It is one thing to debate a consultation paper; it is quite another to operationalise the final standard. For UK audit and tax professionals, the theoretical regulatory debates of the past two years have officially crystallised into the hard operational realities of 2026. The grace periods have expired, the final texts are published, and the mandate for practitioners has shifted unequivocally from preparation to execution.
This week, the Financial Reporting Council (FRC) published its final revisions to the UK auditing standards governing fraud and going concern. Concurrently, professional bodies are issuing urgent guidance on how to scale these heavy-duty standards for small and medium-sized enterprises (SMEs), while frantically pushing taxpayers into the Making Tax Digital (MTD) ecosystem. The overarching theme for UK firms this quarter is clear: bridging the gap between high-level regulatory expectations and ground-level commercial realities.
The FRC’s Final Word: ISA (UK) 240 and 570
After intense industry consultation, the FRC has released the finalised revisions to ISA (UK) 240 (The Auditor’s Responsibilities Relating to Fraud) and ISA (UK) 570 (Going Concern). The overarching goal of these revisions is to close the persistent "expectation gap" between what the public believes auditors do and what the standards actually require.
The revised standards demand a pronounced shift from a passive, checklist-driven approach to an active, inquisitive mindset. Auditors are now explicitly required to "stand back" and evaluate the overall body of evidence, searching not just for corroboration, but for contradiction.
Key Mandates in the Final Revisions
- Enhanced Professional Scepticism: The standards codify the need for auditors to actively search for evidence that contradicts management's assertions regarding both fraud risks and going concern viability.
- Robust Risk Assessment: A more granular approach to identifying and assessing the risks of material misstatement due to fraud, particularly concerning revenue recognition and management override of controls.
- Going Concern Transparency: Auditors must rigorously evaluate the data, assumptions, and models underlying management's going concern assessments, extending their purview to severe but plausible downside scenarios.
"The final standards leave no room for boilerplate compliance. The FRC is demanding that auditors actively hunt for anomalies and challenge management with a level of rigour previously reserved for high-risk PIEs."
The SME Dilemma: Scaling the Unscalable?
While the FRC's revisions are a necessary response to high-profile corporate failures, applying these rigorous standards to the SME sector presents a distinct set of challenges. SMEs form the backbone of the UK economy, yet they rarely possess the sophisticated internal controls or formalised governance structures that the ISAs implicitly expect.
Recognising this friction, the ICAEW has highlighted five critical adjustments practitioners must make when auditing SMEs to remain compliant without over-auditing.
Navigating the Five SME Adjustments
Applying International Standards on Auditing (ISAs) to SMEs requires a delicate balancing act. Firms must tailor their approach to reflect the unique risk profile of owner-managed businesses.
- Rethinking Internal Controls: In SMEs, a lack of segregation of duties is a feature, not a bug. Auditors must focus heavily on the risk of management override, using data analytics to test journal entries rather than relying on non-existent control frameworks.
- Alternative Evidence for Going Concern: SME going concern often relies not on complex financial models, but on the continued financial support of the owner-manager. Auditors must obtain robust evidence of the owner's ability and intent to provide this support, rather than just a written representation.
- Proportionate Risk Assessment: The "understanding the entity" phase should be scaled down. Formal risk committees don't exist in SMEs; risk is often managed informally by the directors. Documentation should reflect this reality.
- Substantive Testing Adjustments: With weaker controls, SME audits inherently require a more substantive approach. However, firms must leverage technology to test 100% of populations (like revenue transactions) rather than falling back on outdated sampling methods.
- Tailoring Communications: Those charged with governance in an SME are often the same individuals managing the business. Audit communications must be clear, commercial, and stripped of unnecessary corporate jargon.
| Audit Area | Corporate / PIE Approach | SME Adjustment Strategy |
|---|---|---|
| Fraud Risk (ISA 240) | Testing complex internal control matrices and whistleblower channels. | Hyper-focus on management override of controls and journal entry testing via data analytics. |
| Going Concern (ISA 570) | Stress-testing sophisticated cash flow models and debt covenant compliance. | Verifying the personal financial capacity and formal intent of owner-managers to inject capital. |
| Governance | Formal reporting to independent Audit Committees. | Direct, pragmatic dialogue with owner-managers. |
The Final Push: MTD for ITSA Onboarding
While the audit sector wrestles with the FRC's new baseline, the tax sector is facing its own execution bottleneck. The April 2026 mandate for Making Tax Digital for Income Tax Self Assessment (MTD for ITSA) is no longer a distant horizon—it is the immediate present.
Despite years of warnings, a significant portion of the eligible taxpayer base remains unregistered. This week, the ICAEW issued a stark encouragement for taxpayers to sign up to MTD immediately. The underlying message to accounting firms is clear: if you wait for your clients to initiate the transition, you will fail.
Firms are currently battling a dangerous cocktail of client inertia and software fatigue. The transition requires not just software implementation, but a fundamental behavioural shift for sole traders and landlords who are used to annual, shoebox-style record-keeping. Practitioners must use the current window to force compliance, leveraging the threat of HMRC penalties as a necessary stick to drive adoption.
Looking Ahead: The Premium on Pragmatism
As we navigate the remainder of 2026, the dividing line between successful and struggling firms will not be their technical knowledge of the new standards, but their operational pragmatism. The FRC has set a high bar for audit quality, and HMRC has drawn a hard line on digital tax compliance.
For UK practitioners, the mandate is to translate these inflexible rules into workable processes for their clients. Whether it is adjusting substantive testing for a local manufacturer or dragging a reluctant landlord onto cloud accounting software, the profession's value proposition has never been clearer. We are no longer just interpreters of the rules; we are the architects of their execution.
