Quality remains our foremost priority. To manage our commitment to quality, we have an extensive System of Quality Management (SoQM). This system is in line with the International Standard on Quality Management (ISQM 1 (new window)), which came into effect in December 2022. Our SoQM also meets the following standards and regulations:
The International Code of Ethics for Professional Accountants (new window)
Wet toezicht accountantsorganisaties (new window) (Wta, Dutch Audit Firms Supervision Act)
Besluit toezicht accountantsorganisaties (new window) (Bta, Dutch Audit Firms Supervision Decree)
Wet op het accountantsberoep (new window) (Wab, Dutch Auditors’ Profession Act)
Verordening inzake de onafhankelijkheid van accountants bij assurance-opdrachten (new window) (ViO, Dutch Code of Ethics for Professional Accountants)
Verordening gedrags- en beroepsregels accountants (new window) (VGBA, Dutch Code of Ethics)
Our system describes how we ensure quality and accountability throughout the organization, and puts emphasis on quality management rather than simply quality controls (in line with ISQM 1 (new window)).
Under the system, our Board of Management has ultimate responsibility for quality. The Board sets tone at the top and makes sure we have the right skills and knowledge within the organization to maintain quality standards. Every year, the Board reviews the effectiveness of our SoQM.
Within our business units, the Heads of Assurance and Advisory are responsible for managing and upholding our SoQM, assisted by our Country Quality & Risk Management Partner, who reports to the CEO and works closely with other member firms across the KPMG network.
All staff are required to understand and abide by quality management policies and procedures. To ensure this, staff undergo regular mandatory training and updates. In addition, we emphasize the importance of personal responsibility – it is important that quality is part of our DNA and is not regarded merely as an issue of compliance.
In addition, we have a Head of Audit Quality, whose role it is to oversee all quality initiatives, ensure we maintain our focus on quality and continue to identify areas of improvement. Our quality management policies apply to all KPMG member firms, and these are included in our Global Quality and Risk Management manual. Our Supervisory Board (new window) oversees our approach to quality, partly through the work of its Assurance Quality Committee (new window).
Quality drivers
Our SoQM is built around ten quality drivers, ranging from culture and values to knowledge application, effective communications and nurturing diversity. Formally, our SoQM applies to Assurance, but where appropriate we use the same basic approach for Advisory and Business Services as well.[1] Both in Assurance and Advisory, the Financial Supervision Office (Bureau Financieel Toezicht (new window)) performs inspections.[2] We also track our performance internally through a series of Audit Quality Indicators (new window) (AQIs) and targets; reporting against these AQIs is done twice a year.
For ease of use, these drivers are divided into three categories: core drivers, value drivers and supporting drivers, as follows:
|
Value drivers |
||
|
Live our culture and values |
Quality begins with having the right culture – tone at the top is important in setting our culture. All other quality drivers depend, to one degree or another, on culture. Our values, behaviors and Code of Conduct all support our culture of quality. |
|
Embrace digital technology |
We are committed to continuous innovation. Technology makes us more efficient, speeds up our processes, provides new insights and ultimately improves the quality of our audits. |
|
Apply expertise and knowledge |
We continue to build on our technical expertise and knowledge – these are fundamental to quality. We have a clear, consistent audit methodology, beyond basic standards, supported by our KPMG Clara (new window) smart audit platform. |
|
Nurture diverse, skilled teams |
We work hard to ensure our professionals have the right skills, experience and diversity. Quality is built into our HR processes from recruitment to reward and promotion. |
|
Supporting drivers |
||
|
Associate the right clients and engagements |
When taking on new work, we apply strict acceptance criteria – we don’t want to work with clients who pose an unacceptable financial, operational or ethical risk. |
|
Assess risks to quality |
We continuously assess risks to audit quality, and act to reduce or eliminate risk where possible. Failure to comply with quality or other professional standards is one of our strategic risks. |
|
Communicate effectively |
We encourage open, honest and effective communication – this means obtaining feedback from clients and other stakeholders, and acting to make improvements. |
|
Be independent, objective and ethical |
To ensure quality, our professionals must be independent and objective; they must live up to the highest ethical standards. |
|
Core drivers |
||
|
Perform quality engagements |
We base our audits on an assessment of likely risks. We consider all audit evidence, even if it’s contradictory or inconsistent. Auditors are required to exercise their professional judgement and remain alert to possible biases. |
|
|
Monitor and remediate |
We have programs to monitor quality and compliance – this allows us to identify deficiencies, perform Root Cause Analyses (RCAs) and remedy shortcomings where necessary. |
Quality processes
Onboarding clients – We carry out thorough risk assessments before accepting new clients or engagements. These include background checks on management and ownership, identifying possible conflicts of interest, issues of independence, or any breaches of laws or regulations, including those relating to corruption and human rights. If necessary, we ask for additional safeguards or decline clients if issues cannot be resolved or we do not receive sufficient information to carry out our assessment.
Personal independence and rotation – For all employees, we have clear rules on personal independence, and a system of regular rotation for partners and other senior team members, so that no individual remains in an engagement longer than allowed or appropriate. KPMG complies with the applicable rotation requirements of the Wta (new window), ViO (new window), IESBA Code of Ethics (new window) and the US Securities and Exchange Commission (new window) where required. Monitoring of rotation requirements and overall threats to independence arising from the long-term association of senior member of the audit team is performed by engagement teams with use of tools and checklists. Compliance with partner rotation requirements is monitored centrally via partner portfolio review procedures.In 2022/2023, we carried out 158 personal independence audits, compared with 173 the previous year. During the year, we identified two independence violations, which were mainly related to untimely or incorrect internal registration. None of them impaired the independence of the firm.
Technical support – Technical support is provided by our Audit Quality Professional Practice Department (AQPPD) and our Quality & Risk Management Group. Our auditors can also access support through KPMG’s global network. In 2022/2023, there were 713 technical consultations with the AQPPD on difficult or contentious issues (compared with 774 the previous year).[3] Approximately 19% of these consultations related to 'going concern' issues and 11% issues related to fraud, money laundering and anti-bribery.
Engagement Quality Control Reviewer (EQCR) – For many engagements, we appoint Engagement Quality Control Reviewers to oversee decisions made by our assurance teams.[4] In 2022/2023, EQCRs applied to 29%[5] of all assurance engagements. We expect our partners to be closely involved in engagements, and measure this as an AQI. Partners’ involvement helps set the right tone and ensures our teams benefit from partners’ skills and experience. Partners and directors must demonstrate their commitment to quality before being promoted to these positions.[6]
Quality monitoring and compliance – Across the firm, we have extensive quality monitoring and compliance programs, as well as quality coaching and training. These include regular Quality Performance Reviews (QPRs) and our KPMG Quality & Compliance Evaluation (KQCE) program. To support continuous improvement, we also perform Root Cause Analysis (RCAs) on problems emerging during our work; these RCAs are based on a five-step approach to: 1) define the problem; 2) collect and analyze relevant data; 3) determine the root causes; 4) decide and implement corrective actions; and 5) monitor the effectiveness of these actions. Our RCAs are conducted by an RCA team, which is part of AQPPD. In 2022/2023, we conducted engagement specific RCA on non-compliant quality reviews and all restatements. Furthermore, we carried out three RCAs on firm-wide issues, including the RCA related to the investigation into answer sharing (new window). Generally, these RCAs showed the importance of:
Maintaining a culture of quality, accountability and ethical decision-making
Improving internal communications and didactic quality of our trainings
Acting more quickly on reports of shortcomings in current processes
Internal quality reviews – In Assurance, Quality Performance Reviews (QPRs) are conducted regularly by our Internal Audit & Compliance Office, led by partners and senior management. Engagements are rated as follows:
Compliant – i.e., the engagement complied, in all significant respects, with all relevant audit, assurance, accounting and other professional standards.
Compliant – improvement needed – i.e., the engagement complied with relevant standards in all significant respects, but instances of non-compliance that were more than minor but not significant were also identified.
Not compliant – i.e., the engagement did not comply with relevant standards in respect of a significant matter and remedial action was required.
In Advisory, QPRs are performed by our Functional Quality & Risk Management Partner. Two criteria are used to rate engagements: engagement set-up and engagement execution. Engagements are rated green, yellow or red; both green and yellow are considered satisfactory. Internal reviews are conducted throughout the year to assess quality and identify possible improvements. Findings are communicated to professionals and benchmarked against KPMG’s global quality baselines.
Audit Quality Indicators (AQIs)
This table has been prepared in accordance with guidelines published by the Royal Netherlands Institute of Chartered Accountants (NBA (new window)). Definitions are provided in full here (new window).
|
Quality driver |
Indicator |
|
|
Live our culture & values |
GPS survey results relating to coaching and audit quality |
|
|
Embrace digital technology |
Investments in developing new audit technologies and tools as % of total audit revenue |
|
|
Apply expertise and knowledge |
Technical resources support (FTEs) as % of total audit FTEs |
|
|
Nurture diverse, skilled teams |
Partner hours in PIE audit engagements |
|
|
Nurture diverse, skilled teams |
Partner hours in non-PIE audit engagements |
|
|
Nurture diverse, skilled teams |
Average number of hours spent in training per client-facing professional in audit |
|
|
Nurture diverse, skilled teams |
Hours spent on PIE audit engagements by IT and other specialists |
|
|
Nurture diverse, skilled teams |
Hours spent on non-PIE audit engagements by IT and other specialists |
|
Be independent, objective and ethical |
Independence violations, both internal and external as % of total audit headcount |
|
Perform quality engagements |
Number of technical consultations as % of total audit engagements |
|
|
Perform quality engagements |
Percentage of engagements involving EQCRs |
|
|
Perform quality engagements |
EQCR hours spent as % of total hours spent on EQCR engagements (scope: all EQCR engagements excl. three largest clients) |
|
|
Perform quality engagements |
Financial statements with restatements as % of audit opinions issued |
|
|
Monitor and remediate |
Results of external inspections |
|
|
Monitor and remediate |
Results of internal KPMG N.V. audit inspections |
- 1 In Advisory, all projects worth over EUR 1 million are subject to active quality control and monitoring.
- 2 Inspections are carried out by various regulatory authorities, including the Authority for the Financial Markets (AFM (new window)), the US Public Company Accounting Oversight Board (PCAOB (new window)), the Royal Netherlands Institute of Chartered Accountants (NBA (new window)), NOREA (new window) (the Dutch professional organization for IT auditors), Financial Supervision Office (BFT (new window)), the central government audit services (Auditdienst Rijk, ADR (new window)), 'De Nederlandse Zorgautoriteit' (NZA (new window)) and 'Inspectie van het Onderwijs (new window)'.
- 3 KPMG N.V. has protocols governing technical consultations with AQPPD, including specific procedures to resolve any differences of opinion between professionals.
- 4 In Advisory, a second partner fulfills a similar function.
- 5 Percentage of engagements involving EQCRs.
- 6 For partners, we have a specific program called Audit Quality Curriculum for Partner Promotion.