Why Compliance Officers Should Care About the PCAOB

Thank you for your introduction and thank you for inviting me to speak today.

I am particularly honored to be here because I am one of the three newest members of the PCAOB. I started work Feb. 1 along with Chairman Jim Doty and fellow Board member Lew Ferguson.

I am also a new resident of the Washington area, having completed my move from Minnesota just last week. I have a new appreciation for the concept of traffic!

You may think of the PCAOB as an organization with relevance solely to your company’s auditor. I hope my remarks today will persuade you that the PCAOB is relevant to your work as compliance officers, whether your specialty is in accounting, finance, law or ethics.

First, in compliance with our own requirements, I must tell you that the views I express today are my personal views and don’t necessarily reflect the views of the Board or the staff of the PCAOB.

You, as compliance officers, are dealing with many of the same issues that are confronting accountants and, in turn, auditors and the PCAOB. I want to talk about the challenges that we have in common and how the PCAOB is addressing those challenges.

I also want to talk about specific PCAOB actions that may affect your work as compliance officers—actions that are already underway or on the drawing board for attention in the near future You way want to consider providing input to the PCAOB as we request public comment on some new ideas and proposals. Just as important, encourage your investors to weigh in.

Finally, I will share a little bit about what else is changing at the PCAOB. We’re in a state of re-energizing what we have been doing in the past and we are also trying some new things.

Common Challenges—Technology and the Financial Crisis

So why should you, as compliance officers, care about the PCAOB?

Through our inspections of accounting firms, we’re seeing many issues that should be of concern to you, your companies and, most importantly, your investors. To be sure, our inspectors do not find deficiencies in all of the audits we review. But, as with apples, it’s not the good audits we have to worry about.

Let me provide some background relating to my observations. Each year, the PCAOB is required to inspect any accounting firm that issued more than 100 audit reports on U.S.-traded public companies in the previous year.

In 2010, we inspected nine such firms, looking at portions of more than 350 of their audits. Your company’s audit may have been among them. In addition, we inspected 245 firms with 100 or fewer public-company audit clients. In the course of those inspections, we examined portions of more than 600 audits.

Based on those inspections, we think we have a fairly good picture of trouble spots, and I’d like to focus on two today: the effects of the technology revolution and the hangover, if you will, from the financial crisis.

The technology that brought us BlackBerries and iPhones is generally thought of as a good thing. Good, unless you’re the lead-off speaker at a conference and you notice that most of your audience is hiding their device in their lap as they read their email. Fortunately, none of you are doing that!

Technology also brought us the ability to create things we’re still trying to wrap our heads around. Before I get to those things, let’s step back for a moment.

When I started my studies to become an auditor 35 years ago, accounting and auditing objectives were pretty straightforward. Take depreciation for example.

You look at this podium I am standing behind, and you spread the cost over its useful life. That’s an easy thing to do. Most accountants master that concept early in their careers and are comfortable doing it. Most of the numbers on a financial statement were easy to compute like this.

Advances in technology and business models have made it very difficult for accountants, auditors, investors and, perhaps, even you to understand the transactions and products and to find a comfort level.

In finance, the effects of technology are dizzying. Just the word “quant” gives me a little shiver. But the reality is that as technology has advanced, creative minds have taken advantage of new ways to analyze things and have brought us some creative but complex financial products to help people and companies realize a better return on their investments. We see that, for example, in the amazing number of ways that a mortgage can be sliced and diced into different products.

Valuing those products is just plain hard for issuers and for auditors. While unfortunate, the fact is that accounting and auditing often lag business innovation.

Auditors have always tested depreciation or confirmed that a balance due from a customer exists. Those time tested audit steps are not sufficient when auditing the fair value of a complex financial instrument. If you can’t look it up in the Wall Street Journal, you’ve got a real challenge trying to figure out what the value is. As we move further into this fair value model, everything is much more subjective.

And if testing the values of these complex financial products is hard for auditors, who have an opportunity to immerse themselves in the company’s books, we know it’s really hard for investors to understand.

That means investors are relying more than ever on the management of your companies to get the accounting right and on the subsequent assurance provided by auditors that management did just that. And one of the challenges that the PCAOB shares with you is trying to ensure that financial reporting and auditing appropriately adapt to the changing world in which we all operate.

The financial crisis has provided some challenges in that regard. In its wake, investors aren’t sure who they can rely on. And they’re mad.

Investors lost a whole lot of money during the financial crisis, and they’re blaming a lot of people. They’re blaming management; they’re blaming the auditors; they’re blaming us.

We met earlier this year with the PCAOB Investor Advisory Group whose members include big institutional investors and people who represent individual investors.

From this group and through our outreach over the last year to many others, a consistent theme emerged: Investors believe that they are not getting adequate information to make their investment decisions. That should be of concern to you. It is certainly of concern to us at the PCAOB.

There are many parties with roles in the financial reporting process. Management is on the ground every day as the transactions are happening. Audit committees have responsibility to oversee management, hire the auditors and satisfy themselves that both are doing their jobs. Counsel is actively involved in writing the annual report and preparing securities filings.

The auditor reports on the overall fairness of the financial statements and the financial reporting controls. Analysts interpret the financial information and make predictions of the future. Rating agencies evaluate the creditworthiness of companies and debt securities.

Who, among all of these actors, should be responsible for providing investors with the information that they are not getting today?

In many respects, a company’s financial statements and annual report are like a book report. The many thousands or millions of transactions in a given area are summarized into accounts that appear in the financial statements. The footnotes describe some of the accounting policies and details behind the numbers. Management's discussion and analysis explains the numbers and the trends. The financial statements and annual report are sometimes hundreds of pages long – making for a long and complicated book report.

The auditors carefully review all of this information, conduct certain procedures to test some of the information and underlying assumptions, evaluate the company’s accounting decisions, and issue a report stating simply that the numbers in the financial statements are – or are not – presented fairly in accordance with the relevant accounting standards.

What we have heard is that investors are asking for more than this from auditors, and, to some degree, management. In essence, investors want auditors to provide an executive summary of the book report, with further discussion around the question, "How good are the numbers?"

Because of those concerns and others, the Board is preparing a concept release to seek public comment on possible changes to the auditor's reporting model with the intention of increasing its transparency and relevance, while not compromising audit quality.

Determining how to go about this involves some difficult issues, including balancing the benefits of those potential changes to investors with the potential costs of those changes to the companies and their auditors. In considering these questions, we are going to be very interested in the views of management of the companies whose audits will be affected.

But, as I noted above, there are a number of others involved in preparing and providing information that is important to investors. Some have suggested that in addition to improving the auditor’s report, companies themselves ought to provide more information, or different information. In other words, there is a question about whether the book report ought to be expanded or changed. So the discussion that will take place over the next few months ultimately may have broad repercussions on aspects of the financial reporting process that go beyond audit requirements, and I would encourage you to pay attention and get involved.

PCAOB Response—Inspections and Standards

Let me now turn to a few comments about how the PCAOB’s day-to-day activities may impact you and your companies.

Your company’s audit may never come under PCAOB inspection. But there are lessons for your company and its management in our inspection findings. These findings are reported by the Board in two ways: First, we issue individual inspection reports on every firm inspection that we conduct. A portion of those inspection reports – summarizing any deficiencies we found in the audits – are made publicly available, and you ought to review those reports for your audit firm. Second, the PCAOB periodically issues what we call “Rule 4010 reports,” named after the PCAOB rules governing this process. These reports summarize our inspection findings from multiple inspections and usually address particular categories of firms or specific audit issues. Both types of reports can provide valuable information about what issues your auditor may be struggling with and how your audit may be affected as a result of trouble areas.

In addition, we, as a Board, use those findings as we consider new auditing standards that may apply to your company.

While my time today does not allow me to get too far into the details of our inspection findings – which is probably a good thing for the Compliance Week coffee budget for this event – here’s a broad lesson for all companies: We’ve found through our inspections that there’s a very direct correlation between the quality of a company’s processes, controls, documentation and people, on the one hand, and the quality of the audit on the other hand.

In an ideal situation, management does a good job, the auditors do a good job, and the investors are happy. By contrast, it is very difficult for an auditor to do a good job if what they’re auditing is inaccurate or incomplete.

Going back to those complex financial instruments: We have a number of auditing standards related to fair value measurements. One thing we’re seeing in our inspections is that many auditors are trying to apply those standards. But it’s becoming apparent that the standards require the auditor to do more than what management is actually required to do in keeping the books and records.

Here’s an example. Your company may use a pricing service to figure out the value of an asset, but management doesn’t really understand what that pricing service does and what’s really behind the numbers.

We expect the auditors in most cases to either test that pricing service or get their own. In either case, they need to get behind the wall of what the pricing service has done and understand the numbers.

That’s one of the high-risk areas we focus on in our inspections of audits. It is possible that our inspectors could say the auditor hasn’t done enough work in terms of testing what you’ve done. Well, one of the things we tell the auditors is that if they haven’t done enough work, and they don’t know for sure that those numbers are accurate, they might need to go do more work.

That directly affects you if the auditor comes knocking on your door after your filing saying that they didn’t finish their testing several months ago and need to do more work. That has the potential to create a problem for both the company and the auditor.

So, the better job management does in determining and providing evidentiary support for their valuations, the better job an auditor can do, and the more faith an investor can have in the company’s financial statements.

At the PCAOB, we are working on a variety of fronts to help auditors do a better job.

Our inspections look at the policies and procedures that firms have established in order to ensure that audits are performed appropriately. These include, for example, policies governing the independence of the auditor from the client and the client’s management; firm audit methodologies, staff training, and internal inspection programs, among other things.

The PCAOB’s criticisms of firms’ quality controls are maintained as nonpublic for a year to give the firms time to correct deficiencies. If they correct or remediate those deficiencies, the criticisms remain nonpublic. If not, the portion of the inspection reports discussing those deficiencies is publicly released. That’s the way Congress wrote the Sarbanes-Oxley Act.

One of the problems we have seen is that some auditors are not doing a very good job of remediating the quality control problems identified by the PCAOB. So one of the things that we are thinking about is how to be as clear as possible with auditors about what we expect them to do to correct deficiencies in their quality controls. We’re making progress in that direction, but we have a ways to go.

As I mentioned a few minutes ago, the PCAOB also reviews firms’ work on particular audits. When those inspections identify deficiencies in individual audit engagements, we do make that information public – with the caveat that we do not name the company whose audit was reviewed.

That shouldn’t inhibit your company or your company’s audit committee from asking whether your audit was subject to a PCAOB inspection or generally how your auditor fared in its latest inspection by the PCAOB. How the firm fared in the inspection may affect your company and your audits. For example, your next audit may require more testing or additional procedures (which may mean higher audit fees); the auditors may require more work on your part, or accounting interpretations may change. If the inspection revealed accounting problems, you should be particularly concerned, because that may trigger a review by the SEC and, in extreme cases, require a restatement.

Some firms are doing a really good job of transparently disclosing to their clients the general nature of the PCAOB’s inspection findings, while others have a ways to go. These are fair questions for you to ask, and we are encouraging the firms to be more forthcoming, or transparent, if you will.

Transparency

And on the subject of transparency, it seems to me that more transparency may have prevented a lot of the problems that gave rise to the financial crisis, from disclosure about the true costs of exotic mortgage loans to public airing of uncertainty about collateralized debt obligations.

At the PCAOB, transparency is at the heart of some of the standards and other projects we are working on in the near term. Some of those may have implications for you and your companies. As I mentioned earlier, we will soon solicit public comment on the concept of changing the auditor’s reporting model to increase transparency.

A separate standard we proposed last year is intended to improve auditors’ communications with audit committees. That would include adding topics that the auditors should be discussing with the audit committee, including audit strategy and timing and management’s estimates. It also would require a written arrangement letters and enhance the discussions about the company’s critical accounting policies, practices and estimates, as well as the auditor’s evaluation of a company’s ability to continue as a going concern.

Another topic we are deliberating would also call on auditors to disclose the location of other firms participating in the audit. That is a critical piece of information, and we are seeking that disclosure from a variety of angles.

Why is that important? For many large, multi-national companies—and you may work for one of them—a significant portion of the audit may be conducted abroad.

Those companies’ audit reports may be signed by a U.S. auditing firm but it may be based, in large part, on the work of affiliated firms that are completely separate legal entities in other countries.

One of the things we’re concerned about is the number of those countries that prohibit us from inspecting accounting firms based in their jurisdictions. Until recently, we were completely blocked out of the European Union. In January, we reached an agreement to conduct inspections in the United Kingdom, and we’re working with other EU countries on similar agreements. We also recently reached an agreement for inspections in Switzerland, but we continue to be blocked from performing inspections of accounting firms in China.

We’re trying hard to make sure that we can come up with agreements with regulators in those countries to inspect the work of the auditors. In the meantime, we believe more transparency from auditors about what affiliates in what countries were used for the audit, along with an indication of the significance of the work done, will give public companies and investors better information about the degree of PCAOB oversight over – and insight into – the respective firms and audits.

An area in which the PCAOB itself would like to be more transparent is in the context of Board enforcement actions. Currently, the Sarbanes-Oxley Act requires that we maintain as confidential any disciplinary proceedings we initiate against CPA firms or individual auditors until those matters have been resolved at the Board level and the respondent firm or auditor has had an opportunity to appeal the Board’s decision to the SEC. This is unlike the practice at the SEC, where enforcement actions against accountants are visible to the public long before they are adjudicated or settled.

We are asking Congress to consider changing that. That’s a long road, and it’s controversial, but we think it’s important that if there’s an auditor who we think is just not doing a good job and not serving investors, then investors deserve to know about our proceedings against that auditor long before the current rules will allow us to disclose that.

In closing, I will mention a few other things that are changing at the PCAOB. We have a new Chairman who came to the PCAOB with a strong bias toward action, and he is keeping all of us very busy working on a variety of initiatives, some of which I have just discussed.

We are also trying to increase our outreach. In fact, that’s part of why I mentioned our standard-setting projects here today. On every proposed standard or concept, we encourage public comment. We want to know what you think, whether you are an investor, an issuer, an auditor or a compliance officer. If you think changes to the auditor reporting model are a bad idea, let us know. If you think the model should be expanded to require reporting of every question in the auditor’s mind, let us know.

Among our other projects, we recently issued a research report discussing reverse mergers involving companies from the China region. This issue has gotten a lot of media attention, and you can read almost every day in the news about a business in China that has accessed or is trying to access the U.S. capital markets. That brings us back to concerns about the obstacles to our inspections of Chinese accounting firms. We continue to be actively engaged with our Chinese counterparts to achieve a bilateral agreement that will facilitate inspections of PCAOB-registered audit firms in China. We had a productive meeting with our Chinese counterpart during the recent US-China Strategic and Economic Dialogue, and it is our hope and expectation that our ongoing discussions will provide the framework for a definitive bilateral agreement later this year.

We’re attempting to do further outreach to audit committees to help them better understand what we do and how our work should influence their own activities. We’re also trying hard to work on inter-agency relationships and demonstrate leadership in connection with matters relating to auditing. We will be working with the SEC on an initiative called the Financial Reporting Series. This will involve the SEC, the Financial Accounting Standards Board and the PCAOB discussing on a more holistic basis, in open meetings, some of the more challenging financial reporting issues that you deal with, including some that I’ve already talked about today. We will also be ramping up our discussions with banking regulators in order to discuss some of our common concerns.

Finally, I have a couple of personal goals as a new PCAOB Board member. One of these relates to our overall approach to reporting the results of inspections, which has been focused on what auditors are doing wrong. Our long-term success as an organization ultimately will depend on a decrease in audit failures, the quality of the reporting that investors get from auditors, and an overall improvement in audit quality. So, one of the things that I’m personally looking to do is point out characteristics of what successful auditors do right so that others can learn from that. I also hope to further engage the auditing profession in discussions about ways to ensure that the needs of investors consistently guide the actions of auditors, including those of more junior auditors who may not have the benefit of interactions with investors.

With that, I encourage you keep up the hard work, stay engaged and get your investors engaged, so that we can work together to ensure high quality financial reporting and auditing.