Changes and interpretation of the tripartite relationship of audit

With the development of society and the adjustment of audit, the "audit client" in the tripartite relationship of audit has been replaced by the "expected user", and the expected user in the tripartite relationship has become a new topic of audit research. The theory of fiduciary responsibility, the theoretical basis of the traditional tripartite audit relationship, cannot reasonably explain the new tripartite audit relationship with the expected users as the core. The information theory based on the concept of social responsibility can be explained from two aspects: first, enterprises should bear social responsibility to all kinds of stakeholders, and in order to obtain the guarantee of responsible information firms, all stakeholders become the expected users of audit reports, thus becoming the responsible objects of certified public accountants; Second, certified public accountants realize their social responsibility to the prospective users by verifying the information of the responsible party and providing audit information. Certified public accountants are related to enterprises and prospective users because the prospective users need high-quality information. Information theory is the theoretical basis of the relationship among certified public accountants, responsible parties and prospective users.

First, the traditional framework of auditing tripartite relations and its challenges

In the traditional audit theory, the audit relationship consists of three parties: the audit subject, the audit object and the audit client. Under the framework of this tripartite relationship, the entrusted economic responsibility relationship between the audit client and the audit object is the premise of the audit relationship, and the essence of the audit is to check and evaluate the performance of the entrusted responsibility. When shareholders (audit clients) entrust certified public accountants (audit subjects) to inspect the performance of economic responsibilities of enterprise management (audit objects), the audit relationship between audit subjects and audit objects of audit clients appears. According to this theory of tripartite relationship, certified public accountants should be and only should be responsible to shareholders. At this time, there is a dual entrustment relationship among shareholders, enterprise management and certified public accountants, that is, shareholders not only entrust enterprise management to manage enterprise assets, but also entrust certified public accountants to audit. At the same time, shareholders are also the main users of enterprise accounting information and CPA audit conclusions.

With the rise of stakeholder theory, the traditional framework of audit tripartite relationship based on "fiduciary responsibility theory" has been challenged. According to the stakeholder theory and the social responsibility theory based on it, the development prospect of an enterprise depends on the satisfaction of management with the changing expectations of the public, or on the quality of management's response to stakeholders' interests. In order to protect the interests of all stakeholders, enterprise management must provide information related to their interests, so the users of enterprise information include not only shareholders, but also other stakeholders. At the same time, in order to enhance the trust in management information, all stakeholders also need to obtain information about the quality of management information from the audit report of certified public accountants, so they are also users of the audit report of certified public accountants. This leads to the expansion of the legal responsibility of certified public accountants from shareholders to other stakeholders.

The above changes in the scope of responsibility of certified public accountants are also reflected in the authoritative professional standards. The Framework of International Authentication Business issued by the International Auditing and Authentication Standards Board (IAASB) and the Basic Standards for Authentication Business of Certified Public Accountants in China both explain the tripartite relationship of authentication business: the three parties involved in authentication business include certified public accountants, responsible parties and prospective users. By performing audit work, certified public accountants express audit opinions on the information of the audited object reported by the responsible party and provide it to the expected users other than the responsible party. The expected users in the above authoritative professional standards are essentially various stakeholders of the enterprise.

However, there is no entrusted economic responsibility relationship between stakeholders other than shareholders and enterprise management, and they are not the clients of CPA audit. Then, how is the responsibility relationship between them and certified public accountants formed? With the evolution of enterprise objectives from economic responsibility to various stakeholders and the transmission of this evolution to audit, it is difficult to make a reasonable explanation for the changes of audit relationship based on the traditional framework of audit tripartite relationship and its "fiduciary responsibility theory".

Second, the interpretation of the tripartite relationship of the new audit based on information theory

When the explanatory power of "fiduciary responsibility theory" to auditing practice and standards is questioned, the traditional framework of tripartite relationship of auditing based on it is also facing challenges, including: If there is no principal-agent relationship between the auditing client and the auditing object, does the auditing foundation no longer exist? When the scope of audit clients is expanded, what is the principal-agent mechanism between audit clients and audit subjects? If there is no direct principal-agent relationship between some audit clients and audit subjects, should audit subjects be responsible for these audit clients? These questions are the basic questions that must be answered when analyzing the relationship between audit participants and audit risks. In order to solve these problems, the framework of audit tripartite relationship must be revised appropriately based on information theory.

According to the authoritative professional standards, the tripartite audit relationship composed of certified public accountants, responsible parties and prospective users can be described as: certified public accountants draw conclusions on the information of the audited object for which the responsible party is responsible, so as to enhance the trust of prospective users other than the responsible party in the information of the audited object. The Guide to the Basic Standards of Certified Public Accountants' Authentication Business in China points out that "the existence of three parties is one of the important criteria for judging whether a business belongs to authentication business" and "the authentication business will also involve the client, but the client is not a single party, and the client is usually one of the prospective users, and the client may also be the responsible party". That is to say, in the new audit relationship framework, the audit client may be the responsible party, or the prospective user or his representative, and the CPA's responsibility to the prospective user is not based on the entrustment of the prospective user.

Under the framework of the new tripartite relationship of audit, the essence of audit is not to check and evaluate the performance of entrusted responsibility, but to improve the quality or connotation of information and enhance the trust of expected users other than the responsible party in the information of the audited object. In other words, the theoretical basis of the framework of audit tripartite relationship has changed from "fiduciary responsibility theory" to "information theory". According to the viewpoint of "information theory", the responsible party and the expected user are the providers and users of the information of the audited object respectively (the expected user is also the user of the audit report). There may be a fiduciary relationship between them, such as shareholders (prospective users) and enterprise management (responsible parties), at which time the responsible party has the contractual obligation to disclose necessary information to prospective users; There may also be no fiduciary responsibility relationship between them (but there is a responsibility relationship), such as potential investors, regulators (all expected users) and enterprise management (responsible parties). In this case, the prospective user can request the responsible party to provide relevant information according to the rights granted by laws and regulations. In order to improve the trust of prospective users in this information, it is necessary to hire a certified public accountant to authenticate the information provided by the responsible party and express audit opinions. It is usually the potential user or his representative who employs a certified public accountant, or it may be the responsible party. The responsibility of certified public accountants to prospective users is not based on the principal-agent relationship (that is, contractual relationship) between them, but on the audit report to influence users' trust in the information of the audited object, thus affecting their decision-making. In other words, certified public accountants should be responsible for all institutions or personnel who expect to use audit reports, regardless of whether the expected users have signed a contract with certified public accountants in advance (that is, participated in the audit commission). In this sense, the reason why certified public accountants have to bear legal responsibility for unspecified third parties who have no contractual relationship with them has also been reasonably explained.

In this tripartite relationship, there are two groups of information supply and demand, one is the provider and user of the audited information, and the other is the provider and user of the audit information. The relationship between the supply and demand of two groups of information is combined because of the dual identity of the expected users as two types of information users, thus resulting in the tripartite relationship of audit. In theory, certified public accountants should provide audit reports to all potential users, but it is often difficult to do so in practice, because certified public accountants may not be able to determine all organizations and personnel who use audit reports, especially when various potential users have different interests. Therefore, stakeholders other than shareholders have the right to claim compensation from certified public accountants when they suffer losses, even though they have not entrusted certified public accountants to audit or even provided them with audit reports directly.

On the one hand, the change of expected users' information demand pattern reflects the evolution of stakeholders' demand for corporate social responsibility, on the other hand, it also causes the gap of audit expectation, that is, the gap between expected users' dynamic demand for audit information and CPA's ability and willingness. Therefore, it will be an urgent task to analyze the types and needs of prospective users and their influence on the audit scope, audit risk and legal liability of certified public accountants.