Resolution 157 – UAE Accountability Authority

Overview

Effective Date:

Resolution 157 is effective from August 2024 on applicable subject entities.

Subject Entities:

Resolution 157 is applicable on federal entities and entities in which the federal government has an ownership stake of more than 25%

Key requirements of Resolution 157:

Resolution 157 introduces comprehensive requirements to enhance the quality of audits and the robustness of Internal Controls Over Financial Reporting (ICoFR). The key requirements include:

• Enhance audit quality and ensure effective ICoFR reporting
• External auditor to test controls for key transactions and address fraud risks within the audit report
• External Auditors to assess risks and control processes relating to financial reporting
• External Auditors to provide opinions on compliance, internal controls, and financial statements

Snapshot of Articles 4 and 5

Article 4 lays down additional audit requirements, which aim to:

Enhance the quality of audit services provided to subject entities and strengthen the principles of integrity, transparency, accountability, and sound management practice at the subject entities when the Auditor performs the following tasks:

1. Ensure that the financial statements fairly reflect the financial position and performance of the entity.
2. Ensure the effectiveness of internal controls over financial reporting, which covers regulations and procedures relating to key transactions.
3. Verify subject entities’ compliance with laws, regulations, rules, policies, resolutions, and governance principles/rules applicable to the subject entity and that have an impact on the entity’s financial statements.

Article 5 lays down additional audit requirements that are added to audit standards globally, as follows:

IAS 200 – Overall Objectives of the Auditor:

Test the effectiveness of internal control systems over financial reporting for key transactions

IAS 240 – Responsibility Relating to Fraud:

Highlight any absence or ineffectiveness of anti- corruption and anti-fraud controls, policies, or procedures, include them in the management letter.

IAS 315 –  Identifying & Assessing Risks of Material Misstatement

• Assess internal control systems to ensure effective, efficient, and economical resource utilization, and compliance with laws and regulations.
• Evaluate internal controls over key operations, such as Procurement, Human Resources Investments etc

IAS 330 – Auditor’s Responses to Assessed Risks

• Design and implement internal control tests to gather sufficient evidence supporting opinion on financial reporting controls.

IAS 700 – Forming an Opinion and Reporting

• Include the following in the auditor’s report:
• Financial statement audit findings.
• Opinions on internal control systems over financial reporting.
• Opinions on legal and regulatory compliance

Implications for Subject Entities

Entities under the purview of Resolution 157 must address roles and responsibilities to achieve compliance:

Enhance the quality of audit services provided to subject entities and strengthen the principles of integrity, transparency, accountability, and sound management practice at the subject entities when the Auditor performs the following tasks:

Audit Committee

• Oversee the integrity of financial reporting and the adequacy of internal controls.
• Provide direction & guidance to management on the effective implementation of internal controls.
• Review management’s assessment of internal control effectiveness and external auditor’s attestation.

Board

• Provide strategic guidance and insights to the organization.
• Oversee the adoption of enterprise-wide risk management frameworks that integrate Internal Controls Over Financial Reporting (ICoFR) with broader operational and strategic risks.
• Hold management accountable for implementing and maintaining adequate internal controls.

Management

• Conduct an annual assessment of the effectiveness of internal controls over financial reporting.
• Maintain documentation supporting the design and operational effectiveness of controls.
• Update internal policies and procedures suitable to company’s operations and compliant with international leading practices.
• Promote integrity and accountability through robust internal controls and ethical practices.

Thinking beyond compliance

Resolution 157 is not merely a compliance requirement; it offers entities an opportunity to:

Strengthen Operational Resilience – By embedding robust controls, entities can reduce the likelihood of operational disruptions and financial misstatements.

Enhance Stakeholder Confidence – Transparent reporting and rigorous audits bolster investor and stakeholder trust.

Drive Efficiency Through Best Practices – Implementing COSO-based frameworks can streamline processes, reduce redundancies, and improve decision-making.

Foster a Culture of Integrity – Ethical behavior and compliance are reinforced through systematic controls and governance mechanisms.

Conclusion

Resolution 157 signifies a paradigm shift in the UAE’s regulatory landscape, underscoring the importance of robust ICoFR. Entities that proactively embrace these changes will not only ensure compliance but also position themselves as leaders in corporate governance and financial integrity. By adopting a strategic approach to implementing Resolution 157’s requirements, organizations can achieve long-term resilience, transparency, and enhance stakeholder value.