Good afternoon. It is my pleasure to once again address this important conference, and I thank the American Institute of Certified Public Accountants for this opportunity to speak with you today.
This year was a consequential year for the accounting profession and 2008 promises to be even more so. About a week after I addressed this conference last year, the Public Company Accounting Oversight Board ("PCAOB" or "Board") proposed a new auditing standard that replaced Auditing Standard No. 2 ("AS 2") for audits of internal control over financial reporting. During the year, we made some changes to our proposal based on the comments we received, and the Board adopted, and the Securities and Exchange Commission ("SEC" or "Commission") approved the Board's Auditing Standard No. 5 ("AS 5"). The new standard is now effective.
AS 2 is dead! Long live AS 5!
It seems that a speech on PCAOB activities is not complete without some discussion about internal control auditing, so I will give you some of my thoughts on Auditing Standard No. 5 that I hope you consider as you complete this year's and plan future integrated audits of financial statements and internal control.
Other significant initiatives took substantial steps forward this year, perhaps none more so than the movement to internationally accepted accounting standards. The SEC will now permit foreign private issuers to file with the Commission financial statements prepared in accordance with the English language version of International Financial Reporting Standards ("IFRS") as adopted by the International Accounting Standards Board ("IASB") without reconciliation to U.S. generally accepted accounting principles ("U.S. GAAP"). The SEC also is evaluating whether to propose rule changes that would permit U.S. domiciled issuers to prepare their financial statements in accordance with IFRS rather than U.S. GAAP and Bob Herz, chairman of the U.S. Financial Accounting Standards Board ("FASB"), has called for a national plan to address this matter. This initiative has implications to PCAOB auditing and related professional practice standards, and I will address one of these implications today, namely, the effect of the elimination of the U.S. GAAP reconciliation on one of the Board's interim quality control standards, which is known as Appendix K.
As the question about international accounting standards becomes more certain, the question as to whether the United States should move towards a globally accepted set of auditing standards is being heard more often. I will give you some of my thoughts on this question.
Five years have passed since enactment of the Sarbanes-Oxley Act and the creation of the PCAOB. It is quite clear to me that auditing practice has improved in that time.
There is, of course, always room for further improvement. In January, the PCAOB issued a general inspections report focused on the implementation, over a two-year period, of the current auditing standard on the auditor's responsibility for the consideration of fraud in a financial statement audit. In October, the Board issued another general inspections report, this one summarizing observations from the inspections of U.S. auditing firms that audit no more than 100 issuers. My colleagues and I will highlight some of the observations from these inspections reports during this conference.
Finally, I will address other current developments, including auditing fair value measurements and some of the current standards-setting activities of PCAOB.
As I indicated a moment ago with regard to AS 5, the thoughts I express today are my own. They do not necessarily represent the views of the PCAOB, PCAOB Board members, or other members of the PCAOB staff.
I made the dramatic statement about the death of AS 2 to highlight that fact that we have a new standard for audits of internal control in AS 5, not an amended version of AS 2. When we started our project in May of last year, our intention was to amend AS 2. There were about a dozen discrete changes we planned to make, based on our monitoring of the implementation of AS 2 and to address specific concerns raised during the first two years of implementing that standard. However, as we got further into the project, we realized that something bolder was needed to effect the change in behavior we concluded was necessary.
As you probably have noticed, the new standard is one-third the length of AS 2. It also eliminates requirements that resulted in unnecessary procedures, is less prescriptive, and more clearly identifies the principles that drive the auditor's work and judgments.
At the same time, the key principles embodied in AS 2 survived. AS 5 requires the auditor to obtain reasonable assurance about whether material weaknesses exist. AS 5 also describes a framework, one that is scalable based on a company's size and complexity, for obtaining that assurance.
One of the key features of the new standard is that it more clearly allows the auditor to reduce work in low risk areas, which will permit the auditor to focus more attention on those matters that are most important to effective internal control over financial reporting.
The new standard does this by incorporating three key concepts or approaches. First, it incorporates into the standard the top-down approach to identifying controls that need to be tested. This approach was described in the staff Questions and Answers and Board Policy Statement issued in May 2005. Second, it explicitly incorporates the consideration of risk throughout the process. Risk affects the identification of accounts, financial statement assertions, and controls that are important to internal control, and the nature, timing, and extent of testing of the selected controls. And, third, the new standard more clearly focuses on the important principles, which permits the auditor to exercise more judgment when determining the work that must be performed.
A top-down approach begins at the financial statement level and with the auditor's understanding of the overall risks to internal control over financial reporting. The auditor then focuses on entity-level controls and works down to significant accounts and disclosures and their relevant assertions. This approach directs the auditor's attention to accounts, disclosures, and assertions that present a reasonable possibility of material misstatement to the financial statements and related disclosures. Thus, those accounts, disclosures, and assertions that do not present a reasonable possibility of material misstatement to the financial statements do not need further attention. Using a top-down perspective, the auditor selects for testing those controls that sufficiently address the identified risks of material misstatement.
We also state in AS 5 that the top-down approach represents the auditor's sequential thought process, rather than the order in which the audit is required to be performed. When going through the process of identifying significant accounts, relevant assertions, and controls to test, the auditor should focus on where there is risk that could cause the financial statements to be materially misstated. Further, the auditor needs to test only those controls that sufficiently mitigate that risk.
Risk also is used to determine the amount of work necessary to obtain sufficient evidence about the operating effectiveness of the controls selected for testing. For controls with lower associated risk, the auditor may obtain less evidence about their effectiveness.
With regard to using the work of others and multiple locations testing, both AS 2 and AS 5 provide principles for making the judgments necessary in each of these areas. In AS 2, however, we provided additional direction in the form of the principle evidence and large portion tests. As a part of our monitoring of the implementation of AS 2, we concluded that these additional tests were likely causing additional and unnecessary testing, and that the principles were sufficient to stand on their own. Accordingly, we eliminated the large portion and principle evidence tests.
Additionally, AS 5 replaced the requirement in AS 2 to perform walkthroughs with a focus on four objectives that must be achieved. So, rather than focusing the auditor's attention on performing walkthroughs as an end in itself, the new standard more appropriately directs the auditor to achieve the four important objectives. In many cases, performing a walkthrough will be both the most effective and efficient way to achieve the objectives, but now the auditor has more flexibility to determine the means based on the facts and circumstances of each engagement and the nature of the process that is being tested.
Now let's go back to those areas that are the most important. What are they? AS 5 directs the auditor's attention to some of these areas, and I will describe three of them: the control environment, the period-end financial reporting process, and anti-fraud controls.
Internal Control: Integrated Framework, developed and published by the Committee of Sponsoring Organizations of the Treadway Commission, describes the control environment as the foundation for all other components of internal control, providing discipline and structure. AS 5 specifically directs the auditor to assess –
Other aspects of the control environment also are important to the effective functioning of a system of internal control. The tone set by top management and appropriate oversight by the Board or audit committee, however, are key factors to implementing and sustaining effective controls, which is why they received special attention in AS 5.
The period-end financial reporting process is a high-risk area. As compared to other parts of the accounting and financial reporting systems, in many companies there is a higher likelihood that errors will be made in the period-end financial reporting process. It also presents opportunities to intentionally misstate the financial results. Accordingly, it is an area in need of the auditor's focused attention. AS 5 defines the period-end financial reporting process and directs the auditor's attention there.
The risk of financial reporting fraud also is one of those most important matters. AS 5 requires the auditor to take into account the results of his or her fraud risk assessment when planning and performing the internal control audit. The auditor should evaluate whether the company's controls sufficiently address identified risks of material misstatement due to fraud. The auditor also should evaluate controls intended to address the risk of management override of other controls.
Specific matters in need of the auditor's attention include whether there are controls over journal entries, period-end adjustments, significant or unusual transactions, related party transactions, and significant management estimates, and controls that mitigate incentives for, and pressures on, management to falsify or inappropriately manage financial results.
Another focus in developing AS 5 was on how to implement the internal control audit in smaller, less complex companies. The new standard provides a single framework that is scalable for companies of all sizes. Included within AS 5, are a series of notes that provide direction on how to scale specific aspects of the internal control audit based on size and complexity. On October 17, the staff published a document that further explains and illustrates how auditors can address some of the particular challenges for performing audits of internal control in the smaller, less complex company environment. I encourage you to obtain, read, and apply the approaches illustrated in this document as you complete your audits of smaller, less complex accelerated filers, and as you gear up for your audits, next year, of the financial statements and internal control of non-accelerated filers.
I am very pleased that we were able to develop this document with the help of a task force comprised of volunteers from twelve auditing firms registered with the PCAOB. The persons involved in this project have experience conducting integrated audits of financial statements and internal control over financial reporting of smaller, less complex accelerated filers. The task force helped us to identify the topics that present particular challenges to implementing the integrated audit for this type of company, and to develop strategies for addressing those challenges.
The document opens with a general chapter on how to scale the audit for smaller, less complex companies, and includes seven more chapters, each of which address one of the topics identified by the task force. Those chapters address entity level controls, the risk of management override, segregation of duties, information technology controls, financial reporting competencies, obtaining sufficient evidence in an environment with less formal documentation, and situations in which there are pervasive control deficiencies. The document also includes an appendix that further describes the integrated audit process.
Although you may use the document now, we are inviting public comment on it through December 17. If you have comments on the guidance, recommendations for improvement, or additional audit strategies we should consider including in a revised version, we would like to hear from you.
My final thought today with regard to internal control is an additional, significant opportunity AS 5 presents the financial reporting community. I believe that the new standard provides yet another opportunity for our profession to improve the reliability of financial reporting. The enhanced ability to exercise professional judgment in AS 5 should allow auditors to appropriately refocus their attention on the controls that are most important, the ones that will result in the most benefit. The resulting improvements in internal control will further enhance the reliability of financial reports which, in turn, will inspire increased confidence in the financial reporting process.
Let me now turn to international developments, which Chairman Olson mentioned in his remarks. There has been considerable discussion about the need for, and progress has been made toward, a single set of high-quality accounting standards for both domestic and cross-border financial reporting. You know about the FASB's work with the IASB to converge accounting standards, and I and others at this conference already have mentioned the significant initiatives recently undertaken by the SEC related to IFRS.
Increasingly, questions are being raised about the need for uniform auditing standards for both domestic and cross-border financial reporting purposes. In the coming year, as we consider various aspects of our standard setting role moving forward, we will be considering and seeking additional views on whether there is a need for a set of globally accepted auditing standards, how the PCAOB should interact with other auditing standards setters, and how this should fit within the PCAOB's other priorities.
For several years, the PCAOB staff has been involved in efforts to minimize differences between our auditing standards and the standards developed by the International Auditing and Assurance Standards Board – the IAASB – of the International Federation of Accountants and the U.S. Auditing Standards Board ("ASB"). We serve as an observer with speaking rights on the IAASB. In this capacity we both learn from the IAASB members the rationale underpinning their standards, and we influence the debate. Additionally, in connection with each of our standards setting projects, we use the related International Standard on Auditing ("ISA") as a significant input.
As a result of our standards-setting process, however, there likely will be differences between the standards of the PCAOB and the equivalent ISAs. For one thing, we have the internal control reporting provisions of the Sarbanes-Oxley Act of 2002 that apply to all U.S. public companies. It is essential that our standards address the integrated audit of financial statements and internal control over financial reporting. Additionally, our Board was entrusted by the U.S. Congress with the responsibility to adopt standards that, when implemented, will protect investors in U.S. public companies. It is important, therefore, to specifically consider the U.S. auditing environment when adopting auditing and related professional practice standards. There might be areas in which different requirements are needed to address risks in our environment. I am hopeful, however, that we will be able to write the standards in a way that will facilitate understanding of the differences between our standards and those written by the IAASB.
Another important input to our standard setting process is the results of our inspections and enforcement activities. Having these activities under the same roof provides us with a means of assessing how well our standards are being implemented and how to write standards to facilitate their effectiveness. Our inspections of the implementation of AS 2 gave us information valuable to the development of AS 5, for example.
During 2007, the Board published three general reports concerning the procedures, findings, and results of its various inspections. The first, issued in January, contains observations about auditors' implementation of auditing standards related to the auditor's responsibility with regard to the consideration of fraud. I will spend a few minutes highlighting certain matters included in this report. The second, issued in April, contains observations on the second-year implementation of Auditing Standard No. 2.
The third, issued in October, discusses observations identified in the course of the first three years of inspecting U.S. registered public accounting firms that audit 100 or fewer issuers. Such firms are subject to inspection at least once every three years. George Diacont, PCAOB director of registration and inspections, and his colleagues will be providing an overview of the observations contained in this report in another session at this conference.
I highlight these reports today for at least two reasons. First, they give you valuable insights on the results of our inspections. The matters included in these reports are there either because they are sufficiently important by themselves or they arise with sufficient frequency to warrant discussion in a public report. Second, they highlight areas in which auditors are having difficulty implementing the Board's standards. Accordingly, these reports are likely to help you identify areas in which you might need to be more diligent, and they serve as an excellent training tool. I therefore encourage you to obtain these reports and read them.
Statement on Auditing Standards No. 99, The Auditor's Consideration of Fraud in a Financial Statement Audit, which is one of the Board's interim auditing standards, addresses the auditor's obligation to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement caused by fraud. Because of the importance of the auditor's responsibility for fraud in an audit, the Board's inspectors focused on auditors' implementation of SAS No. 99.
The observations suggest a need for improvement and I am going to quickly summarize some of them.
I would like to elaborate on some of the important aspects of the auditor's approach to fraud.
First and foremost, it is essential that the auditor maintain an attitude of professional skepticism during the audit. That is, an attitude that includes a questioning mind and a critical assessment of audit evidence. It means following up on "red flags" and not being satisfied with less than persuasive evidence even though you might believe that management is honest.
The essential elements of SAS 99 are to obtain the information needed to identify the risks of fraud; identify risks that may result in a material misstatement due to fraud; assess those risks; and respond to the results of the assessment. Importantly, the auditor should evaluate whether the specific risks identified relate to specific financial statement accounts and assertions, and respond accordingly.
The response might need to be general, including considering whether engagement team members have the right level of experience to address the risks. The response also might need to be specific to certain financial statement accounts and assertions, which might include varying the nature, timing, or extent of the procedures the auditor otherwise had planned to perform.
I might have said some apparently negative things about audit checklists and work programs. My point is how they are used and not whether they are used. If used properly, for example, as a tool to remind the auditor about the relevant requirements or to help him or her appropriately focus the work under specified circumstances, they can be very effective.
I am now going to turn to more recent developments.
As I mentioned earlier, the SEC will now permit foreign private issuers to file with the Commission financial statements prepared in accordance with the English language version of IFRS, as published by the IASB, without reconciliation to U.S. GAAP. The SEC rule changes raise some questions about certain PCAOB professional standards.
Today I will address the effect of the recent SEC action on one of the Board's interim quality control standards, known as Appendix K.
U.S. registered public accounting firms that were members of the former AICPA SEC Practice Section, that are members of, correspondents with, or similarly associated with international firms or international associations of firms are to seek adoption of policies and procedures by the international organization or individual foreign associated firms that are consistent with the objectives set forth in Appendix K.
Appendix K seeks to enhance the quality of SEC filings by SEC registrants whose financial statements are audited by foreign associated firms. It does this by setting out procedures to be performed by persons knowledgeable in U.S. accounting, auditing, and independence requirements on certain SEC filings – the "filing review" – and annually in connection with internal inspection programs.
With respect to an SEC filing that includes financial statements prepared in accordance with the English language version of IFRS, as issued by the IASB, and for which the U.S. GAAP reconciliation is neither required by, nor filed with, the SEC, there are several provisions within Appendix K that are affected. I will discuss each of those provisions.
Among other things, the filing reviewer is directed to discuss with the partner-in-charge of the engagement the engagement team’s familiarity with and understanding of U.S. accounting and financial reporting standards and the significant differences between the accounting and financial reporting standards used in the filing and those applicable in the U.S. These provisions, which are specific to U.S. GAAP, are not applicable to a filing that contains no U.S. GAAP or U.S. GAAP reconciliation.
Other filing review procedures address reading the document to be filed with the SEC; discussing with the partner-in-charge of the engagement the engagement team's familiarity with and understanding of applicable U.S. auditing and independence standards and requirements, and significant differences between these applicable U.S. standards and requirements and the auditing and independence standards of the foreign associated firm's domicile country; and discussing with the partner-in-charge of the engagement significant auditing, accounting, financial reporting, and independence matters that come to the attention of the filing reviewer when performing the filing review procedures. These filing review procedures are still applicable to filings that do not contain any U.S. GAAP.
The Appendix K inspections procedures direct "inspection reviewers" knowledgeable in U.S. accounting, auditing, and independence requirements to review a sample of audit engagements performed by foreign associated firms for SEC registrants. Based on the procedures performed, the inspection reviewers should determine, among other things, whether anything came to their attention to cause them to believe that the financial statements were not presented in all material respects in conformity with accounting principles generally accepted in the U.S. or, if applicable, the footnote reconciliation of the financial statements to U.S. GAAP did not include appropriate treatment of the material reconciling items. This determination with respect to U.S. GAAP compliance required by Appendix K would not be applicable to filings that contain no U.S. GAAP. The other inspections procedures remain applicable.
Finally, the documentation and resolution of differences provisions remain applicable.
The PCAOB staff is evaluating whether changes should be made to Appendix K, including whether it should be replaced with something else or eliminated, and other possible changes to the Board's standards and rules that may be necessary to clarify how PCAOB standards apply when financial statements are prepared according to IFRS.
I will now move on to another current topic.
Today, the PCAOB will publish a Staff Audit Practice Alert, Matters Relating to Auditing Fair Value Measurements of Financial Instruments and the Use of Specialists. We were principally motivated to develop this Alert by the challenges presented by the sub-prime credit situation and its effects on the markets and fair value measurements, and certain issues that might arise in the transition to Statement of Financial Accounting Standards No. 157, Fair Value Measurements ("Statement 157" or "FAS 157").
The Alert does not create any new auditing requirements. Rather, we issued it because we believe it will be helpful to auditors as they gear up to complete their year-end auditing work by reminding them of certain aspects of the auditing and related accounting standards that are particularly relevant at this moment.
The Alert addresses four areas: auditing fair value measurements; classification within the fair value hierarchy under FAS 157; use of specialists in fair value measurements; and use of a pricing service. It is a brief document that highlights only certain matters in each of these four areas.
One of the matters I want to highlight this afternoon is that we have a principles-based auditing standard on auditing fair value measurements, Statement on Auditing Standards No. 101, Auditing Fair Value Measurements ("SAS 101"), which was adopted by the PCAOB as one of its interim auditing standards. It provides a sound conceptual approach to auditing fair value measurements and disclosures, and some additional, helpful direction on how to obtain sufficient, competent audit evidence.
One of the high level requirements included in SAS 101 is that the auditor should evaluate whether the fair value measurements and disclosures in the financial statements are in conformity with GAAP. A factor relevant to today's environment is that accounting standards – including those in effect prior to FAS 157 – generally require financial statement preparers to consider market inputs in determining fair value measurements. Specifically, GAAP in effect throughout 2007 provides that –
Accordingly, auditors also should be using relevant market inputs in auditing fair measurements, even in unusually volatile markets.
Let me now highlight some of our current standards-setting priorities and certain other current developments.
In October, we discussed with our Standing Advisory Group our current standards-setting priorities. It is a fairly long list because it includes all the substantive matters I expect the standards setting staff to be devoting attention to over the next twelve months. It does not represent a list of projects we expect to complete during that time. I already have described one of the matters we will be considering in the near term, uniform, globally-accepted auditing standards. I would now like to mention two standards setting priorities for which I expect you will see proposed standards in 2008.
One of these priorities is engagement quality review, which would replace the existing interim requirement on concurring partner review. I believe we are fairly close to issuing a proposal. One objective is to enhance the value of the second partner role while reasonably limiting the engagement quality reviewer's responsibility for identifying GAAP departures or non-compliance with the standards and rules of the PCAOB.
The other project I would like to mention is risk assessment. We are using the work of the IAASB and ASB as substantial inputs to this project, because I believe they have improved their standards in this area in several important respects. For example, they have provided more direction on what would constitute a sufficient understanding of the company's business and the environment in which it operates, and what is involved in conducting a risk assessment. The staff is making good progress on this project, now that we can spend a bit less of our time on internal control. It is a substantial project, however, so you are not likely to see a proposal until later in 2008.
Another subject I would like to mention is the Board's interim standards. When the Board adopted existing standards of the AICPA on an initial, transitional basis in April 2003, the Board indicated that it would establish a schedule and procedure for the review of all the interim standards. We have not yet established such a schedule or procedure; rather, we have focused our standards setting resources on specific priorities, which is consistent with advice we have received.
At the beginning of 2007, the staff began evaluating each of the Board's interim auditing standards to begin the process of identifying the level of change necessary to adopt the standards as permanent standards of the Board, and to begin to formulate views as to their relative priority. Our next step is to develop a more defined schedule and procedure for this review with the Board. I expect that we will seek additional advice from the Board's Standing Advisory Group on this subject next year, and hope that we are able to make substantial progress on resolving this matter.
There is one final matter I wish to bring to your attention before I conclude.
When we adopted AS 5, we also adopted a change to the way in which the auditor determines the audit report date. The report should now be dated no earlier than the date on which the auditor has obtained sufficient competent evidence to support his or her opinion, rather than the date of completion of field work. This direction applies to integrated audits of financial statements and internal control over financial reporting, and to audits of financial statements only, such as continues to be the case with non-accelerated filers.
This change makes our standard on report dating consistent with that of the IAASB and ASB.
As I mentioned in my opening remarks, the accounting environment is extraordinarily dynamic right now. I fully expect that some of the recommendations of the two federal advisory committees will affect the work of the PCAOB, and I look forward to studying the recommendations. Additionally, significant and important initiatives undertaken by the SEC, including IFRS and XBRL, also are likely to affect our work. And then, of course, there always is the risk that something we don't yet know about will come down the road.
In times like this, it is especially important for us to not lose sight of our profession's core values. When we entered the accounting profession, and whether we work as auditors or as preparers of financial statements, we accepted an important responsibility to society. We have an obligation to be truthful.
Users of financial statements don't have many options other than to trust that financial management is truthful in reporting the company's financial condition and results of operations, and that the auditor has maintained an independent mental attitude and exercised due care in conducting the audit. I hear it said that the vast majority of accountants want to do the right thing, and I believe that is true. Some times, though, it is very hard to do that. But even in those cases, we owe it to society to live up to our obligation to tell the truth.
Thank you for your attention. I will be on the panel later this afternoon to address your questions. And, for those of you who are interested, I will be posting this speech to the PCAOB Web site. Good afternoon.
 AS 5 is effective for integrated audits of financial statements and internal control over financial reporting for U.S. public companies for years ending on or after November 15, 2007.
 See Preliminary Staff Views, An Audit of Internal Control That is Integrated with an Audit of Financial Statements: Guidance for Auditors of Smaller Public Companies, at www.pcaobus.org.
 See PCAOB Release No. 2007-001, Observations on Auditors' Implementation of PCAOB Standards Relating to Auditors' Responsibilities with Respect to Fraud.
 See, for example, AU sec. 316.57, which directs the auditor to perform certain procedures in response to the risk of management override.
 See Interim Quality Control Standards, SEC Practice Section (SECPS) – Requirements of Membership, Section 1000.08(n) – Audit Firm Obligations with Respect to the Policies and Procedures of Correspondent Firms and of Other Members of International Firms or International Associations of Firms. See the PCAOB interim standards.
 See Appendix K, secs. .01 a. (2) (i) and (ii)(a).
 See Appendix K, sec. .01 a. (1).
 See Appendix K, sec. .01 a. (2) (i) and (ii)(b).
 See Appendix K, sec. .01 a. (2) (iii).
 See Appendix K, sec. .01 b. (1).
 See Appendix K, secs. .01 b. (2) – (5).
 See Appendix K, secs. .01 a. (3) and c.
 See Staff Audit Practice Alert No. 2, Matters Related to Auditing Fair Value Measurements of Financial Instruments and the Use of Specialists, at http://www.pcaobus.org.
 See SFAS 115, Accounting for Certain Investments in Debt and Equity Securities, paragraph 137; SFAS 133, Accounting for Derivatives and Hedging Activities, paragraph 540; and SFAS 140, Accounting for Transfers and Servicing of Financial Assets and Extinguishments of Liabilities, paragraph 69.
 Ibid. Also, in paragraph 58 of SFAS 107, Disclosures about Fair Value of Financial Assets, the FASB Board reiterated its belief that quoted prices, even from thin markets, provide useful information because investors and creditors regularly rely on those prices to make their decisions.
 See SFAS 115, Accounting for Certain Investments in Debt and Equity Securities, paragraph 137; SFAS 133, Accounting for Derivatives and Hedging Activities, paragraph 540; and paragraph 69 of SFAS 140, Accounting for Transfers and Servicing of Financial Assets and Extinguishments of Liabilities.