Asia Pacific regulators are tightening their grip on audit firms amid concerns over audit quality and independence, with multiple jurisdictions recently rolling out stricter oversight measures.
The crackdown follows findings across the region. Singapore’s Accounting and Corporate Regulatory Authority’s 2024 audit regulatory report exposed systemic failures in critical areas, including independence violations, quality control lapses and documentation shortfalls at both engagement and firm levels.
The Australian Securities and Investments Commission (ASIC) announced in May that it is expanding its audit file reviews after uncovering widespread compliance failures among managed investment entities. The announcement is part of a wider effort to strengthen audit reliability and quality standards.
‘Regulatory requirements must be embedded, not treated as add-ons’
Regional regulators are also modernising their frameworks. Malaysia’s Bank Negara has set tougher governance rules for financial institutions, introducing accredited compliance officers and annual financial crime training, and establishing clearer accountability standards in the sector.
The intensified regulatory oversight comes at a challenging time for audit firms, which are already struggling to meet client expectations for faster, digitally enhanced services. A 2025 Deloitte survey reveals that 69% of South-East Asian CFOs expect artificial intelligence to help automate routine and transactional processes, with 57% saying AI can help plan, forecast and analyse business decisions.
Risk framework overhaul
Holly Yang, associate professor of accounting at Singapore Management University, believes audit firms must rethink their approach to regulation, embedding requirements into risk frameworks instead of treating them as mere add-ons. ‘To adapt, audit firms should develop sector-specific frameworks that provide consistent yet locally relevant assurance practices,’ she says. ‘They should also invest further in digital tools for continuous monitoring of clients’ operational risk exposures, aligning with regulators’ expectations of proactive risk identification.’
Successfully mastering the evolving regulatory landscape can open new doors. Hong Kong SAR of China’s drive to establish itself as a global nexus for digital asset innovation has led to comprehensive guidance for virtual asset trading platforms. To complete, firms must elevate both their audit capabilities and their technological expertise.
‘The key is to find the practical client implications of regulatory updates’
‘From a technical standpoint, any adaptations firms make will need to be driven by the latest licensing requirements for virtual asset service providers, anti-money laundering rules, corporate governance and investor protection,’ says Stephen Wong, managing partner at RSM in Hong Kong SAR.
The key to staying ahead of the curve is through proactively monitoring regulatory updates and translating them into practical implications for clients, says Wang Zhumei, associate director for professional standards at the Institute of Singapore Chartered Accountants. ‘This also means adjusting risk assessments to focus on new or emerging risks introduced by regulations, ensuring that their work addresses critical areas.’
Act fast
A timely response to potential audit quality issues is important as risks multiply in the digital age.
In the volatile world of virtual assets, firms face a spectrum of risks, Wong points out. The first challenge is in valuation accuracy, where volatile, illiquid or hard-to-price assets can lead to material errors. Beyond this, firms must navigate the intricacies of blockchain technology, from ensuring complete transaction records to guarding against double-spend attacks and blockchain-based fraud schemes.
‘Regular monitoring of internal metrics supports timely intervention’
‘To ensure warning indicators are flagged at the earliest possible stage, firms can advise clients on setting up their own risk assessment and intervention procedures to enhance their own abilities to operate real-time monitoring of transactions and detect anomalous activities,’ Wong says.
With the risk landscape continuing to expand as clients adopt new technologies, auditors should have processes in place to see if clients are engaging in activities that may introduce new risks. ‘Where such developments are identified, the firm should assess its ability to respond appropriately,’ Wang says.
Early warnings
She points out that internal metrics can serve as early warning signs. By tracking staff oversight, experience levels, attrition rates and training hours, firms can spot potential quality issues before they affect audit performance. ‘Regular monitoring of such metrics supports timely intervention, resource reallocation or process improvements to maintain consistent quality across engagements,’ she adds.
Smart firms catch governance issues before regulators do, according to Yang. ‘Overall, firms should invest in digital tools for continuous monitoring of clients’ operational risk exposures and strengthen collaboration across jurisdictions to ensure global assurance standards are effectively reconciled with local rules,’ she says.
‘An integrated approach is needed for current risks and future challenges’
But robust quality management is more than just identifying risks. Ultimately, Wong says, companies need an integrated approach that addresses current risks and anticipates future challenges. ‘It requires designing specific responses in the first instance, combined with a programme of continuous monitoring, inspection and improvement,’ he explains.
The audit world is changing fast, and firms need to keep pace. Wang warns that those who fail to evolve risk falling behind on both compliance and performance. ‘This means firms should actively track regulatory changes and assess their impact on existing quality controls, making timely adjustments where needed,’ she advises. ‘Continuous training and communication are critical to ensure all staff understand and apply these updated requirements in their work.’
Recommended reading
