Go to content

Incident notifications

You must notify us of incidents where the integrity of your firm’s business operations is or may be compromised. It may not always be clear what incidents precisely are subject to the obligation to notify. We clarify this below, including by giving examples.

You must notify us of incidents with serious consequences for the ethical operation of your business

Integrity is a prerequisite for healthy financial markets. Accordingly, integrity has a legal basis in the legislation governing financial markets. Audit firms that perform statutory audits are also subject to rules that govern the notification of incidents. They must notify the AFM of incidents that have serious consequences for the ethical operation of their business. Whether an incident has serious consequences depends on the circumstances. It is at the discretion of the audit firm to determine if this is the case.

Notify us immediately

It is important that you notify the AFM immediately or as soon as possible when you become aware of an incident. This will enable us to quickly determine whether you identify situations with serious consequences in good time and take the right measures.

What situations qualify as an incident

Audit firms must immediately notify the AFM of incidents (facts and circumstances) that pose integrity risks. Integrity risks concern:

Involvement with criminal offences and violations of the law

Criminal offences and violations of the law quality as incidents if the offence or violation itself or the manner in which it is addressed may undermine public trust in audit firms or in the financial markets and consequently has serious consequences for the ethical operation of your firm’s business. This may also concern a conviction for a criminal offence that does not directly impinge on the duties of the statutory auditor. Examples of relevant criminal offences and violations of the law include forgery, money laundering, corruption, tax offences and violations of statutory obligations to notify.

Incidents can also concern violations of specific laws and regulations governing the accountancy profession, such as issuing an incorrect auditor’s report or failing to report suspected material fraud. An example of a matter you must report as an auditor is when an audit client goes into liquidation shortly after you issued an unqualified auditor’s report, as this may mean that you wrongfully issued this auditor’s report.

A criminal offence or violation of the law does not need to have been incontrovertibly established. You must report a matter as an incident when the facts and circumstances suggest that an incident may have occurred. Such facts and circumstances include investigations initiated by competent authorities, such as the Fiscal Information and Investigation Service and Economic Investigation Service (FIOD-ECD), a trustee in bankruptcy, the Enterprise Chamber of the Amsterdam Court of Appeal, the Netherlands Competition Authority (NMa) or the U.S. Securities and Exchange Commission (SEC), or negative reporting in the media.

Conflict of interest

A conflict of interest can have serious consequences for the ethical operation of an audit firm’s business. This may harm the audit firm, harm its clients and undermine trust in the market. An example of a conflict of interest is when an employee of an audit firm also has an ancillary position at an audit client of this firm.

Relationship with a client

An incident may also concern an audit firm’s relationship with a client, such as when a client has committed accounting fraud and misled the audit firm as part of this fraud. The audit firm must then reassess its relationship with this client.

Does it matter who was involved with an incident?

It does not matter who was involved with an incident. An incident may concern the conduct of the audit firm, one of its external auditors or another employee of the firm. An incident may also concern the conduct of third parties, such as another entity in the auditor network to which the audit firm belongs, or an audit client. If the audit firm knows of relevant facts and circumstances, this may also constitute involvement with an incident.

Breach, but not an incident?

The applicable legislation, the Audit Firms Supervision Act (Wta), refers to ‘breaches’. A breach may qualify as an incident, but this is not necessarily the case. A breach only qualifies as an incident if it has serious consequences for the ethical operation of the audit firm’s business. Overrunning the deadline for the closing of an audit file, for example, is a breach, but it generally does not qualify as an incident.

Control of integrity risks

Given the impact that incidents have on public trust in audit firms and in the financial markets, it is important that audit firms control integrity risks. Pursuant to the Audit Firms Supervision Act (Wta), audit firms must design their business operations in such a way that they safeguard a controlled and ethical operation of their business. Controlling integrity risks is part of this. In this respect, audit firms are free to take control measures that fit in with their existing business operations.