Remarks as prepared for delivery
Thank you, [Olu Oluwole].
It’s my privilege to welcome you to our 16th International Institute on Audit Regulation. We have nearly 100 officials representing audit regulators from close to 45 jurisdictions with us this week. Thank you all for taking the time to come to Washington, D.C. to be with us in-person.
I also want to thank our incredible PCAOB staff who work so hard to put this event together every year, I’m grateful for all your work to make it such a success. I also want to acknowledge and thank the staff here at the National Housing Center for their support.
Before we begin, I must start with the standard disclaimer that the views that I express here are my own, in my capacity as Chair, and not necessarily the views of the other Board Members or the talented PCAOB staff.
This conference embodies the PCAOB’s convictions that international cooperation and communication strengthen audit quality around the globe. For 16 years, this event has helped to generate valuable perspectives for the PCAOB and our international counterparts as we continue our collective work to protect investors.
This year is certainly no exception. Our Office of International Affairs, or OIA as we call them, has put together an incredible conference, and I’m looking forward to hearing from you and learning from the conversations we will have together over the next two days.
The PCAOB Strategic Plan set forward three key goals to help us achieve our mission and keep investors protected:
These goals are ambitious. But the work of protecting investors is ambitious—and rightfully so. Protecting investors requires trust and responsibility—and it is a responsibility that the PCAOB is proud to take on. Under this Board, and thanks to the work of our expert staff, we have progressed on many of our objectives under this plan.
Standards
I want to start today with the first pillar in our Strategic Plan—modernizing our standards—but before I get to where we are today, I think it is important to take a step back and remember how we got here.
Before the PCAOB, there was no independent watchdog overseeing auditors. Firms made their own standards, and in the aftermath of scandals like Enron and WorldCom, people got hurt.
That’s why the PCAOB was created—to protect people.
People who are saving to put their kids through college.
People who are saving for retirement.
People who are saving to build a better future.
When we talk about protecting investors—this is who we mean.
When the PCAOB was first getting off the ground in 2003, it adopted existing standards that had been set by the auditing profession on what was intended to be an interim basis. What’s more, some of these standards at that time were already more than a decade old and largely unchanged when the PCAOB was created.
By definition, interim is not meant to be permanent. The word “interim” signals that change is to come. And in a rapidly changing world, investors deserve better than what was originally designed to be temporary measures to ensure their savings...their retirements...their futures...are protected.
Our auditing standards must adapt and evolve to meet not only the current challenges, but to help instill faith and confidence in investors.
The PCAOB has spent a tremendous amount of time working toward where we are today. The expert PCAOB staff have dedicated years to issuing concept releases, proposals, analyzing economic trends, and receiving feedback from public comment periods to meet the urgency of this moment—and I am grateful for their efforts.
The PCAOB is turning prior collective efforts into action and carrying these standard-setting projects across the finish line to ensure investors are protected.
Under this Board, the PCAOB has issued proposals for 10 standard-setting and rulemaking projects and finalized six—nearly all of which were decades old.
All six of those rules and standards adopted by the PCAOB have also been approved by the SEC, including five since last year’s Institute:
- An updated standard on confirmations, which originally included a reference to fax machines and had not been significantly updated in twenty years;
- A standard referred to as AS 1000, which deals with general responsibilities of the auditor;
- A standard on technology assisted analysis;
- An updated enforcement rule called 3502—which establishes contributory liability for individuals whose negligence directly and substantially contributes to a firm’s violations.
- And an updated quality control standard.
Today, the PCAOB is taking unprecedented action, and our actions are necessary. Protecting investors depends on updated standards and rules—and that’s why this Board is taking great strides to meet this challenge.
While we are committed to getting this agenda done to meet the rapidly evolving capital markets, we are even more committed to making sure it’s done right.
We take public comments very seriously, reading each and every one, and ensuring that the full range of voices and feedback are taken into account. We will—and we have—reopened comment periods when necessary and have asked follow-up questions to ensure we understand the feedback received before moving forward.
Additionally, ahead of the effective dates for these standards and rules, we are committed to providing firms with resources to help them update their methodologies and train their staff on the upcoming changes.
For example, ahead of the implementation of our new quality control, or QC standard at the end of next year, our expert staff recently published a practice aid and other initial resources aimed at providing a high-level overview of the unique features of the new standard. I encourage you to take a look at what our staff published, which can be found on the QC implementation page on our website.
Our Chief Auditor, Barb Vanich, and Deputy Director of our Office of the General Counsel, Connor Raso, will lead a panel tomorrow on several projects on our standard-setting and rulemaking agenda that we believe will be particularly relevant to our international audience.
While I will let our expert staff go into the intricate details of our agenda, I want to take a moment to highlight the new quality control standard I mentioned because these changes have the potential to fundamentally affect the way firms plan and perform audits.
When we proposed the updates to QC, I called it a watershed moment. That’s because QC systems lay the foundation for everything auditors do.
When a firm’s QC system operates effectively, quality audits follow. And when QC systems operate ineffectively, investors are put at risk.
I like to think about it a bit like hanging wallpaper. Anyone who has ever done it knows that if you get the first corner right, the rest flows smoothly from there. But mess the first corner up and it just keeps getting worse and worse as you go along.
At the same time, we know that risks vary from firm to firm, and effective QC systems should too. A one-size-fits-all approach is not the best way to keep investors protected. So, the new standard requires all registered firms to identify their specific risks and design a QC system that includes policies and procedures to guard against those risks.
Of course, standards on paper don’t instill trust unless they are followed in practice, which is why our inspections are so important.
Inspections
Our Inspections division is the largest division at the PCAOB, because inspections are one of the most important tools we have to keep investors protected. In fact, the Division of Registration and Inspections inspects over 800 issuer audits in more than 30 jurisdictions around the world each year.
Inspections can identify and address deficiencies in how a firm conducts audits and designs and implements its quality control system.
In recent years, the PCAOB has found that audit deficiencies, particularly Part I.A. deficiencies, are unacceptably high.
Part I.A findings are serious. They mean the audit firm failed to obtain sufficient appropriate evidence to support its opinion, and audit opinions were signed without completing the audit work required to verify the accuracy of the financial statements.
Part I.A deficiencies include things like failing to perform any procedures at all to test revenue or the costs of inventory, as well as instances where the auditor did not identify and test any controls over long-lived assets and depreciation expense. Simply put, these deficiencies are not just serious, but they go to the heart of the audit.
These Part I.A deficiencies are relevant when assessing the quality of work done by an audit firm. But audit quality is complex, and it escapes simplistic proxies or measures.
For instance, some have suggested that audit quality can be best measured by the number of issuer restatements. Specifically, some argue that a relatively low number of restatements translates to high audit quality.
I believe that view is too simplistic.
A properly performed audit should identify errors before the need for restatements. At the same time, a poorly performed audit does not always mean that the financial statements are erroneous. Management’s processes and controls may very well have resulted in financial statements that are materially correct, despite the auditor’s lack of diligence. It is worth noting that issuers changing audit firms tends to correlate with increased restatements.
Poor audits may miss errors that may never come to light – unless there is a change in the audit firm and that firm identifies the errors. If errors are not uncovered, there is no restatement. That is the risk to investors.
We appreciate that measuring audit quality is complex. So, for our part, to help educate the market, we have been focused on reporting Part I.A deficiencies, and other information, to help provide investors, audit committees, and other stakeholders with key pieces of information in assessing the work of their audit firm.
The PCAOB will continue demanding firms do better and deliver the high-quality audits investors deserve. Firms must design and implement solutions to restore and continue to improve audit quality.
Investors can also use their influence to engage with investor relations and the audit committees of the companies in which they invest and encourage them to seek out firms with proven track records on quality.
Ultimately, firms are responsible for their own audit quality. But accountability from their clients offers a powerful incentive to find solutions.
As you know, markets do not stand still, and nor do we. We are continuing to assess how best to educate the marketplace, and our inspection program continues to evolve to keep pace with a changing market.
Our dedicated Registrations and Inspections staff are working diligently across the PCAOB – including with staff from the Office of Technology and the Office of Economic and Risk Analysis – to continue to ensure that our inspection results are providing the marketplace with critical information.
Transparency
Increasing transparency puts pressure on firms to improve and arms audit committees and investors with information to demand accountability. We recognize the complexity of audits and believe that investors and audit committees must demand their auditors compete on quality.
Getting the inspection reports out as quickly as possible—so investors and other stakeholders can access the data—has been a top priority of this Board. I am incredibly proud of our staff’s efforts to release the reports for annually inspected firms out six months faster than last year, and nearly all of the reports for triennially inspected firms published within six months of the completion of those inspections.
We also began including new information about independence and other matters in our inspection reports for the first time, and we expanded the tools available on our website to make it easier to find and compare deficiency rates across audit firms.
We continue to evaluate other information that may be beneficial to investors, audit committees, and other stakeholders. As an example, the proposal we issued earlier this year on Firm and Engagement Metrics would, if adopted by the Board, provide additional, comparable information to the market about firms’ audit practices and individual engagements.
Now, as we prepare for changes to our inspection process as the new QC standard takes effect next December, we look forward to working with your inspection teams and learning from their experiences as it pertains to ISQM 1. Specifically, we are interested in understanding your interactions with firms during their implementation of ISQM 1 and your approach to inspecting firms’ compliance with the standard.
So, please let us know more about your processes and experiences—and we will do the same—in compliance with applicable law—as we proceed as well.
Collaboration on shared experiences enables us all to move audit quality forward—no matter the size of a firm or where it is located.
Enforcement
Finally, we are focused on a strong enforcement program because serious misconduct that puts investors at risk should have serious consequences.
Under this Board, we are expanding how we identify cases and are making sanctions count.
Earlier this year, we announced the largest civil money penalty in the history of the PCAOB—a $25 million fine against KPMG Netherlands for violations of PCAOB rules and quality control standards relating to exam cheating and misinforming investigators. The growth and breadth of exam cheating in this case was enabled by the firm’s failure to take appropriate steps to monitor, investigate, and identify the potential misconduct.
This historic action was taken in cooperation with our Dutch counterparts, the Dutch Authority for the Financial Markets, or AFM. This is an excellent example of how, by working together, international regulators can bolster each other's efforts to protect investors.
I know you will be hearing from them on a panel later today with our experts on enforcement, and I want to take the opportunity to, again, say thank you to the AFM for their parallel investigation alongside the PCAOB and for their cooperation on this case, just as we appreciate the assistance provided to the PCAOB in enforcement investigations by many others in this room.
In addition to providing an example of the importance of global collaboration, this case exemplified that the need for trust is not unique to the United States. And in a global economy, the work of protecting investors does not stop at U.S. borders.
Enforcement has been a critical tool at our disposal, and we focus on cases that involve serious matters that put investors at risk: audit failures in cases involving financial statement fraud, taking on client work that firms can’t complete, altering work papers, and not performing sufficient work before signing audit opinions.
We examine the facts and circumstances of every case and have not hesitated to impose bars on bad actors, revoke firms’ registrations, and impose civil monetary penalties—among many other options on the table under this Board.
We have issued approximately $35 million in fines this year alone. We have also required functional changes to a firm’s supervisory structure for the very first time. And we have required firms to retain an independent monitor to drive improvements and best protect investors.
These are, of course, just some examples of the serious sanctions that this Board has imposed in the name of investor protection. But all of the actions taken by this Board send the message loud and clear: If you put investors at risk, you will be held accountable.
It is also worth noting that, when Congress created the PCAOB, it had the wisdom to say that all of our penalties from enforcement actions would go to fund scholarships for accounting students.
This year, we awarded the highest number of PCAOB scholarships to help young people enter the field of accounting in history. More than half of those students were women, more than half are students of color, and many are transfer students from community colleges.
Conclusion
Protecting investors is a noble profession—and one that I’m proud to be part of. Trustworthy audits help give people confidence, which powers investment and capital formation to move our economies forward and improve the lives of the people we serve.
And that is what this work is all about. High quality, trustworthy audits matter, because quality audits protect people—from workers saving for retirement, to families investing for their futures, to businesses creating jobs because they can raise money through sound, liquid markets.
As we continue this important discussion together over the next two days, I encourage you to keep the people you serve at the heart of the conversation.
Thank you, and I would like to now invite my fellow Board members on stage.