODE’S FUNDAMENTAL ETHICAL VALUES
In the revised INTOSAI Code of Ethics, ethical values are the concepts of what is important, what should drive decisions for the organization and staff.
There are five defined values for SAIs:
- Integrity—to act honestly, reliably, in good faith and in the public interest
- Independence and Objectivity—to be free from circumstances or influences that compromise (or may be seen as compromising) professional judgement and to act in an impartial and unbiased manner
- Competence—to acquire and maintain knowledge and skills appropriate for the role and to act in accordance with applicable standards and with due care
- Professional Behavior—to comply with applicable laws, regulations and conventions and to avoid any conduct that may discredit the SAI
- Confidentiality and Transparency—to appropriately protect information, balancing this with the need for transparency and accountability
While they don’t stray too far from the Code of 1998 and are almost identical to values comprised in ethical codes of several other organizations, when compared to those provided during the survey and exposure periods, there is one distinction—the wording of the last value.
Prior to the release of the new version, the value labeled “Confidentiality” created a fair amount of controversy, as some SAIs voiced concerns that, for many, transparency may prevail over confidentiality.
Taking into consideration both views, the value was modified to the present label “Confidentiality and Transparency” along with a definition that reflects the need to balance the two concepts. The modification did not result in major changes to the Code’s contents as the issue of transparency was emphasized at the document’s onset, both at the level of requirements and practical application guidance.
THE NEW CODE’S SAI INCLUSION
The main difference between the new version of the Code and that of 1998 is the inclusion of the SAI perspective (as an organization) alongside the perspectives of individual staff members, auditors and non-auditors alike. This incorporation is aimed at identifying and emphasizing SAI responsibilities with regard to ethics, since individual ethical behavior depends not only on the individual, but also the environment within which they work.
SAIs play a large part in establishing the ethical culture for the organization, particularly to ensure staff are not left unaided to deal with ethical dilemmas. The Code’s section, “Overall responsibilities of Supreme Audit Institutions,” addresses this issue by listing ethical requirements SAIs should achieve, including promoting an ethical culture, setting the tone and leading by example; and implementing an ethics control system to support ethical behavior and address breaches of ethical values. This set of requirements serve as a checklist against which the actual functioning of a SAI can be assessed and areas for improvement can be identified.
Another novelty of the new code is the document’s structure. The preamble is followed by a list of the fundamental values and definitions and a portion dedicated to SAI requirements. There are also segments dedicated to each fundamental value. Within each of these sections, ethics-related requirements are defined separately for SAIs and staff, and auditors and non-auditors, respectively. The sets of requirements, which have been clearly differentiated through the language (with the use of the modal verb shall) and graphical presentation are followed by “application” areas that focus on practical guidance to implement the previously listed requirements. These, too, are divided into groups for SAIs as organizations and SAI staff.
SAIs are now encouraged to develop or adopt a code of ethics and an appropriate ethics control system to implement it. However, as stated in the Preamble, No code can address all ethical circumstances that will arise in practice. Accordingly, the Code is written at a principle level. SAIs and their staff should apply their professional judgment to the circumstances they encounter and follow the relevant requirements set out in this Code.