Professional Ethics and Independence in Practice

Learning objectives

By the end of this chapter, you should be able to:

• Explain the core ethical principles that underpin audit work and apply them to common engagement scenarios.
• Recognise the main threats to independence and select safeguards that reduce those threats to a defensible level.
• Analyse confidentiality dilemmas and determine when disclosure is permitted, restricted, or required.
• Distinguish clearly between independencein judgementand independencein credibility, and explain why both matter to audit confidence.
• Record ethics and independence decisions using a structured approach that supports quality control and accountability.

Overview & key concepts

Ethics and independence are conditions for an audit opinion to be trusted. Technical competence is necessary, but it is not sufficient if judgement is biased, influenced, or seen to be influenced.

A practical way to think about independence is to apply two tests:

• Judgement test(often called independence “in fact”): Can the audit team challenge management and reach conclusions based only on evidence, without being pulled off course by self-interest, relationships, or pressure?
• Credibility test(often called independence “in appearance”): If the key facts (fees, gifts, non-audit work, personal ties) were explained to a neutral outsider who understands auditing, would the audit opinion still look trustworthy?

The second test matters because audits exist to build confidence for users who are not present during the work. Even where the team believes it can remain impartial, circumstances that look compromising can damage confidence in the audit outcome.

Jurisdictional rules in practice

Many professional study syllabuses teach ethics using a conceptual threats-and-safeguards approach. In real engagements, auditors must also follow the specific ethical and independence requirements that apply in their jurisdiction and under local law. These rules can be more restrictive than the general framework, and restrictions are typically tighter for listed entities and other public-interest engagements.

Core ethical principles

Ethical principles guide day-to-day decisions and set boundaries on what is acceptable. They can be summarised as:

• Integrity: acting honestly and straightforwardly, and refusing to be associated with information you believe would mislead users.
• Objectivity: reaching conclusions through evidence and balanced judgement, not through personal benefit, relationships, or pressure.
• Professional competence and due care: keeping knowledge and skills current and applying them carefully so work meets appropriate quality expectations.
• Confidentiality: protecting information obtained through professional work and not using or disclosing it improperly.
• Professional behaviour: complying with relevant laws and regulations and avoiding actions that would undermine trust in the profession.

Ethical issues often arise as “small” requests or gestures—hospitality, urgent help with drafting, informal conversations with third parties. Small exceptions can quickly become a pattern, which is why consistent decision-making and documentation matter.

Threats to independence

Independence risks tend to fall into five categories. In practice, threats frequently overlap, and a single fact pattern may create multiple threats that should be addressed together.

Self-interest threat

A risk that personal benefit (financial or otherwise) could influence the auditor’s judgement. Examples include fee dependence, gifts, overdue fees, contingent outcomes, or the prospect of future paid work from the client.

Self-review threat

A risk created when the auditor evaluates work that the auditor or the auditor’s firm produced earlier—such as drafting financial statements, preparing accounting records, or building a valuation model that will later be audited.

Familiarity threat

A risk that closeness—through long association or personal relationships—reduces professional distance and weakens challenge.

Intimidation threat

A risk that pressure (explicit or implied) discourages the auditor from acting objectively, such as threats of replacement, complaints, or attempts to negotiate findings.

Advocacy threat

A risk that the auditor is drawn into promoting or defending the client’s position, for example in disputes, negotiations, or public-facing support.

Safeguards

Safeguards are practical actions that change the situation so judgement is protected and the audit remains credible. A safeguard is only useful if it genuinely reduces the risk; if it does not, refusing the request or withdrawing from the engagement may be the appropriate outcome.

Common safeguards include:

• refusing or returning gifts and hospitality that could be viewed as influential
• removing individuals from the engagement where relationships or conflicts exist
• rotating senior personnel or restructuring the team
• using an independent quality review by an experienced person not involved in the engagement
• separating teams and responsibilities where permitted non-audit services are provided, with clear boundaries and robust review
• escalating concerns to appropriate internal contacts and, where relevant, to those charged with governance
• declining requests that create an unmanageable self-review or advocacy risk

Fee dependence in particular

Fee dependence increases self-interest risk because it can create (or appear to create) an incentive to retain the client. While a dependence level such as 18% is commonly treated as significant in principle, some jurisdictions also set explicit thresholds or mandatory actions once defined percentages are exceeded—often stricter for public-interest engagements.

In practice, definitions and thresholds may refer to audit fees, total fees (audit plus permitted non-audit), multi-year patterns, group situations, and public-interest status under local rules.

Non-audit services and management responsibilities

Assisting a client with accounting or financial statement preparation can create self-review risk. Even where assistance is permitted, the auditor must not take on decisions that belong to management. Management must remain responsible for the accounting records, key judgements, and the approval of the financial statements.

For some entities (especially public-interest engagements), certain non-audit services are prohibited regardless of safeguards, so the correct response is refusal rather than attempting to “manage” the risk.

Confidentiality

Confidentiality means protecting information obtained through professional work and not disclosing it to third parties without proper grounds. This includes avoiding informal disclosures and “helpful hints” that indirectly reveal sensitive information.

Confidentiality is not absolute. Disclosure may be required or permitted in some situations—such as a valid court order, a lawful regulatory request, or specific legal reporting obligations (for example, certain suspicious activity reporting regimes). Whether reporting is required depends on local law and regulation; when in doubt, consult the firm’s ethics/legal function and document the advice received.

Client consent helps, but it does not override legal restrictions; equally, client refusal does not prevent disclosure where law requires it.

When disclosure is justified, the auditor should:

• Validate the basis first(legal power, written consent, or a specific reporting duty).
• Define the boundary in writing(what will be shared, with whom, and why) before sending anything.
• Disclose the minimum neededto meet the purpose, using secure channels.
• Escalate and record: who approved, what was disclosed, and how the scope was controlled.

Core theory and frameworks

A practical ethics triage for audit teams

A repeatable structure reduces “on-the-spot” rationalisation and helps produce clear documentation.

1. Name the decision
2. What exactly are you being asked to do, accept, or disclose?
3. Map stakeholders and public-interest impact
4. Who could be harmed if judgement weakens or confidence is lost (investors, lenders, employees, regulators, the firm)?
5. Pin down the facts that matter
6. Value, timing, relationships, who benefits, alternatives available, and any history of similar issues.
7. Identify the ethics pressure point
8. Is this mainly about integrity, objectivity, competence, confidentiality, or professional behaviour?
9. Classify the independence threat(s)
10. Self-interest, self-review, familiarity, intimidation, advocacy—often in combination.
11. Choose controls that genuinely change the risk
12. Refuse/return, remove individuals, separate teams, independent review, escalate to governance, or withdraw.
13. Write it so a reviewer can re-perform your thinking
14. Facts → threat assessment → actions taken → conclusion → who approved.

Structuring strong written answers

When responding to scenario-based requirements, a reliable structure is:

• Name the threat
• Explain why it arises in the scenario
• Link to the credibility test(how it would look externally)
• Propose a safeguardthat changes the risk in a practical way
• Conclude: accept with safeguards / decline the request / withdraw if necessary

Worked example

Narrative scenario

ABC Auditors is engaged to audit the financial statements of XYZ Ltd, a medium-sized manufacturing company. During the engagement, the following events occur:

1. The finance director offers the audit senior tickets to a major sporting event as a “thank you”.
2. XYZ Ltd paid audit fees of£180,000last year. ABC Auditors’ total annual fee income is£1,000,000.
3. The client asks the audit team to assist with preparing the draft financial statements because their bookkeeper is absent.
4. A supplier contacts the audit team asking whether XYZ Ltd is financially stable.
5. The audit manager has a close personal relationship with the client’s CEO.
6. The client offers the audit team a paid role on a future project once the audit is signed.
7. The audit team is asked to audit a valuation model that ABC Auditors previously prepared for XYZ Ltd.
8. The client threatens to replace ABC Auditors if certain findings are not removed from the report.
9. During the final week of the audit, the team receives an additional gift from the client.
10. The client demands removal of a finding “or we complain”.
11. The audit team is invited to a modest working lunch at the client’s premises.
12. The audit team is asked to promote the client’s position in a legal dispute.

Required

• Calculate the fee dependence percentage and comment on the implications.
• Identify the main threats to independence in the scenario.
• Propose appropriate safeguards for each identified threat.
• Evaluate the confidentiality dilemma involving the supplier’s inquiry.
• Document the decision-making process for the sporting event tickets offered by the finance director.

Solution

1) Fee dependence percentage and implications

Calculation
Fee dependence % = (Client fees ÷ Total firm fees) × 100
= (£180,000 ÷ £1,000,000) × 100
= 18%

Implications
An 18% dependence is a notable self-interest risk because it can create (or appear to create) an incentive to retain the client, especially if disagreements arise. Stronger safeguards are required, and in some jurisdictions specific threshold rules may apply—often stricter for public-interest engagements.

In practice, definitions and thresholds may refer to audit fees, total fees (audit plus permitted non-audit), multi-year patterns, group situations, and public-interest status under local rules.

2) Main threats to independence

Self-interest threats

• sporting event tickets (gift/hospitality)
• fee dependence (18%)
• offer of a paid future role/project
• additional gift near completion (timing increases perceived influence)

Self-review threats

• assisting with draft financial statements (risk of auditing work the team influenced)
• auditing a valuation model previously prepared by the firm

Familiarity threat

• close personal relationship between audit manager and CEO

Intimidation threats

• threat of replacement to remove findings
• “remove it or we complain” pressure

Advocacy threat

• request to promote the client’s position in a legal dispute

3) Safeguards matched to each threat

Gifts and hospitality (tickets; additional gift) — self-interest / credibility risk

• Decline the tickets and return/decline the additional gift in line with firm policy.
• Escalate to the engagement leader and record the decision and rationale.
• Communicate boundaries to the client to prevent repeat offers.
• If perception risk remains high, remove affected individuals from areas involving key judgements.

Fee dependence (18%) — self-interest

• Arrange an independent engagement quality review by an experienced person not involved in the audit.
• Increase the level of review over sensitive judgements and contentious areas.
• Consider governance-level communication so oversight bodies understand the safeguards in place.
• Reassess continuance if fee dependence combines with intimidation pressure.

Assisting with draft financial statements — self-review / management responsibility risk

• Set clear boundaries: management must make and approve all decisions on accounting policies, estimates, and disclosures.
• Limit assistance to technical guidance and drafting support where permitted; avoid creating accounting records or determining figures.
• Ensure enhanced independent review of areas influenced by the assistance.
• For restricted entities where such assistance is prohibited, refuse the request rather than relying on safeguards.

Auditing a valuation model previously prepared — self-review (potentially high risk)

• Evaluate whether the risk can realistically be controlled.
• If work proceeds, assign an independent reviewer/team to challenge assumptions, inputs, and methodology.
• Where the valuation is central and independence concerns remain strong, the appropriate response may be to decline involvement in auditing that work or restructure responsibilities.

Close personal relationship (manager and CEO) — familiarity / credibility risk

• Remove the audit manager from the engagement or from judgement-heavy areas.
• Rotate senior personnel and strengthen independent review.
• Ensure the relationship is formally declared and assessed under firm policy.

Future paid role offer — self-interest

• Decline the offer and document the reason.
• If any negotiations or expectations exist, remove affected individuals immediately and reassess independence.

Client pressure (replacement/complaints) — intimidation

• Escalate promptly to the engagement leader and relevant internal ethics/compliance contacts.
• Communicate with those charged with governance regarding the pressure.
• Maintain findings based on evidence; do not negotiate conclusions.
• Consider withdrawal if the pressure prevents an objective report.

Promoting the client’s position in a legal dispute — advocacy

• Decline the request. Publicly supporting the client’s position undermines impartiality.
• If any work is considered permissible under local rules, it should be tightly scoped, separated, and independently assessed; however, refusal is typically the safest response.

Modest working lunch — low-level hospitality

• Assess whether it is incidental, modest, and clearly linked to working arrangements.
• If acceptable under policy, keep it proportionate, avoid repetition, and document if necessary.
• If hospitality becomes frequent or high-value, treat it as a self-interest/familiarity risk and refuse.

4) Confidentiality dilemma: supplier inquiry

Issue
A supplier asks whether XYZ Ltd is financially stable.

Approach

• Do not disclose confidential information, including audit findings, internal assessments, or going concern discussions.
• Suggest the supplier contact XYZ Ltd directly or use publicly available sources.
• Record the inquiry and the response.

Reasoning
The supplier has no authority to receive client information. Even indirect confirmation can breach confidentiality and damage trust in the audit process. If a legal or regulatory reporting duty is suspected in a different scenario, seek senior/legal input and document the advice.

5) Documenting the decision: sporting event tickets

A clear record should include:

• Facts: who offered the tickets, to whom, estimated value, timing, and context.
• Ethical principles affected: objectivity and professional behaviour.
• Threats identified: self-interest risk and credibility risk (how it would look externally).
• Assessment: tickets to a major event are likely to be viewed as influential, particularly during an audit.
• Action: tickets declined; engagement leader informed; client notified of policy; any repeat offers to be escalated.
• Conclusion: refusal protects the audit’s credibility and supports an objective engagement outcome.
• Approvals/consultations: who reviewed the decision and any advice received.

Common pitfalls and misunderstandings

• Treating gifts as harmless, especially when timed near completion or linked to “thanks”.
• Ignoring the credibility test and focusing only on the team’s belief that it can remain objective.
• Letting “helpfulness” drift into taking management decisions or producing figures that will later be audited.
• Underestimating how fee dependence can combine with pressure to create a high-risk environment.
• Assuming intimidation is solved by confidence; it requires escalation and governance awareness.
• Accepting advocacy roles that place the auditor on the client’s side in disputes.
• Providing informal comfort to third parties (suppliers, banks, customers) that indirectly discloses confidential matters.
• Writing thin documentation that lists a conclusion without showing the facts, assessment, and safeguards.

Summary

Ethics and independence protect the reliability and credibility of audit work. Independence must be maintained both in judgement (evidence-driven decisions) and in credibility (the audit still looks trustworthy to an objective outsider aware of the facts). Threats commonly arise through gifts and hospitality, fee dependence, non-audit assistance that creates self-review risk, close relationships, pressure to change findings, and advocacy requests.

Strong responses follow a disciplined approach: identify the threat, explain why it matters, choose safeguards that genuinely change the risk, conclude whether the request or engagement remains acceptable, and document the reasoning so it can be reviewed and defended.

Exam quick checks

1. Can you name the threat category correctly?
2. Self-interest, self-review, familiarity, intimidation, advocacy.
3. Have you explained both the judgement and credibility angle?
4. Not just “we can stay objective”, but also “this would look compromising”.
5. Does the safeguard actually change the risk?
6. Policies and statements are not enough without practical controls (refusal, removal, independent review, escalation).
7. Have you respected management responsibility boundaries?
8. Assistance must not become decision-making or figure-setting that the auditor later audits.
9. Is your conclusion explicit?
10. Accept with safeguards / decline the request / withdraw if necessary.

Glossary

Integrity
Acting honestly and straightforwardly, and avoiding involvement with information you consider deceptive or incomplete in a way that could mislead others.

Objectivity
Reaching conclusions through evidence and balanced judgement, not through personal benefit, relationships, or pressure from others.

Professional competence and due care
Maintaining up-to-date capability and applying it carefully so work is performed to an appropriate quality standard.

Confidentiality
Protecting information obtained through professional work and not disclosing or using it outside proper authority.

Professional behaviour
Complying with relevant laws and regulations and avoiding actions that would undermine trust in the profession.

Independence in judgement(often called “in fact”)
The audit team’s real ability to think and decide without bias—especially when challenging management or making difficult calls.

Independence in credibility(often called “in appearance”)
Whether the audit would still pass the “confidence test” if the relevant facts were put in front of an audit committee member, regulator, or informed investor. If the situation would make them hesitate to rely on the opinion, credibility is weakened even if the team feels unaffected.

Self-interest threat
When something the auditor stands to gain or lose (money, future work, personal benefits, reputational pressure) is likely to tilt decisions away from tough but necessary conclusions.

Self-review threat
A situation where the auditor is asked to evaluate work previously produced by the auditor or the auditor’s firm.

Familiarity threat
A situation where closeness or long association reduces professional distance and weakens challenge.

Intimidation threat
A situation where pressure—direct or indirect—discourages objective action or encourages inappropriate compromise.

Advocacy threat
A situation where the auditor is pushed into supporting the client’s position so strongly that impartiality is compromised.

Safeguards
Concrete steps that change the reality of the engagement—for example by removing conflicted people, adding independent challenge, or declining risky work—so the audit team’s judgement stays robust and the opinion remains believable. If no practical step can fix the problem, the right answer is to say no (or step away).