Date posted: 10/02/2020

What Brydon may mean for Australia

How Australia’s current regulations compare with the UK’s Brydon Review Report recommendations.

In brief

  • The UK’s Brydon Review Report was released December 2019
  • The report’s recommendations cover topics being debated in Australia at the Parliamentary Join Inquiry and more broadly
  • There are gaps between the recommendations and current regulation in Australia for both auditors and companies

Sir Donald Brydon’s report from the independent government review into the quality and effectiveness of audit in the UK recommends a number of transformative measures that cover a range of topics that are also under debate in Australia.

The topics under discussion come both as part of the responses to the Parliamentary Joint Committee and from broader conversations.

To help with those conversations, it’s important to understand the current state of play compared with the recommendations. Three key areas covered in the report are:


In Australia, auditors must be aware of the risk of fraud and design their audit procedures to address that risk. Directors must ensure that financial reports are true and fair, which includes not being misstated through fraud or error. 

The Brydon Review recommends that auditors should endeavour to detect material fraud in all reasonable ways and that auditors should receive more targeted training on fraud detection. Similarly, directors would have to detail the actions they have taken to fulfil their obligations to prevent and detect material fraud.  

Non-financial risk

Effective risk management is vital for all businesses. Australian annual reports contain some discussion of risk but there is no overarching regulation for managing business risks, though some industries face regulation in relation to key risks (e.g. capital management for banks).

To plan the audit, Australian standards require auditors to understand the entity’s risks and how management assesses those risks. They report on areas of key focus in the audit and if they believe there are inconsistencies in the statements made by directors and management in the information that accompanies the financial statements compared with the understanding they gained through their audit. 

‘Effective risk management is vital for all businesses.’

Brydon recommends strengthening these processes, with companies needing internal processes to allow the reporting of concerns around risk and audit, and for auditors to report to the company any enhanced risks they identify.

Internal controls

One of the most significant of Brydon’s recommendations is to introduce a UK version of SOX, whereby the CEO and CFO make a controls attestation to the board. The auditor would also report on how management had addressed control deficiencies identified in prior years.

This is a step up from Australia’s current requirements. Auditors must understand the internal controls relevant to the financial report but they don’t provide an opinion on their effectiveness. Material weaknesses identified are communicated to the board and management.

Existing requirements in New Zealand and other jurisdictions are similar to Australia, so the debate on what Brydon means for audit, will happen globally.

The report discusses more than these three areas and to help promote further conversations, we’ve prepared a two-page overview of the key recommendations and the current Australian requirements in those areas.

It’s also useful to read our 15- point plan for audit in Australia, which addresses many of the topics and ideas raised by Brydon.

You can also find out more about the Parliamentary Joint Inquiry and the areas of concern it has raised.

Search related topics