We are here today to issue a proposal intended to enhance the planning and supervision of audit work conducted by so-called "other auditors" participating in audits of the financial statements of U.S. public companies, brokers or dealers. In addition, we are proposing a new standard – though incorporating many of the current requirements – for situations in which an auditor divides responsibility for the audit with another accounting firm.
The "other auditors" addressed in the proposed amendments include other firms or individuals who participate in the audit but who are not part of the audit firm issuing the audit report. Under standards currently in effect, auditors may apply a variety of approaches to the oversight of other auditors involving varying degrees of oversight by the lead auditor over the work of the other auditor. While certain approaches taken by firms work well and result in high quality audits, some of the approaches that are permissible under current standards do not involve enough oversight by the lead auditor to ensure that sufficient appropriate evidence is obtained to support the lead auditor's opinion in the audit report.
As described in the release, many of the larger audit firms, particularly those that are part of international networks, have adopted methodologies that combine existing PCAOB standards and International Standards on Auditing. In some cases, firms have further supplemented these requirements by incorporating additional procedures, including procedures developed in response to inspection findings identified by the PCAOB or similar regulators in other parts of the world. These firms require frequent, comprehensive communications with other auditors and review of other auditors' work papers in areas of significant risk, steps which go beyond those currently required by PCAOB standards. Other firms, including those who don't follow international standards, continue to base their supervision of other auditors largely on existing PCAOB standards. As a result, the PCAOB has observed inconsistencies in practice among firms with regard to the supervision of other auditors. The proposed amendments are intended to enhance supervision over other auditors generally and bring consistency to the approaches used by firms.
As the release discusses in more detail, our overall approach incorporates many of the concepts currently included in International Standard of Auditing 600, Special Considerations—Audits of Group Financial Statements (Including the Work of Component Auditors), but also imposes certain additional or more specific requirements.
- For example, ISA 600 generally requires the "group engagement partner" to evaluate whether the group engagement team will be involved in the work of the "component auditors" to the extent necessary to obtain sufficient appropriate audit evidence. Our proposed amendments, on the other hand, more specifically require the lead auditor to determine its "sufficiency of participation" based on its relative responsibility for the areas of highest risk of material misstatement.
- In addition, our proposal includes more specific requirements than the ISAs regarding the information that must be provided by the lead auditor to the other auditor and the documentation to be created and provided by the other auditor.
- Our proposed approach is designed to be scalable for audits of different size and complexity based on risk.
- The proposed requirements address certain aspects of working with other auditors that are not addressed by the ISAs, including multi-tiered audits involving multiple levels of other auditors, engagement quality review in connection with the lead auditor's sufficiency determination, and dividing responsibility with a "referred-to auditor."
Overall, I believe that the proposed amendments mirror what would be a common sense approach in any situation in which one party decides to rely on another in connection with important tasks. Similar steps would apply in many situations outside of auditing, such as hiring a new employee, for example. Important considerations include:
- The basis for believing reliance is appropriate – in this case, the other auditor's qualification and experience;
- The extent of reliance – such as the lead auditor's decision about the scope of the other auditor's work and the risk-based determination of the sufficiency of the lead auditor's own involvement;
- Communication to avoid misunderstandings and agreement on what needs to be done – including, for example, directions regarding the work the lead auditor wants the other auditor to perform;
- Monitoring, supervising and reviewing the work performed – including requiring the other auditor to document its work, frequent two-way communications to ensure that nothing is missed, and reviewing the other auditor's work product; and
- Doing a final check – including through the issuance by the other auditor of a report and the involvement by the lead auditor of an engagement quality reviewer.
I look forward to receiving comments about whether we have struck the right balance with the proposed approach. In particular, I am interested in comments in the following areas:
- Sufficiency determination – Is it clear how the lead auditor determines whether its own involvement in the audit is sufficient? Is this a significant change in practice compared to current approaches? Do firms currently take a different approach to the sufficiency determination if the "other auditor" is a firm in their own network? Should a different approach be permitted in that circumstance, contrary to the requirements in the proposal?
- Independence determination – The proposal states that the lead auditor must take certain steps to determine whether the other auditor is independent. These include gaining an understanding of the other auditor's knowledge of and experience with the SEC and PCAOB independence and ethics, and obtaining a written representation from the other auditor that it is in compliance with SEC and PCAOB independence and ethics requirements. Are these proposed requirements clear? Are there any obstacles firms face in meeting the proposed requirements?
- Supervision and review – Are the proposed amendments to AS 1201, requiring specific steps to supervise and review the work of other auditors, sufficiently clear and reasonable in scope?
- Scalability – Are the requirements sufficiently risk-based and scalable, allowing for their application in a variety of different types of audits, and by firms of various sizes, without imposing any unreasonable burdens?
As always, I encourage comments not only from auditors, but also from preparers, audit committees, investors and others. I encourage audit committees and preparers, in particular, to discuss the proposals with their auditors in order to fully understand the degree to which the proposal will change existing practice and to consider any possible unintended consequences.
Finally, I would like to thank the staff who work long and hard on this project in order to help us achieve what I believe is a good balance between the potential benefits and costs of the proposal. Our Office of the Chief Auditor did much of the heavy lifting, especially Dima Andriyenko, Keith Wilson, Lillian Ceynowa, Stephanie Hunter, Robert Ravas, Denise Muschette Wray, and Hunter Jones. They were ably assisted by economists Andres Vinelli, John Powers, Joon-Suk "Joon" Lee, as well as Matt Goldin from the Office of General Counsel. A special thanks also to Greg Scates in the Division of Registration and Inspections who has worked on this project from its inception, as well as Santina Rocca and Elizabeth Echternach whose command of the relevant inspection findings helped immensely. And, of course, as always, we appreciate the thoughtful input of the staff of the Securities and Exchange Commission.