Happenings At the PCAOB – What’s On Our Radar
Remarks as prepared for delivery
Good morning. It is a great pleasure to be here. I would like to extend a thank you to Dr. Crumbley and the LSU Accounting Department for the opportunity to join you at this year’s Fraud and Forensics Conference. Thank you also to Kimberly for the introduction and for your assistance in coordinating today’s program.
My connection to Louisiana runs deep, as my father was born and raised in Shreveport, Louisiana. And I’m excited to return to Louisiana today, especially to LSU. My congratulations go out to the LSU Tigers, particularly on winning the NCAA Division I Women’s Basketball National Championship and the NCAA Division I Men’s Baseball National Championship. It is certainly the Year of the Tiger! LSU is living up to its mission to secure, elevate, and advance the state of Louisiana, and to develop students who are prepared, confident, and inspired to achieve lifelong success. I applaud achievement at every level. I also applaud the achievements of the LSU Accounting department. As I was interviewing intern candidates back in the Spring, I came across a young man who is currently an LSU Accounting student. He joined my staff as an intern for the Summer and has blended in so well that many here at the conference thought he was a permanent full-time PCAOB employee.
I will begin with the standard disclaimer that my views expressed here today are my own, and do not reflect the views of the Board or its staff.
The common theme in my entire professional career has been mission-driven service. Now serving as a Board Member at the PCAOB since January 2022, I have added another mission to my years of service – investor protection.
I want to share a little story with you. In 2019, an inventive Montana grandmother was fed up with speeders.1 She brought out a comfortable chair and sat alongside a street near her home holding a hair dryer, pointing it at cars in the hopes that drivers would believe it was a radar gun and slow down. While it is unknown if her efforts were successful in slowing some motorists, her actions were noticed as a means to deter behavior considered dangerous for her grandchildren that played nearby. Many applauded this grandmother for acting, and in fact she ended up being dubbed an honorary Montana trooper. And, of course, it became a meme that circled many social media platforms. For many, it was a reminder that dangerous behavior will continue if it goes unidentified or unenforced. Fortunately for investors, the PCAOB has effective tools to deter, and where appropriate, punish auditing practices that endanger our capital markets and erode investor trust.
The origins of auditing date back centuries; however, government regulation of this profession was enhanced significantly just over 20 years ago, with the creation of the PCAOB. The PCAOB operates in a broader capital markets ecosystem, of which there are many players and participants, including preparers, internal auditors, external auditors, audit committees, and other regulators. While the 1929 stock market crash was the catalyst for the initial requirements for audits of public companies, it was the crisis spurred by financial reporting fraud in the early 2000s including the spectacular collapse of Enron and WorldCom, that inspired Congress to create the PCAOB to oversee the auditing profession. The PCAOB was born out of a bi-partisan response to fraud. Prior to 2002, private organizations affiliated with the accounting profession set auditing standards, conducted “peer reviews,” and imposed professional discipline. The frauds of the 2000’s demonstrated that self-regulation within the audit profession was ineffective in advancing investor protection. Investors needed more than a hairdryer to stem dangerous practices, they needed a cop on the beat. It was critical to restoring trust in our capital markets.
Earlier this year, we proudly celebrated the 20-year anniversary of the establishment of the PCAOB. There is much to celebrate in what we have accomplished to improve audit quality since inception. Audit quality, however, is an infinite mission. As an independent regulator, we continuously scan the horizon to identify challenges that threaten audit quality. It is part of how we contribute to the balance of the ecosystem. Requiring independent, high-quality audits can boost trust and provide stability in our capital markets.
The PCAOB continues today to drive improved audit quality with an ambitious agenda set by our current 5-person Board, with over 150 years of professional experience collectively, and includes two CPAs, as required by the Sarbanes-Oxley Act. Our current Board is the most diverse Board in the history of the PCAOB.
Today we will review four primary topics:
- Twenty years advancing audit quality,
- The PCAOB risk radar,
- The Board’s Strategic Plan, and
- Opportunities to improve audit quality.
I will leave ample time at the end of my prepared remarks to answer some questions provided in advance.
To understand the significance of what has been accomplished in audit regulation, it’s important to reflect on how far we have come. On Monday, January 6, 2003, the first day of operation, there were 8 full-time employees, 4 of whom were Board Members. With a lot to accomplish, this core group met for hours on end in a conference room of our DC office, each rolling in their own chairs to the meeting. Title 1 of the Sarbanes-Oxley Act guided and served as the strategic blueprint for what a regulator of the audit profession for the U.S. capital markets should look like. The first steps were many and involved (1) creating an organizational structure and hiring senior staff, (2) developing a registration system, (3) creating an inspection program, (4) reviewing standards and establishing a new standards-setting process, (5) establishing a budget and a funding mechanism, and (vi) outreach to stakeholders.2
Twenty plus years ago, there was no template to follow. Many of the audit regulator counterparts in other jurisdictions around the world were created subsequent to the establishment of the PCAOB. Those early years were dedicated to translating Title I of the Sarbanes-Oxley Act and Congress’s vision into a living, breathing organization.
Much has changed since the enactment of SOX in July of 2002. As the Greek Philosopher, Heraclitus, said, “There is nothing permanent except change.” And over the last 20 years, changes abound in the U.S. capital markets ecosystem. The PCAOB and its mission was set into motion years before the release of the first iPhones, before the creation of cryptocurrency, and well before the contemplation of non-fungible tokens (NFTs) or ChatGPT. Generally accepted accounting principles (GAAP) have evolved, and the size and structure of audit firms has significantly changed. Some of the largest firms have upwards of 300,000 to 400,000 employees and consulting practices substantially larger in size than the audit practices.
Despite these changes in the marketplace and more than 20 years later, other than the provisions of the 2010 Dodd Frank Act which granted the PCAOB oversight authority over audits of SEC registered broker-dealers, our mission remains unchanged – to protect investors and further the public interest in the preparation of informative, accurate, and independent audit reports.
In the last 20 years, the PCAOB’s efforts in inspections, enforcement, and standard setting have strengthened audit quality and bolstered confidence in the capital markets.
Our Division of Registration and Inspections (DRI), our largest division, assesses applications submitted by firms seeking to register with the PCAOB. As of June 30, 2023, we had over 1,600 firms registered.3
Additionally, DRI inspects audits to assess a firm’s compliance with rules and standards applicable to the firm's performance of audits. Each PCAOB inspection results in a report, which outlines any identified audit deficiencies and concerns around a firm’s system of quality control.
We have conducted over 3,800 firm inspections between 2004 and 2022 reviewing portions of more than 16,000 issuer audits, in 56 jurisdictions.4 And, starting in 2011, as mandated by the Dodd Frank Act, we developed an interim broker-dealer inspections program, and have inspected more than 700 firms reviewing portions of more than 1,100 broker-deal audits and related attestation engagements. Typically, larger firms (with more than 100 issuers) are inspected annually, and smaller firms (with 100 or fewer issuers) are inspected at least triennially.
And, through the years, the PCAOB secured access to inspect and investigate firms in all jurisdictions where registered firms reside, including China, where access was secured in 2022, subsequent to the enactment of the bipartisan Holding Foreign Companies Accountable Act.
Our accomplishments in Enforcement have also been extraordinary –
We have issued more than 360 settled orders, sanctioned 250 firms and more than 280 associated persons through 2022, and revoked registrations for more than 100 firms.
Since inception, we have assessed penalties totaling more than $38 million. Under SOX, monetary penalties are used to fund our scholarship program, which provides financial awards to students enrolled in accredited accounting degree programs. The Board has awarded over $22 million in scholarships to over 2,200 students from over 400 different academic institutions.5 This year’s group of 369 PCAOB Scholars, anticipated to be the largest number of recipients in the program’s history, an increase driven largely by the PCAOB’s expansion of the number of institutions selected to participate in the program. To date, 10 LSU students have been awarded PCAOB scholarships totaling $100,000.
Revocations, bars and suspensions, and exacting civil money penalties are not the only ways in which we seek to deter behavior that violates our rules and standards. Other effective tools the Board has employed include:
- Requiring independent monitors,
- Requiring admissions,
- Limiting the activities of a firm or of an associated person, and
- Requiring that the firm provide a copy of the settlement order to the audit committee of all of its clients.
Soon after the PCAOB was established, it adopted many AICPA standards as interim standards to govern the preparation and issuance of audit reports for public companies. We have updated significant portions of those standards, including revising our suite of risk assessment standards,6 enhancing the Auditor’s Report to require a discussion of Critical Audit Matters (or CAMs).7 Additionally, we have increased transparency regarding audit participants through Form AP reporting.8 CAMs present an opportunity for the auditors to inform investors and other financial statement users about significant matters in the audit and how such matters were addressed. We define a CAM as any matter arising from the audit of the financial statements that was communicated or required to be communicated to the audit committee, and that:
- Relates to accounts or disclosures that are material to the financial statements; and
- Involved especially challenging, subjective, or complex auditor judgment.9
Further, the creation of Form AP reporting also enhances the transparency of those involved in the audit, including the name of the engagement partner and other accounting firms that participated in the audit, providing investors and financial statement users with more information to analyze audit quality. These updates to our standards since the inception of the PCAOB reduced the opacity of the audit.
The foregoing discussion of our regulatory achievements provides evidence of how the PCAOB has endeavored to improve audit quality. Over the years, we have seen improvements in a number of ways – including declines in the volume and types of findings; narrowing of inspection findings; and/or improvement in issues around tone at the top and responsiveness to implement significant remedial actions.
A number of academic studies demonstrate that PCAOB inspections improve audit quality, both here in the U.S. and in other countries where the PCAOB has inspection access. Studies have cited that public audit oversight can enhance reporting credibility, increase the assurance value of an audit, and result in measurable positive changes to market share.10 It is a reminder of the PCAOB’s contributions to the broader capital markets ecosystem.
While we are proud of the significant and rewarding progress made, our mission persists. Ongoing results from our inspection program demonstrate that there is much work to be done to continue advancing audit quality. As the markets evolve, auditors and audits must also evolve to be responsive to the risks that arise. Our PCAOB radar must strategically recalibrate to protect investors in today’s market. So, what is on the PCAOB risk radar today?
The PCAOB has a unique view of the audit profession through its interaction with registered firms of all sizes, various stakeholders, and audit regulators around the world. Today, I will highlight some trends identified by our radar detector:
- Heightened risk of fraud in the current economic environment,
- Recent increases in audit deficiencies,
- Auditor misconduct,
- Growth in the reliance on technology, and
- Talent pipeline and resource challenges.
Let’s begin with the risk of fraud. Fraud weakens our capital markets and causes investor harm. Several of the speakers yesterday, touched on the devastating impacts of fraud to our capital markets.
In February 2023, individual investors poured billions each day into U.S. stocks, the highest amount on record.11 The first quarter fared almost as well, with individual investors buying approximately $78 Billion in equities in the first three months of this year, the third highest amount on record. Researchers estimate that only one-third of corporate “frauds” are detected, and that “fraud” erased $830 billion in equity value during 2021 alone.12
In 2017, the PCAOB updated its Auditing Standards to require that the audit opinion clearly state the auditor’s responsibility to perform “procedures to assess the risks of material misstatement of the financial statements, whether due to error or fraud.13 ”This language signals the auditor’s responsibility to deploy audit procedures to identify fraud.
Unfortunately, real pressures exist for preparers to engage in fraud. Whether it is pressure to meet earnings targets or performance estimates, particularly in an economy facing some headwinds, these risks should not be ignored. Over the last few years, we have seen some unprecedented social, economic, and business challenges, including inflationary pressures not seen in decades, disrupted supply chains, and entire workforces sent home as the world shut down. These risks packaged with ongoing remote, or hybrid work environments have increased financial reporting and audit risks.
External auditors play a crucial role in identifying and combating fraud. In April of this year, the PCAOB issued an Inspections Spotlight document highlighting staff priorities for 2023 inspections.14 #1 on our list of inspection priorities was the risk of fraud. We expect auditors, beginning with the risk assessment process in the audit, to ensure that the risk of fraud is top of mind and considered throughout the audit.
While the risk of fraud has always been a consideration in the audit process, fraudsters are agile and creative in devising fraud schemes to fit the present situation. Just as the PCAOB has evolved over the last 20 years, so too have frauds. Fraud today involves complex technology and financial instruments. We recognize that in the current economic environment, the incentives/pressures, rationalizations, and opportunities to commit fraud have evolved. Auditors must avoid the “same as last year” mentality and audit for today’s risk of fraud.
Further, many people during the pandemic left the work force, which impacts all industries. Statistics report over 47 million workers left their jobs in 2021.15 The loss of labor has impacted companies’ people and processes, increasing the vulnerabilities that companies could face.
Let’s now examine the trends we are seeing from our inspection efforts. The purpose of a PCAOB inspection is to accurately assess, drive improvement in, and communicate audit quality. We inspect firms of all sizes, from “single” partner to large global network firms.
The results of our inspections are communicated through our inspection reports. The PCAOB inspection reports, our primary publication for stakeholders, is comprised of a public portion and a non-public portion. The public portion describes inspection findings of such significance that the Board believes that the firm, at the time it issued its audit report, had not obtained sufficient appropriate audit evidence to support its audit opinion on the issuer’s financial statements; we refer to this as Part I.A deficiencies. The other two sections in the public portion of the report outline findings regarding non-compliance with applicable independence rules and standards. The non-public portion communicates to the firm criticisms of potential defects in the firm’s system of quality control that, if not satisfactorily remediated in 12 months, could be made public.
The PCAOB expects approximately 40% of the audits reviewed in 2022 will have one or more Part I.A deficiencies, up from 33% in 2021 and 29% in 2020.16 This reflects the results of all size firms subject to PCAOB inspection.
In particular, the six U.S. Global Network Firms issuer audits account for more than 98% of the U.S. market capitalization as of the end of 2022. We anticipate the average combined Part I.A deficiency rate across the six U.S. Global Network Firms will increase from approximately 24% of audits reviewed in 2019 to over 30% in 2022, with a continued negative trend for some firms already in 2023. In my view, the rate of deficiencies is concerning and suggests that too often audit procedures were insufficient to support the audit opinion. High deficiency rates threaten erosion of the trust placed in the audit profession to perform quality audits.
On average, each year, our Inspections staff inspect over 800 issuer audits in over 30 jurisdictions around the world.17 This negative trend in deficiency rates includes all size firms for the past two years.
When these deficiencies are communicated through the inspection report, we expect swift corrective actions in a firm’s system of quality control to contribute to improved audit quality. As noted earlier, the inspection reports include quality control criticisms, where appropriate. More recently, we have seen an uptick in certain quality control themes for certain firms around: tone at the top, a firm’s management of quality control, professional skepticism, technical competence, and testing of certain areas such as ICFR and revenue. We are paying keen attention to 1) those firms that are not engaged at all, or very little, during the remediation process, and 2) those firms that despite taking remediation actions within the system of quality control are unable to address audit deficiencies.
Improvement in audit quality is a continuous process. Appropriate and timely remediation of quality control criticisms should, theoretically, advance audit quality. The Board considers whether remedial actions are designed appropriately, are of appropriate scope, and are implemented timely. Our radar indicates corrective actions for some firms are failing. The result is an uptick in failed, or partially failed, remediation determinations.
The good news is that these trends are reversible, through a renewed focus on a firm’s system of quality control, and stronger efforts during remediation where firms engage early and often in the remediation process to make further improvements.
Underpinning trust in the profession is the ethical foundation expected of the independent audit professionals conducting the audits. Unfortunately, several recent enforcement actions highlight a need to remind auditors of their professional responsibilities.
In 2022, the Board extracted millions of dollars in penalties from Big 4 firms or their affiliates in enforcement actions pertaining to audit personnel cheating on training exams and answer sharing. I’ll highlight two of these cases for which the orders are publicly available through our website.
First, in a disciplinary proceeding against KPMG LLP UK,18 for three years the firm’s system of quality control related to integrity and personnel management failed to establish appropriate policies and procedures for administering and overseeing internal training tests. Hundreds of Assurance firm personnel were involved in improper answer sharing — either by providing answers or receiving answers without reporting such sharing — in connection with tests for mandatory internal training courses covering topics that included auditing, accounting, and professional independence.
Second, in an order against PWC Canada19 made public in February 2022, for more than four years the firm failed to establish appropriate policies and procedures for administering and overseeing internal training tests. Those quality control failures prevented the firm from identifying that more than 1,200 firm professionals were involved in improper answer sharing in connection with tests for mandatory internal training courses covering topics that included auditing, accounting, and professional independence. More than 1,100 of these professionals were from the firm’s Assurance practice.
In total, for these two enforcement orders, penalties of just under $3 million were imposed on the firms and the firms were required to undertake certain remedial actions. This auditor misconduct erodes trust; And the fact we identified similar misconduct multiple times is further concerning.
In a recent accounting research working paper, available through the PCAOB website, it was highlighted that the world’s largest public accounting firms plan to invest over $9 billion into technology development and initiatives before 2025.20 Tools under development are intended to improve both audit efficiency and audit quality.
While innovation in technology has the potential to contribute to improved audit quality, there are some unintended consequences that we expect the profession to manage as the tools are developed and deployed in the audit. Recently, the PCAOB issued for comment proposed amendments to aspects of designing and performing audit procedures that involve technology assisted analysis of information in electronic form. In my statement supporting the proposal, I noted that those proposed amendments are just the first step in our journey to address the growing use of technology in audits. We continue to monitor and gather evidence on the broader use of technology by the profession and preparers.
The fifth risk to audit quality to discuss is the lack of a sufficient and steady pipeline for talent in the profession. A recent Wall Street Journal article noted that “fewer people are pursuing degrees in accounting and entering the field, resulting in more positions open and for longer periods of time. What’s more, academics say, the shortage will likely be compounded as more accountants retire without a robust pipeline of replacements.”21 In May of this year, the AICPA released a document on its plan to accelerate talent pipeline solutions.22 In short, the talent shortage is a brewing crisis.
- The number of U.S. students who completed a bachelor’s degree in accounting declined nearly 9% in 2020, according to the AICPA.23
- In addition, over 300,000 U.S. accountants and auditors have left their jobs in the past couple of years,24 a 17% decline in industry employment, according to the Bureau of Labor Statistics.
- We are also seeing competition for talent with other STEM and business professions, along with demographic shifts.
We aren’t seeing a decline in the need for accountants or auditors, we are just seeing less talent enter this profession. In that same Wall Street Journal article, it stated that “the accounting shortage is showing up in financial statements.” U.S. listed companies are citing a lack of accounting staff as a contributing factor in material weaknesses and late SEC filings.25
This talent shortage is exacerbated when you examine that the level of diversity at the highest levels of many firms does not reflect the diversity of the communities in which we live and work. To expand the demographics of those entering the profession, auditors need to see evidence of themselves through all levels of leadership at the firms.
In my conversations with individuals across the profession, I have noted that we have yet to fully understand the impact of the COVID-19 pandemic, the Great Resignation, and the rise of hybrid work on the apprenticeship model of auditing. We are essentially raising the next generation of auditors in a remote work environment. This model shakes the foundation of how auditors were historically trained – in person, elbow-to-elbow, and by walking the halls of the client.
These five risks– fraud, the rate of deficiency findings for some firms, unethical auditor conduct, the use of and reliance on technology, and pipeline challenges – individually, and collectively, threaten audit quality.
To be responsive to these five risks on our radar, we must initiate some course corrections, guard rails, and other measures to ensure we improve audit quality across all firms, regardless of firm type or size. Investor protection should be present for investors in all facets of our market. Over the last 18 months, the current Board has responded to these risks.
The PCAOB is laser focused on what’s next to improve audit quality. This Board’s strategic plan,26 sets forth four primary goals:
- Modernizing standards;
- Enhancing inspections;
- Strengthening enforcement; and
- Improving operational efficiency.
This Board is decisively executing against our strategic goals in a capital markets ecosystem that is ever evolving in complexity of accounting, the use of technology, and in talent needs. In my experience, the most important element of an effective strategic plan is not defining that strategic plan, but in how you operationalize it. Our strategic plan drives daily discussions and actions taken by our divisions and offices to ensure those goals cascade into all facets of our mission-driven work. Our mission-oriented professionals are up to the task. We will communicate often on our progress of reaching our goals, through engagement with our advisory groups, participation in various forums and roundtables, PCAOB Staff Publications on our website, and releases pertaining to proposed and adopted standards. In that regard, over the last 18 months, here is where we are in meeting those goals.
Last year the Board set an ambitious goal to update significant portions of our standards. We have adopted amendments related to the use of other auditors, and proposed changes to 5 critical standards that have seen little to no update since the PCAOB adopted the AICPA’s interim standards in 2003.
In November 2022,27 I voted in favor of a proposal to update and modernize our quality control standards into one standard titled QC 1000. A firm’s system of quality control is foundational to the performance of high-quality audits in accordance with PCAOB standards. The proposed quality control standard is far more comprehensive than current PCAOB standards. I believe the proposal would have a positive influence both on how individual audit engagements are conducted and on a firm’s audit and assurance practice as a whole. The proposal builds on parallel standards adopted by the IAASB and AICPA and includes appropriate elements of scalability for the various size firms that we regulate.
The following month, in December 2022,28 I voted in favor of a proposed new standard for the auditor’s use of confirmation under AS 2310. Confirmations, in particular of cash and accounts receivable, are widely accepted and executed audit procedures by the profession. I am particularly interested to see commenter views on whether the proposal strikes the right balance with respect to the auditor’s consideration of confirmation procedures in response to significant risks arising from other kinds of transactions or arrangements with third parties.
In March of this year,29 I supported the proposed AS 1000, which brings together and modernizes our foundational standards which address the general responsibilities of the auditor, including due professional care and professional skepticism. The proposal also includes amendments to other standards, which clarify the due care responsibilities of the engagement partner and reduces the period for archiving audit documentation.
And, just last month, I voted in favor of a proposal, which would strengthen the requirements of auditors to identify, evaluate, and communicate noncompliance with laws and regulations, including fraud. Our investor protection mission drives this proposal. This proposal is also directly responsive to the risk on our radar previously mentioned, the risk of fraud. The deadline for public comment on the proposal is August 7th of this year. I hope that many of you submit comments on this proposal.
As mentioned, another proposed amendment voted out this June30 relates to aspects of designing and performing audit procedures that involve technology-assisted analysis of information in electronic form. These amendments would address the growing use of technology in audits. I believe the proposed amendments allow for innovation, while also protecting the interests of investors.
The PCAOB is focused on modernizing its standards and rules to ensure they are fit for purpose in today’s audit environment. Our standards-setting agenda reflects our commitment to this goal. In May of this year, we updated our public standard setting agenda31 to reflect our ambitious plans. Our short-term agenda now includes Firm and Engagement Performance Metrics, and Substantive Analytical Procedures. Our mid-term agenda includes the Use of a Service Organization, Interim Financial Information Reviews, and Fraud. Needless to say, we have been busy driving toward our goal of modernizing our standards, and rules, to fulfill our investor protection mission.
Moving on to our second Strategic Goal of Enhancing Inspections, I can highlight what we are accomplishing towards this goal. We are working to enhance the transparency and timing of inspection reports and to provide informative staff publications.
Recently we unveiled an array of website transparency enhancements that allow investors, audit committee members, and other stakeholders to better access data from PCAOB inspection reports. The new search filters help users analyze and compare more than 3,700 inspection reports from our website, including the ability for users to now download the entire data set. I know my researchers in the audience are excited about the opportunity to download an entire data set.
In 2022, the PCAOB issued 283 inspection reports, representing a 73% increase over 2021 and the most reports the Board has approved in one year. Our inspection reports now include, as mentioned earlier, additional information on independence and other non-compliance matters to advance transparency.
Further, in the last 18 months, we have issued 16 Staff Publications32 including documents that spotlight broad observations from our Inspections Program, including good practices, and Investor communications which highlight areas of regulatory concern for stakeholders. By comparison, that exceeds the number of Staff Publications issued from 2015-2019.
Overall, through our enhanced inspections process, we will emphasize audits in industries and sectors potentially impacted by uncertainties and volatility in the economic and geopolitical environment, evaluate auditors’ risk assessment, continue to inspect audits in China, a jurisdiction previously inaccessible, and focus on transactions in the area of emerging issues, such as digital assets. One of our most recent spotlight resources,33 highlights observations related to public company audits involving crypto assets. We will continue to ensure that emerging issues are considered in our inspection planning and procedures.
Through our Division of Enforcement and Investigations, DEI, the Board enforces professional standards and other related laws and rules governing the audits of public companies and SEC registered broker-dealers. Our strategic plan34 outlines our primary objectives in strengthening our enforcement program over a five-year period. One of these objectives is to enhance the rigor of the program. In that respect, the Board intends to take a more assertive approach to bringing enforcement actions and holding firms and individuals accountable. We believe this approach incentivizes firms and individuals to comply with applicable requirements, which, in turn, advances audit quality and investor protection.
Another objective outlined in our strategic plan is to impose more significant penalties and other relief for violations of applicable rules and standards. In that regard, last year, we imposed more than $11 million in total monetary penalties, the highest total ever imposed in one year. That number, $11 million, is approximately 30% of the total monetary penalties that the Board has imposed in its 20-year history.
Additionally in 2022, we doubled the number of settled enforcement orders from the previous year. In 2022, the Board settled the first action involving both a permanent bar and a significant monetary penalty. In that proceeding, the Board found that an audit partner – faced with an incomplete audit file and an upcoming PCAOB inspection – orchestrated the alteration and backdating of documents. In addition to censuring the partner and the firm, the Board permanently barred the partner from associating with a PCAOB-registered accounting firm, permanently revoked the firm’s PCAOB registration, and imposed a $50,000 penalty on both the partner and his firm.
In another 2022 settlement, the Board imposed the largest monetary penalty against an individual in PCAOB history, in a proceeding involving separate penalties of $150,000 imposed on an audit partner and his firm. That proceeding involved an audit partner who had misled PCAOB inspectors and investigators during two PCAOB inspections and a subsequent PCAOB investigation.
Just last month, the Board sanctioned a non-affiliate firm (i.e., a firm that is not a member of a global network) with the largest penalty imposed on a non-affiliate firm, $3 million. That case involved violations of PCAOB rules and quality control standards, including a finding that the firm’s quality control system did not provide reasonable assurance that it could execute certain audits with competence.
We are thoughtfully applying a more rigorous approach to enforcement, and imposing greater penalties, consistent with our mission. Given our statutory mandate, we must disrupt erosion of audit quality, and advance investor trust in our capital markets, through our enforcement arm.
Let’s now examine how we are currently working toward our fourth strategic goal of improving operational efficiency.
Our people are our greatest resource. Over the last year since joining the PCAOB, I have witnessed our exemplary staff time and again rise to the challenges we face in serving our mission. Attracting and retaining top talent is critical to our ability to serve our mission. This Board is taking action to invest in our people and our culture, as well as taking actions to improve the talent pipeline. We have introduced a new Attorney Honors Program,35 reintroduced our Fellowship Program within our Office of Economic Risk and Analysis,36 increased our hiring of interns, including accounting interns, posted for Board Fellowship roles for PhD Accounting students, increased our engagement with universities in traditionally underserved communities, and opened our doors in the DC office regularly to tours from various higher-level institutions, as well as high school students.
Part of improving our operational efficiency is our effort to strengthen stakeholder engagement. The PCAOB established the Office of the Investor Advocate (OIAD)37 to help the PCAOB Board incorporate investors’ perspectives in the PCAOB regulatory agenda and enhance the PCAOB's engagement with investors and investor advocates. The Investor Advocate liaises directly with investors to provide a voice to investors. This Board reconstituted our advisory groups,38 which began working on advising the Board in several areas last year. In June, we held our first in-person Investor Advisory Group and Standards and Emerging Issues Advisory Group public meetings. Archives of those meetings are accessible from our website.
The PCAOB also has engaged with audit committee members through participation in audit committee roundtables, with students through tours of our offices, visits directly to University Accounting Programs, and other international regulators through our involvement in IFIAR, which brings together audit regulators from around the world.
Now I have recapped many of the ways this Board has worked towards achieving its Strategic Goals and addressing the risks on the radar. What opportunities exist for the profession to respond?
The audit profession has a fundamental obligation to the public by serving as the protector of the public interest in the integrity of financial statements. The risks on our radar discussed today are collective risks for the audit profession.
With the heightened risk of fraud in the current economic environment, auditors must first and foremost perform a robust risk assessment. The risk assessment process should be continuous throughout the audit, ensuring to update the nature, timing, and extent of procedures performed as new information impacts the original risk assessment.
New and different transactions are constantly emerging, in particular in the space of digital assets. What was once just the thought of a digital currency traded online, there are now non-fungible tokens, block chain activities, crypto swap arrangements, and more. The risks evolve as companies develop new transactions. So too must the audit evolve to respond to those risks. Last two years, there was a massive growth in special purpose acquisition companies (SPACs). What will be the next SPAC type of transaction? How will that impact the risk assessment of your audit?
Now that the COVID-19 public emergency was officially declared over earlier this year, the lingering effects of that pandemic still radiate throughout many industries. Whether that be continuing supply chain disruptions, interest rate adjustments and inflationary pressure, adjustments in work forces as some have exited the work force all together, or just the loss of knowledge sharing after years of a remote working environment, risks such as these must be factored in when planning an audit.
As it relates to the second risk on trends in inspection findings and risk #3 of recent auditor misconduct, I would encourage firms to recommit their efforts to strengthen the system of quality control, including personnel management. Invest in updating your root cause program, ensuring that you adequately inventory the risks present for your firm based on your client population, assess the competencies of your professionals, consider whether improvements to your ethics programs are necessary.
With the risks present around the growth in technology, look to evolve your audit in the age of endless information to identify misstatements, whether due to error or fraud. Develop guard rails around the risks of technology in auditing while allowing for innovation in how an audit is delivered. Innovation in technology for use in auditing can improve audit quality, as long as we are prepared for the associated risks including–
- overreliance on technology as a substitute for auditor judgment;
- adopting off-the-shelf technology solutions and/or black box and the associated risks of not understanding how the technology works; and
- understanding how AI will impact the effectiveness of audits and the risks that will arise out of incorrect inputs and data bias.
I would encourage firms to consider how they will incorporate technology into the audit and upskill professional staff to effectively deploy these tools. Firms might consider partnering with Universities that have programs related to new technology, including big data techniques, and research around technology in auditing. Firms will likely have to invest heavily in external training programs to supplement learning for their professionals. Additionally, firms should consider whether updates are necessary to their system of quality control with the appropriate policies, procedures, or controls to verify that tools are reviewed and approved before being deployed within the audit.
Lastly, I am optimistic with how the profession has already begun taking steps toward the pipeline talent challenges we are experiencing. Auditing has long been an apprenticeship model profession, in which the current auditors are raising the next generation of auditors. Maintaining the foundational elements of professional skepticism, ethics and independence, and due professional care should continue regardless of emerging technologies. It is a profession more akin to the STEM field professions, in particular because of its involvement in math, complex problem solving, and increased reliance on information systems and technology. I am encouraged by the bipartisan support to identify accounting as a STEM field. This allows us to introduce financial literacy topics earlier into the education process. Introducing the field of accounting at an earlier age entices many students who otherwise would not be exposed to the opportunities available to them with a degree in accounting. It is imperative that firms promote diversity in all levels of leadership within the organization to ensure we are able to attract and retain top talent to the profession. I encourage the academics in the room to look for ways to modernize your accounting program to reflect the skills that will be needed for tomorrow’s auditors. Engage in discussions on whether the current 150-hour rule for CPA licensing in many states still achieves what was intended. Meet with firms to understand what aspects of your accounting program reflect the skills they need.
As I mentioned at the beginning, the mission of investor protection is infinite. The PCAOB is relentlessly upholding and pursuing our mission, continuously scanning the horizon to identify threats to audit quality and taking responsive action. Thank you for your time today, and I will now allow for some questions submitted from the audience.
1 https://www.fox29.com/news/grandmother-uses-hair-dryer-as-fake-radar-gun-to-deter-speeding-on-local-street
3 To access the list of PCAOB registered firms: Registered Firms | PCAOB (pcaobus.org)
4 Where the PCAOB has Conducted Oversight Outside the U.S. (current as of December 31, 2022) | PCAOB (pcaobus.org).
6 Prior to 2016 the PCAOB Auditing Standards were organized as follows: https://pcaobus.org/oversight/standards/archived-standards/pre-reorganized-auditing-standards-interpretations
As noted in PCAOB Release No. 2010-004 on August 5, 2010, the Board adopted Auditing Standards No. 8 through 15, which were a suite of standards, and related amendments, to assess and respond to risk in an audit.
7 Refer to AS 3101, The Auditor's Report on an Audit of Financial Statements When the Auditor Expresses an Unqualified Opinion, paragraphs .11-.17 for the requirements of critical audit matters
8 Refer to Rule 3211, Form AP – Auditor Reporting of Certain Audit Participants https://pcaobus.org/about/rules-rulemaking/rules/form-ap-instructions
9 Refer to AS 3101, The Auditor's Report on an Audit of Financial Statements When the Auditor Expresses an Unqualified Opinion, paragraphs .11-.17 for the requirements of critical audit matters
10 Sources Include: 1) Gipper, B., Leuz, C., & Maffett, M. The Review of Financial Studies (2020) 33: 4532-4579;
2) Lamoreaux, P.T. Journal of Accounting and Economics (2016) 61: 313-337; and 3) Aobdia, D. & Shroff, N.
Journal of Accounting and Economics (2017) 63: 262-287
12 There are academic papers that estimate the undetected share of corporate noncompliance. For example, a recent study estimates that in normal times only one-third of corporate “frauds” are detected. The study uses the term “fraud” loosely to refer to “some form of misconduct or alleged fraud.” It is not limited to fraud as defined under PCAOB standards. The study also estimates that corporate “fraud” destroys 1.6 percent of equity value each year, equal to $830 billion in 2021. Alexander Dyck, Adair Morse, and Luigi Zingales, How Pervasive Is Corporate Fraud?, Review of Accounting Studies 1 (2023)
13 Refer to AS 3101, The Auditor's Report on an Audit of Financial Statements When the Auditor Expresses an Unqualified Opinion
16 PCAOB Report: Audits With Deficiencies Rose for Second Year In a Row to 40% in 2022 | PCAOB (pcaobus.org)
18 Order Instituting Disciplinary Proceedings, Making Findings, and Imposing Sanctions In The Matter of KPMG LLP (United Kingdom)
19 Order Instituting Disciplinary Proceedings, Making Findings, and Imposing Sanctions In the Matter of PricewaterhouseCoopers LLP
20 Boland, C., Galunic, N., & Sherwood, M. Working Paper: Technology-Based Audit Tools: Exploring the Current State and Future Direction
21 Wall Street Journal: The Accountant Shortage Is Showing Up in Financial Statements, Mark Maurer 7/11/2023 https://www.wsj.com/articles/the-accountant-shortage-is-showing-up-in-financial-statements-b14a6b94
23 AICPA, 2021 Trends: A report on accounting education, the CPA exam, and public accounting firms’ hiring of recent graduates 2021-Trends-report.pdf
24 Wall Street Journal: Why So Many Accountants Are Quitting; Even some accounting majors don't want accounting jobs, Lindsay Ellis, 12/28/2022
25 Wall Street Journal’s Analysis of Accountant shortage and talent pipeline scarcity: The Accountant Shortage Is Showing Up in Financial Statements - WSJ
27 Board Member Anthony C. Thompson’s Statement in Support of the Quality Control Proposal
28 Board Member Thompson’s Statement in Support of the Proposed New Standard for the Auditors Use of Confirmation
29 Board Member Thompson’s Statement on AS 1000 Proposal
30 Board Member Thompson’s Statement on Proposed Amendments to Related Aspects of Designing and Performing Audit Procedures that Involve Technology-assisted Analysis of Information in Electronic Form
31 See PCAOB Standard Setting Agenda: https://pcaobus.org/news-events/news-releases/news-release-detail/pcaob-revises-standard-setting-agenda-and-adds-rulemaking-projects-to-enhance-investor-protection
32 Refer to the PCAOB website: https://pcaobus.org/resources/staff-publications
33 PCAOB Spotlight: Inspection Observations Related to Public Company Audits Involving Crypto Assets
34 Refer to the PCAOB website: PCAOB Strategic Plan 2022-2026