Remarks on PCAOB Inspections, Audit Risks, and Standard-Setting Priorities

I. Introduction

Before I begin, I would like to thank Fred Lipman and Rod Hills for the invitation to join you today, both in person and telephonically. As confirmed by the Sarbanes-Oxley Act of 2002 (Sarbanes-Oxley), audit committees play a critical role in protecting the interests of investors and bolstering investor confidence in financial reporting. As you are all abundantly aware, Sarbanes-Oxley moved you, as audit committee members, to the forefront of a public company’s relationship with its external auditor, in that the audit committee became responsible for the appointment, compensation and supervision of the issuer’s auditors.^[1] In my view, this important role aligns your interests with those of the Public Company Accounting Oversight Board (PCAOB). We have a shared interest in informative, fair, and independent audit reports.

Therefore, I am pleased to be with you today to talk about developments in certain PCAOB’s programs that I believe are relevant to audit committees. Specifically, I would like to highlight our inspection program, discuss certain audit risks in the current market environment, and touch on some standard-setting initiatives. I intend to leave ample time for discussion, so I can hear the issues on your minds or take any questions you may have.

Before I begin, I must note that my remarks today are my own and do not necessarily reflect the views of the PCAOB or other Board members.

As you know, Sarbanes-Oxley provides the PCAOB with registration, reporting, inspection, standard-setting, and enforcement authority over public company auditing firms. Improving audit quality, and therefore investor confidence in financial reporting, is the key driver for the PCAOB. To improve audit quality, the PCAOB uses a supervisory model and applies several tools in carrying out its core functions. Supervisory tools for the PCAOB include a continuing program of inspections and an ongoing dialogue with registered audit firms about inspection findings of concern, working with the firms as they remediate those findings, publication of inspection reports of firms, and the issuance of reports on audit practices that the PCAOB identifies in the course of its inspections or otherwise. The publications issued by the PCAOB can inform audit committees of emerging areas of concern and highlight complex issues about which both auditors and, in turn, preparers should be aware.

Overall, the PCAOB strives to be flexible in adjusting its programs in light of new developments in the public company auditing environment. A good example is the PCAOB’s decisive response last year in the form of a new standard on the audit of internal control over financial reporting – Auditing Standard No. 5 – due to justifiable concerns about the complexity and other burdens associated with its predecessor, Auditing Standard No. 2. In a similar fashion, we have made adjustments to our inspection program based on evolving audit risk exposures.

II. The Evolution of PCAOB Inspections

The PCAOB faces the challenge of overseeing a diverse population of registered public accounting firms, including firms based in the United States and abroad, and ranging from sole proprietorships to large firms with global networks. More than 1,800 audit firms are registered with the PCAOB, and over 800 of those registered firms are currently subject to PCAOB inspection.^[2] To illustrate the diversity across registered firms, according to the January 2008 report by the Government Accountability Office, the four largest U.S. accounting firms audit more than 1,500 public companies with annual revenue of more than $1 billion. This represents 98 percent of U.S. market capitalization. Mid-size and smaller audit firms may not come near that level of market cap, but their importance to the market and investors is reflected in the number of public companies they audit: These firms audit almost 80 percent of the more than 3,600 companies with revenue of less than $100 million.

Therefore, when it comes to meeting our primary mandate of protecting the investing public, PCAOB inspections of all auditors of public companies are important. The inspections of the four largest audit firms are particularly important, however, due to the size and market cap of their public company clients. Today, I will first focus on this part of the PCAOB’s inspection program. I think it is useful to understand our general approach and certain changes we are implementing in this year’s inspections.

Inspections of Audits of Large Issuers

In the course of inspecting an audit firm (large or small), the PCAOB takes a risk-based approach, which over time has evolved. In particular, the program has become more effective and efficient in identifying the large issuer audits to inspect, and we are now better able to scope our inspections based on the size and complexity of the firm and the audits under review. Given the practical obstacles to inspecting the entire audit, particularly those of larger issuers, the inspection teams seek to maximize the effectiveness of our inspections through a two-tier risk analysis.

First, as part of inspection planning, a sample of a firm’s audit engagements is selected for review based on an assessment of the audit risk posed by an engagement, or based on our awareness that the firm has previously had audit quality problems in a particular area. Then, PCAOB inspectors focus their reviews on certain portions of those selected audits likely to pose the most challenging issues (that is, the level of audit, accounting or SEC compliance risk). Please note I did not say, “…where we most expect to have problems.” I made this point at a meeting recently and a director (and audit committee member) asked if our selection of their audit for review meant that their audit was a high risk for problems. Again, to be clear, the selection of a company’s audit for inspection may be due to factors at the audit firm level, not the engagement level. We approach the selection of the appropriate portion of a large issuer audit with a great deal of thought, given that it will be our principal window into the quality of that audit.

An additional way we address the challenge of size and complexity in the inspection of large issuer audits is by investing time in the review of a firm’s methodologies related to, among other things, audit planning and scoping, and the determination and application of materiality thresholds (materiality is, of course, important since it drives the nature and amount of evidence gathered to support an audit). By looking carefully at a firm’s methodologies, the PCAOB can gain insights into the likely strengths or challenges of particular areas of an audit.

In addition to the review of the audit methodologies, inspectors focus on how an audit was executed. Among other things, PCAOB inspectors assess how the engagement team planned the audit in order to obtain sufficient evidence. This may include a look at how locations were selected for testing and how risk was considered. With regard to work performed at foreign affiliates of large issuers, inspectors consider a number of factors, including how a materiality threshold was determined and applied, and the extent of communication between the lead engagement team and local country auditors.

Evolving Focus on Risk Management and Quality Controls

Building on the experience gained over the last several years from our large firm inspections, the PCAOB inspection program also is evolving to examine more deeply the relationship between audit quality and a firm’s approach to managing its own quality controls and risks. However, to be clear, looking at quality control areas is not new to PCAOB inspections. Over the last few years, for example, PCAOB inspectors have looked at whether strains on individual partner capacity may contribute to issues of audit quality. Our inspectors also have looked, and will continue to look, at whether a firm's compensation practices provide incentives likely to promote audit quality and technical competence.

As our approach to assessing the quality control environments at large firms continues to evolve, we also are seeking to gain a better understanding of additional areas, including the formal and informal reporting structures within a firm; how various committees or divisions interact; and how those interactions effect the quality of the audit practice. I should note that tone-at-the-top continues to be a key factor – as it is in any organization – and we will look at, among other things, what messages are sent throughout the organization from the CEO down and across the various committees and divisions of the organization. We will look at these structural and management components with a view to how they may have an impact upon audit quality.

We also expect to see the large firms monitor their progress, both in remediating quality control deficiencies identified by our inspections, and in learning from errors or mistakes that resulted in audit failures. These lessons learned should improve the quality of future audits and play an important part in the firms’ quality control systems.

While we are looking carefully at how the large firms manage their businesses, it is important to stress that the PCAOB inspection approach does not apply overly prescriptive remedies in an attempt to manage a firm’s business processes and quality control systems. We expect that each firm knows best how to manage its operations and establish specific methods to address a particular quality control criticism. Each firm should craft effective remedies based on its particular organizational structure and operations.

I believe this supervisory model is the best framework to encourage firms to take action to improve audit quality.

III. Audit Challenges in the Current Market

As you know, the financial markets have experienced a high degree of turbulence over the last 12 months. Weaknesses emerged first in the area of mortgage-backed securities and quickly spread across a number of complex financial instruments. The unease in the credit markets drove many of us last year to take a closer look and consider whether it was necessary or appropriate to provide a regulatory response. We continue to monitor the markets carefully with an eye toward areas where there may be potential audit risks.

For example, last year, when the current market conditions began to emerge, the PCAOB initiated a dialogue with auditors about potential audit risks associated with changing market conditions. The PCAOB has continued its dialogue with auditors as the risks have deepened and spread to a number of other instruments. These discussions have highlighted certain aspects of the accounting literature that are particularly relevant to the current situation, such as challenges related to fair value measurement and off-balance-sheet entities.

Measuring and Auditing Fair Value in an Illiquid Market

While fair value accounting for certain securities was adopted because it was believed to offer investors more relevant information, it can pose challenges for auditors and preparers, particularly in an illiquid market.

Among other things, questions emerged last year as preparers and their auditors began to struggle over the complexity of a number of securities and the need to measure their fair value in increasingly thin markets. Our dialogue with auditors has focused on the approaches to determining fair value provided for in accounting standards and the relevant requirements for auditors.

The PCAOB issued a Staff Audit Practice Alert on the subject last December.^[3] We prepared the Alert to address challenges associated with the continued strain in the credit markets as well as the transition to new accounting standards on fair value measurement. The Alert highlights considerations that may affect how auditors conduct audits under the existing requirements set forth in the PCAOB standards. The PCAOB’s message to auditors in this rapidly changing economic environment has consistently emphasized an adherence to existing requirements. In the Alert, we highlight the following points:

• The auditor should understand whether the fair value measurement was determined using quoted prices from an active market, observable inputs (such as prices for similar assets), or based on a model.
• If the measurements are produced by a model, auditors should understand the model and evaluate whether the assumptions are reasonable.

In sum, the nature of how the fair value measurement was derived drives the work that auditors must undertake.

Again, these are not new requirements; they are existing requirements that auditors must apply, even in the current market. While the PCAOB has been in close contact with audit firms and other regulators on fair value measurement related issues, keep in mind that the PCAOB’s focus is on the audit standards – as opposed to accounting standards, which are set by FASB. The PCAOB will continue to monitor this area of the audit to understand how audit firms are addressing this potential risk.

Off-Balance-Sheet Entities

The treatment of transactions with off-balance-sheet entities has also emerged as a challenge for preparers and their auditors. Depending on the nature of the public companies on whose boards you sit, many of you may be monitoring this issue closely. Preparers and auditors should be aware that assessment of transfers of financial assets under FAS 140 and consolidation of variable interest entities under FIN 46(R) can be very complex and require significant judgment.

In light of the judgments involved in evaluating off-balance-sheet entities, auditors need to gain a thorough understanding of the relevant accounting guidance as well as the legal structure of the transactions and the vehicles created to facilitate the transactions. Auditors must also be alert to the nature and occurrence of reconsideration events as defined in FIN 46(R). While I understand that FASB is carefully considering the accounting requirements in these areas, until such time as there is a change, auditors and preparers should continue to apply existing accounting standards, and ensure that all necessary disclosures are made, such that the financial statements truly present fairly the company’s financial condition and results of operations.

With regard to our overall approach in the current market, whenever there are financial reporting events, such as we are currently experiencing, the PCAOB must consider how to best use its tools to oversee the responsibilities of auditors. The PCAOB is monitoring developments and has made certain adjustments to its programs to assess auditing implications associated with the subprime crisis and the credit contraction. This includes our staff working in standard-setting, risk analysis and inspections. In addition, the Division of Enforcement has a few matters under investigation that touch upon subprime and, as is the norm, it is coordinating its efforts with the SEC.

IV. Two Recent Standard-Setting Initiatives

Before I conclude, I would like to highlight for you two recent initiatives in the PCAOB’s standard-setting function that are likely to be of interest to you as audit committee members.

Auditors Communication with Audit Committees Concerning Independence

On April 22, the PCAOB adopted a new rule to enhance communication between audit committees and registered firms regarding the firm's independence. What is important about this rule is that – once approved by the SEC – it will require a registered public accounting firm, before accepting an initial engagement pursuant to the standards of the PCAOB, to describe in writing to the audit committee all relationships between the firm – or any of its affiliates – and the issuer or persons in a financial reporting oversight role at the issuer that may reasonably be seen as bearing on independence. Moreover, the rule will require registered firms to discuss with the audit committee the potential effects of any such relationships on the firm’s independence. I believe that providing this information to an audit committee before it makes the decision to hire an auditor is an important improvement that will benefit audit committees. The rule will require a similar communication annually for continuing engagements.

Engagement Quality Review

A second standard-setting initiative that I would like to update you on is our proposed standard on engagement quality review. A well-performed concurring partner review can provide sound support to audit quality. Congress recognized this objective when it mandated in Sarbanes-Oxley that the PCAOB adopt a requirement that each registered public accounting firm provide a concurring or second partner review and approval of each audit report – and concurring approval in its issuance – by a qualified person associated with the public accounting firm or by an independent reviewer. On February 26, the PCAOB issued a proposed standard for comment that draws on the insights gained through our standard-setting, inspection and enforcement activities over the last few years. The comment period closed on May 12, and we are in the process of carefully analyzing the comments received. I believe that the comments received will assist us as we move to develop a balanced and effective final standard.

V. Conclusion

These are challenging times for public companies, their boards, auditors and regulators. We must all carefully assess risks and respond accordingly. Corporations are working through these risks and simultaneously assessing lessons learned … and many are, perhaps, retooling their risk management frameworks. These are also exciting times. There is potential for significant changes to financial reporting in the United States – among other things, just consider where we may go with the XBRL business reporting language, or IFRS (International Financial Reporting Standards) for U.S. public companies in the coming years. For audit committee members, these changes – and navigating through the continuously changing market conditions – will demand additional time and attention from you.

As for our markets, it is worth recalling the scandals that rocked investor confidence and led to the passage of Sarbanes-Oxley. A number of improvements were put in place as a result of the Act, not the least of which were the creation of the PCAOB and the transformation of the role of audit committees. Changes such as these have delivered to investors recognizable improvements in the reliability of financial reporting by U.S. public companies. One way to measure the PCAOB’s success over time is the extent to which we have contributed to the enhanced reliability of, and improved confidence in, financial reporting. In my view, this objective supports the continued attractiveness of U.S. markets, which are well regarded – even in today’s difficult environment – for their depth and fairness.

In closing, for those of you who are interested in additional information on the work of the PCAOB, from the vantage point of an audit committee member, I recommend a recently published article by my colleague and Board member, Dan Goelzer entitled, “What Audit Committees Should Know about the Work of the Public Company Accounting Oversight Board.”^[4]

Thank you. I’d be happy to take any questions.

Endnotes