Guide to Business in Spain logo

8. Auditing requirements

Accounting Audit Law 22/2015 of July 20, 2015 is the result of a sequence of legislative reforms which include most notably the following8:

  • Law 44/2002 of November 22, 2002, on Measures to Reform the Financial System, which introduced some substantial changes affecting a variety of aspects.
  • Law 12/2010 of June 30, 2010 amending the Accounting Audit Law 19/1988, of July 12, 1988, the Securities Market Law 24/1988 of July 28, 1988, and the Revised Corporations Law approved by Legislative Royal Decree 1564/1989 of December 22, 1989, in order to adapt them to Community legislation.

The new law is intended to boost user confidence in economic and financial information by improving the quality of accounting audits within the European Union. Specifically, the new LAC sets out to:

  • On the one hand, make transparency a fundamental attribute of both auditors and their work. Attention is drawn in this respect to the new requirements regarding the content of audit reports, which are stricter in the case of audit reports issued in respect of public-interest entities. The professionals by which entities of this kind are audited are placed under the obligation, on the one hand, to prepare and issue an additional report addressed to the Audit Committee which records and reflects the findings of the audit process; and on the other hand, to include in the annual transparency report certain financial information specified in the Directive. The aim of mechanisms of this kind is also to improve the channels of communication between auditors and the supervisors of public-interest entities and enhance the auditor's independence and objectivity, by introducing into the Spanish legislation stipulations and requirements which are more restrictive than those contained in Directive 2006/43/EC.
  • Make the audit market more dynamic, open it up and integrate it at Community level through new measures such as the so-called "European passport". These changes are intended to accompany the measures included in Regulation (EU) no. 537/2014 of April 16, 2014, relating to incentives to encourage entities to undergo joint audits, the participation of smaller firms in obligatory tender processes of a public and periodic nature—which are regulated by simplifying the rules on the selection of the auditor—, and mandatory external rotation.
  • There are measures included to reduce the transaction costs of doing business within the European Union for small and medium-sized firms:
    • Application proportionate to the scale and complexity of the activity of the auditor or of the entity being audited.
    • The Member States are given the authority to simplify certain requirements in the case of small audit firms.
    • Specific provisions for small and medium-sized audit firms.
  • The objective is to achieve a higher degree of harmonization in surveillance and disciplinary matters, and in both European Union and international cooperation mechanisms. The competences of the public supervisory authority are reinforced with this aim in mind, with particular emphasis being placed on the authority to establish minimum disciplinary rules, while at the same time establishing risk assessment as the guiding principle in the quality control reviews to be carried out by such authority. In relation to audits of public-interest entities, there are two main changes:
    • Inclusion of mechanisms aimed at detailed monitoring of the evolution of the market.
    • Establishing of an anonymous sector dialog between auditors and the European Systemic Risk Board, as part of the process for the surveillance of risks affecting financial institutions classed as being of systemic importance.

The main changes introduced by the new LAC, with respect to the previous legislation, are the following:

  • Content of the audit report:
    The following changes affecting the content of the audit report are to be noted:

    • The report must be free of material misstatements: It must be explained in it that the audit was planned and performed to obtain reasonable assurance that the financial statements are free of material misstatements, including any deriving from acts of fraud.
    • Provision of non-audit services: It should include a declaration affirming that no services other than those consisting of the audit of the financial statements have been provided and that no situations or circumstances have arisen which have affected the necessary independence of the auditor or audit firm.
    • Directors' report: Apart from expressing an opinion concerning the consistency or otherwise of the directors' report with the financial statements for the same year, the report is to include an opinion as to whether the content and presentation of the directors' report meets the requirements of the applicable legislation, with any material misstatements which may have been detected in this respect being indicated. In cases in which the company audited is under the obligation to issue the Non-financial Information Statement, the auditor’s opinion in this respect should be limited to indicating whether or not such Statement has indeed been included.
    • Just cause for failure to issue a report or relinquishment: It is stipulated that just cause shall be considered to exist whenever any of the following circumstances is present:
      • The existence of threats which compromise the independence or objectivity of the auditor or audit firm.
      • When it is absolutely impossible for the auditor or audit firm to perform the work for which they have been engaged owing to circumstances for which they cannot be considered responsible.
    • Clear wording, without certain references: The audit report is to be clearly worded and with no ambiguity.
  • European audit firm:
    The possibility is envisaged of an audit firm authorized in another Member state pursuing its business in Spain, provided that the person signing the report on its behalf is authorized to practice in this country.
  • Obligation to abstain:
    The obligation to abstain from participation in any decision-making process in the entity is imposed upon any person—not just the auditor—who could have an impact on the final appraisal or outcome of the audit.
  • Measures designed to guarantee independence:
    Measures are introduced which aim to avoid conflicts of interest or in commercial relations, or any other kind of conflict—whether direct or indirect, actual or potential—which could compromise the independence of the audit function.
  • A requirement that there be no significant, directly held interest is introduced:
    The law requires there to be no significant directly-held interest. It also establishes a ban on the performance of certain transactions with financial instruments issued by the audited entity, applicable to the auditor or audit firm, their personnel, or any persons providing services in the performance of the audit activity, plus certain relatives of the above persons.
  • Inclusion of systems to safeguard the audit function:
    The law establishes the need to implement adequate systems to safeguard against any threats which could derive from conflicts of interest or from any commercial, employment, family or other kind of relationship.
  • The situations by which the auditor's duty of independence may be affected are defined:
    According to the Directive being transposed, the following can affect the auditor's duty of independence:

    • The existence of relations, situations or provisions of services between the entity being audited and the auditor or audit firm.
    • Between the entity being audited and the network of which the auditor or audit firm forms part.9
  • Audit principles and policies are established:
    These operational principles and policies are aimed—as is to be expected—at guarding against any kind of threat to independence and guaranteeing the quality, integrity and critical and rigorous nature of the audit process.
  • Two forms of monitoring of the audit activity are envisaged:
    The new rules provide more detailed provisions on the scope and purpose of the monitoring of the accounting audit activity, with two forms of monitoring being envisaged:

    • Inspections (formerly known as external quality control) to be carried out on a regular or periodic basis which may result in the issue of recommendations or requirements, with the analysis of risk as the guiding principle.
    • Investigations (which include what is currently referred to as technical control), the purpose of which is to detect and correct any deficiency in a specific audit engagement or activity performed by the auditor.
  • Cooperation between International Organizations:
    The duty of collaboration with the Member States of the European Union is extended to include European supervisory authorities. These mechanisms are reinforced by the possibility of data being transmitted to the European Central Bank, the European System of Central Banks and the European Systemic Risk Board, and by the possibility of creating colleges of supervisory authorities within which data can be exchanged, particularly in relation to the activities of auditors who operate within the framework of a network.

Finally, in relation to the company to be audited, Additional Provision One of the LAC stipulates that all companies and entities, irrespective of legal form, which meet any of the following requirements are to have their financial statements audited:

  1. Those issuing securities admitted to trading on official secondary securities markets or multilateral trading systems.
  2. Those issuing debentures for sale to the public.
  3. Those engaging habitually in financial intermediation activities and, in all cases, credit institutions, investment services companies, the governing companies of official secondary markets, the governing companies of multilateral trading systems, the Systems Company, central counterparties, the Stock Exchange Company, investment guarantee fund management companies, and other financial institutions, including collective investment institutions, securitization funds and their managers, entered in the corresponding Registers of the Bank of Spain and Spanish National Securities Market Commission.
  4. Entities whose corporate purpose includes any of the activities regulated by the revised Private Insurance (Regulation and Supervision) Law, approved by Legislative Royal Decree 6/2004 of October 29, 2004, within the limits established in the relevant implementing regulations, and pension funds and their management companies.
  5. Entities that receive government grants or aid or perform work for or render services or make supplies to the State and other public bodies, within the limits established in the implementing regulations to be laid down by the government in a royal decree.
  6. All other entities that exceed certain limits defined by the government in a royal decree. These limits shall refer, as a minimum, to turnover, total assets according to the balance sheet and the average number of employees for the year, and shall be applicable—all of them or each one individually—to the extent possible given the legal structure of each company or entity.

Until Law 14/2013 of September 27, 2013 supporting entrepreneurs and their internationalization came into force, the limits referred to in the preceding paragraph were those established in relation to the preparation of abridged balance sheets, according to the revised Capital Companies Law. Specifically, article 257 of the Capital Companies Law envisaged the following thresholds in relation to the preparation of abridged balance sheets:

  • Total assets not exceeding €4,000,000.
  • Annual turnover not exceeding €8,000,000.
  • Average number of employees for the year not exceeding 50.

Law 14/2013 of September 27, 2013 supporting entrepreneurs and their internationalization nevertheless amended article 263 of the Capital Companies Law and imposed a precedent requirement with a lower threshold, according to which the financial statements must in all cases be reviewed by an auditor, unless at least two of the requirements described below are met in the two consecutive years leading up to the balance sheet date:

  • Total assets of €2,850,000 or less.
  • Annual turnover of €5,700,000 or less.
  • Average number of employees during the year of 50 or fewer.

Companies lose this entitlement if they cease to meet two of the requirements referred to above for two consecutive years.

8As previously mentioned, the Draft Royal Decree approving the implementing Regulations for the Spanish Audit Law (Law 22/2015 of July 20, 2015) was published during 2018. In general terms, it includes only those provisions which expand the content of the articles of Law 22/2015 of July 20, 2015; the amendments necessary for adaptation to the provisions of such Law are introduced and, in general, the previous regulations are left unchanged except where they contradict such Law or where their amendment was not considered advisable for practical reasons.

9In the rules which expand upon these provisions, a distinction is drawn between an audit network and a non-audit network, the rule being that if the persons or entities included within the scope of such a network are in any of the situations of incompatibility envisaged in this Law and in other legal provisions, this will result in the auditor or audit firm being considered incompatible in relation to the company in question, without prejudice to the specific provisions in this respect which the Law also lays down.