Navigating group audits in China – the impact of the revised ISA 600
by Harm Hoonstra
The auditing, reporting, and compliance landscape for international groups with Chinese components has become more complex. The revised International Standard on Auditing (ISA) 600, effective for periods beginning on or after 15 December 2023, fundamentally reshapes the responsibilities of auditors in cross-border engagements.
The changes are particularly significant for multinational groups with subsidiaries in China, a market that presents unique regulatory and documentation challenges.
Key changes and China-specific challenges
The shift toward a more integrated, risk-based approach presents distinct challenges for component auditors in China:
Enhanced group auditor responsibility and risk-based scoping.
The revised standard introduces a proactive, risk-based approach, moving away from quantitative thresholds. Audit effort is now focused on areas of higher risk of material misstatement (RoMM), such as complex intercompany transactions or high-risk assets, even in smaller Chinese entities. Crucially, the group engagement partner (GEP) is responsible for the entire consolidated opinion, and the component auditor is explicitly defined as part of the engagement team. This mandates closer direction, supervision, and early assessment of the component auditor's competence and ethical standards.
The new focus on aggregation risk means multiple small misstatements across various components could collectively affect the group’s financial statements, requiring diligence even on less financially significant Chinese entities.
Formalised two-way communication
ISA 600 (Revised) formalises the need for robust, two-way communication throughout the entire audit. This is vital in China, where language barriers, time differences, and local generally accepted accounting principles (GAAP) differences heighten the risk of miscommunication. Timely exchange of findings and issues ensures audit quality and consistency across jurisdictions.
Documentation and data restrictions
ISA 600 (Revised) heightens documentation requirements, especially regarding the GEP’s scoping decisions and review of component work. For Chinese components, the GEP must anticipate, and address data access restrictions imposed by local regulations, such as the Data Security Law and the Personal Information Protection Law. When full access or data transfer is restricted, the new standard encourages practical solutions, including performing on-site reviews, utilising secure data rooms within China, and employing controlled remote access to maintain compliance while obtaining sufficient audit evidence.
Conclusion
Overall, for multinational groups operating in China, the revised ISA 600 demands closer coordination, stricter GEP oversight, and the implementation of practical strategies to manage data residency and access hurdles. Proactive engagement and strong collaboration are essential to maintain audit quality in this evolving landscape.
As a Director at MSA, Harm supports foreign companies in navigating challenges related to market entry and operations in China and Asia. He specialises in structuring businesses for efficient cross-border transactions, tax optimisaton, and seamless international reporting.
/https://storage.googleapis.com/ggi-backend-prod/public/media/7108/4a95da83-6b25-41b7-99a1-5c891da90b5f.jpg)
/https://storage.googleapis.com/ggi-backend-prod/public/media/5448/HOONSTRA-Harm_MSA-Asia_b&w.png)
/https://storage.googleapis.com/ggi-backend-prod/public/media/4528/MS-Advisory---MSA-Group-_Logo.png){kind=logo}
/https://storage.googleapis.com/ggi-backend-prod/public/media/7111/7a52428d-5e91-45c9-8d88-9802f4dc2297.jpg)
/https://storage.googleapis.com/ggi-backend-prod/public/media/7110/3455a5d5-2ba4-47a4-b6c0-bf8cf9fbef02.jpg)
/https://storage.googleapis.com/ggi-backend-prod/public/media/7109/40f50fe9-a9e3-44f2-8401-9874c36feb9f.jpg)
/https://storage.googleapis.com/ggi-backend-prod/public/media/7105/f14f89b7-d032-4a57-8499-0852546bf044.jpg)