On June 1, David Sproul starts his second term as chief executive of Deloitte UK. Vanessa Macdonald asked him about the wide-ranging debate on the future direction of auditing.

Who is an audit aimed at? The shareholders, the public interest, the business model used by management?

That question has been asked by many people. Many investors say the audit does not give them what they need. But when you ask them what they do need, they are not sure.

What is the purpose of the audit? Firstly an audit has to be seen in terms of the whole annual report and what is disclosed.

One of the debates is that they are getting so long and include so much information that it is impossible to sift through. Is all that information actually helpful?

The second thing is trying to understand exactly what an audit is there for. Certainly we have seen that extended reporting gives audit-ors the chance to explain more clearly the process they go through when determining the main risks in a company.

I am not sure I know what the destination is, but we are definitely going through change.

In 2013 you said an audit was a review of financial instruments, not an assessment of the business model. But this seems to be what people are after: to know if a company is sustainable ...

Of course, if we think that the business model is not sustainable from a purely financial point of view as a ‘going concern’ over the coming year, obviously we would have to pick that up.

It takes you back to the opening point about whether an audit is for shareholders or directors. Directors would probably, in the main, say it is the job of the audit committee, the risk committee and the board of directors to manage a company’s sustainability. They do not need that external verification.

Is it part of the role now? No, it is not. Could it be? Yes – but it would come at a price.

Deloitte was the first firm to do an extended audit (of Vodafone in 2013). Since then you found 290 risks of material misstatement in 73 audits for FTSE 350 companies. What would have happened had those risks not been identified?

Technology will make it far easier to identify control weaknesses, or if things are being processed in a way which is creating a misstatement

It is unclear. It would not be right to say that had they not been identified there would have been an audit failure, for example.

Would the company have failed? It is impossible to know as it depends on what else was happening in those businesses and how they reacted to the red flags raised, whether the remedies and the improvement in controls would have otherwise happened.

When you find those risks, you have to make sure that the company responds, but it is hard to extra-polate from that and say that there would have been a bigger financial failure.

The risks are based very much on the information you are given. With public interest entities, the intention is for auditors to take on a more investigative role and to also look for information that you are not given. How on earth would you price that in?

Auditing has always been based on sampling as you simply cannot look at every single transaction. We can be very smart about our sample but still acknowledge that it is just a small sample out of millions of transactions.

What is interesting is that the combination of big data and analytic tools now available mean you can now look at every transaction. We would be able to go in and actually ‘plug in’ to the company’s systems and reprocess every single transaction in a certain area and have the technology kick out things which are out of line so we can concentrate on those. It is causing us to take a different view of materiality and a more forensic view of transactions.

It is not designed to change our ability to spot deliberate fraud, for example, but technology will make it far easier to identify control weaknesses, or if things are being processed in a way which is creating a misstatement.

I also think we will get to almost-real-time auditing in public companies. There is no reason in theory why technology cannot monitor transactions as they happen and throw up exceptions there and then. This will not happen this year or next, but if you roll forward 10 or 15 years ...

You are also in favour of integrated reporting which considers “how a business uses and affects the resources it relies on”. How do you see this going forward? Should it be voluntary?

There is a range of views in companies at the moment as to the importance it has to them and as to the ability to drive consistency of comparison. It will only get significant take-up if it is mandated.

Consumer-facing companies are more likely to move voluntarily towards more integrated reporting as they know it is important to their consumers that they are a purpose-driven, socially-aware organisation.

Frankly, companies which are less consumer-facing will not choose to do it just because of public opinion, at least not quickly... However, if public interest is very strong, it is more likely for politicians to bring it in.

Sign up to our free newsletters

Get the best updates straight to your inbox:
Please select at least one mailing list.

You can unsubscribe at any time by clicking the link in the footer of our emails. We use Mailchimp as our marketing platform. By subscribing, you acknowledge that your information will be transferred to Mailchimp for processing.