Statement on PCAOB Auditing Standard on Corrections of Material Weaknesses in Internal Control over Financial Reporting
Today's meeting is an important step, coming at the end of the first year of implementing the Sarbanes-Oxley Act's requirements that corporate managements assess, and auditors attest to, the quality of companies' internal control over financial reporting. Although companies have been required to have adequate internal control over their accounting since the Congress enacted the Foreign Corrupt Practices Act in 1977, there is no doubt that the Sarbanes-Oxley Act's requirement for these assessments and attestations took corporate responsibilities to an entirely different level.
So far, a number of companies have disclosed one or more material weaknesses as of their fiscal year end. I understand that many of those companies have already devoted significant attention to correcting those weaknesses, well before the next annual assessment. The new auditing standard that we have before us today will allow companies, on a voluntary basis, to obtain an auditor's attestation that those weaknesses no longer exist, in order to provide the investing public added confidence in such companies' financial reporting.
While I heartily support this new standard, there are two aspects of the standard that I'd like to address specifically. First, the engagement envisioned by this standard is entirely voluntary. There are a number of other ways that public companies can complete the communication to investors that they begin when they disclose a material weakness, including for example their quarterly disclosures and certifications as to changes in internal control under Section 302 of the Sarbanes-Oxley Act. While we have developed this standard to answer calls from both public companies and investors for an additional tool, it is by no means a de facto required auditing service. And, indeed, if a company does not believe this tool is needed in a particular case, then by all means it should not use it.
Second, I would like to point out that, while the proposal is based on the framework we established in Auditing Standard No. 2, it is significantly narrower in scope than that standard. By narrowing the scope to target only the actual controls necessary to address a specific material weakness, we intend the standard to provide for a cost-effective engagement. Material weaknesses that go to a more pervasive effect, touching many controls, will necessarily require more work. In such cases, companies may find it more cost-effective to wait until the auditor's annual assessment to obtain assurance the weaknesses no longer exist. In those cases, I encourage companies to wait for that annual process.
Over the last year, a great deal has been said about the cost of what has become a national endeavor to establish and evaluate internal control over financial reporting. For many companies, the first year of implementation was indeed a costly matter. Both companies and auditors have gained experience in the first year that cannot help but lay the groundwork for efficiencies in the second year and beyond. On May 16 of this year, the Board issued guidance designed to help auditors capture some of those efficiencies, in order both to bring costs down and to improve the quality of the overall attestation process.
As we work through these issues over the coming months, both companies and auditors should strive to find ways to capture the benefits of experience in order to make both the internal and external work more efficient. Our May guidance explains some ways in which internal control audits can be made more efficient, and should serve as a useful guide for both companies and auditors. I believe this kind of thought will also help companies and auditors to find ways to further improve quality year over year.
As I hope is clear, I am very pleased with the recommendation before us. The team that made this project possible has had to work hard in a short period of time in order to meet the call of investors and issuers in a timely manner. I'd like to thank a number of people for making today's recommendation possible, including Doug Carmichael, of course, for his leadership, as well as Laura Phillips and Sharon Virag in the Office of the Chief Auditor, and Gordon Seymour and Jake Lesser in the Office of the General Counsel. Thank you for all the hard work.