Publication
Legal strategies to tackle fraud in early-stage investments in Asia
In the wake of the recent eFishery scandal early-stage investors are recalibrating their approach to due diligence and risk tolerance.
United Kingdom | Publication | April 2025
Recent regulatory activity and enforcement outcomes have highlighted the obligations on auditors to make reports to regulators in certain circumstances. Given the web of relevant provisions, the number of bodies potentially requiring notification, the client confidentiality overlay and the pressures to which busy professionals are subject, keeping track of who should say what to whom in the context of the audit can be challenging and decisions on reporting (or not) may require careful judgment, a robust support framework and a clear audit trail. Questions may be asked in the context of enquiries and investigations long after the event (and sometimes with the benefit of hindsight) when memories of what was known to whom and when will have faded.
We set out below (1) a ‘Quick Reference Guide’ to serve as a high level checklist for auditors to have front of mind with regards to their reporting obligations when carrying out audits of regulated firms; (2) potential red flags that might trigger an obligation to report to one or more regulator; and (3) some considerations to bear in mind when determining whether to report. Many scenarios will not be straightforward and so this high level guidance is intended to act as a reminder and prompt so that specialist advice can be sought where appropriate.
1. Auditors’ reporting obligations: Quick Reference Guide
(i) Principle 11 requires that an audit firm which is authorised must, as with any other authorised firm, “deal with its regulators in an open and cooperative way, and must disclose to the FCA appropriately anything relating to the firm of which that regulator would reasonably expect notice” and this may include matters in respect of both regulated and unregulated activities. Chapter 15 of the FCA’s Supervision Handbook sets out rules and guidance in relation to matters which a firm must or should consider self-reporting in accordance with Principle 11. Given the obligations relate to self-reporting these are less likely to be triggered by an audit of a regulated entity but consideration should be given to the potential impact on the auditor such as a matter that could have a significant adverse impact on the auditing firm’s reputation.
(ii) The 2001 Regulations impose an obligation on auditors of authorised firms, who are or were appointed as a result of a statutory provision to report to the FCA if, in summary, one of the following tests is satisfied:
For the purposes of both the Relevant Requirement Test and the Threshold Conditions Test, the FRC’s International Standard on Auditing (UK) 250 provides some guidance on determining whether a matter might be of “material significance” to the relevant regulator, in particular highlighting that it does not have the same meaning as materiality in the context of the audit of financial statements. The FRC also provides examples of “relevant requirements” or matters of concern which require “particularly close consideration” when considering whether a duty to report potentially arises. The duty to report may arise in circumstances where there may have been a rule breach by the firm or where matters arise that may have a detrimental effect on the firm’s fitness and propriety such as serious misconduct committed by senior individuals.
(iii) Individual Conduct Rule 3 requires that senior managers and employees subject to the FCA’s COCON rules must be open and cooperative with the FCA, PRA and other regulators. Auditors should therefore be mindful of their personal responsibilities to the regulator when carrying out audits and considering any potential ‘red flags’ which might give rise to reporting obligations.
2. Potential ‘red flag’ indicators
Potential red flag indicators that might give rise to the above reporting obligations include:
3. Considerations to bear in mind when determining whether and what to report
Auditors should consider internal governance including how they manage internal communications between colleagues when conducting an audit of a regulated firm, as some communications may become disclosable to a regulator or other third party for example in the event of an investigation or in the context of litigation. Additional care may be needed when determining whether and what to report. Points to bear in mind include:
We provide support to advisers and service providers in navigating their professional and regulatory obligations so please get in touch if you would like to discuss.
Publication
In the wake of the recent eFishery scandal early-stage investors are recalibrating their approach to due diligence and risk tolerance.
Publication
As we stand on the cusp of transformative change within the energy sector, anticipation builds around the UK government’s impending decision on the Review of Electricity Market Arrangements (REMA). This briefing provides a recap of the proposals made to date and looks at the potential future impact of the REMA proposals on market players.
Publication
Antitrust authorities are increasingly aggressive in pursuing new theories of harm, pushing the boundaries of what amounts to an antitrust violation, and expanding the use of current legislation and regulation to fit a new era of issues.
Subscribe and stay up to date with the latest legal news, information and events . . .
© Norton Rose Fulbright LLP 2025