Statement on Proposed Amendments to PCAOB Auditing Standards related to a Company’s Noncompliance with Laws and Regulations
Remarks as prepared for delivery
Thank you, Chair Williams. Having spent most of my career in some form of public service at the federal and state level, the PCAOB’s mission, as a non-profit corporation, to protect investors and further the public interest is important to me. Congress had the foresight to require in Section 101 of the Sarbanes-Oxley Act of 2002 that two, but only two, of the five PCAOB Board Members be certified public accountants (CPAs). This two CPA requirement was included as a concession to Senator Enzi (R-WY) who graduated college with a degree in accounting. Senator Enzi explained that setting auditing standards is complicated and detailed and requires the knowledge and expertise of individuals who understand and have worked in the field of accounting. As one of the CPA Board Members, I therefore take this responsibility very seriously. I critically review each standard proposed by the PCAOB through two different but complementary lenses:
- First, will the proposed standard enhance investor protection?
- Second, will the proposed standard promote trust in our capital markets overall? Specifically, to promote trust in the capital markets, in my opinion, we need a resilient and transparent audit marketplace with competent experts, and a sustainable accountability system.
I was supportive of the Board strengthening our existing standard related to the auditor’s consideration of possible noncompliance with laws and regulations. Unfortunately, the proposed standards before the Board today contain a breathtaking expansion of the auditors’ responsibilities, which I believe will hurt investors. This expansion could cause considerable confusion on the appropriate role of auditors, undermine the time-tested accountability framework, and reduce the resilience of the already highly concentrated audit marketplace. Ultimately, this could undermine trust in our capital markets, to the detriment of investors.
Specifically, I have three significant concerns:
First, the proposal is not fully transparent about the significant additional responsibilities it would impose on all public company auditors by eliminating the distinction between noncompliance that has a direct versus indirect effect, on a public company’s financial statements. Proposed AS 2405.05(a) would require auditors to “[i]dentify the laws and regulations with which noncompliance could reasonably have a material effect on the financial statements” of the public companies being audited. The preamble to the proposal refers to the phrase “could reasonably have a material effect” as an appropriate tailoring, noting that it “focuses the auditor’s attention on laws and regulations that could have a material effect on the financial statements.” At first blush, the proposed requirement seems reasonably tailored. However, this is where having auditing experience makes a palpable difference in understanding the proposal’s potential impact on auditor responsibilities. To identify the laws and regulations with which noncompliance could reasonably have a material effect on financial statements, an auditor must first identify all the laws and regulations applicable to the public company. It is this threshold requirement which causes me the greatest concern and for which the proposal does not seem to fully address. For example, although the proposal includes a sentence that the requirement “would not represent every law or regulation to which the company is subject” in two places of the preamble to the proposal, it appears to be inconsistent with our existing auditing standards. Moreover, in a bit of understatement, the economic analysis explains that “[a]uditors would likely need to expend considerable additional audit effort to identify relevant laws and regulations under the proposed standard” and that “the costs associated with the proposed amendments . . . may be substantial.”
Second, the proposal introduces ambiguities regarding auditor obligations to investors, by transforming the auditor’s role from one of providing reasonable assurance to one of performing a management function. The securities laws and their implementing regulations do not require a public company’s management to identify all laws and regulations that the public company is subject to, and this proposal seeks to fill that void by requiring auditors to do so. This approach could undermine the long-established accountability framework whereby management prepares and discloses financial information, auditors provide an independent certification on the disclosures, and regulators provide oversight of the public companies and auditors. This accountability framework has been established since 1934 and is part of the bedrock of the trust built in our capital markets. The preamble downplays this by stating that the auditor “would be able to benefit from management’s process to identify [certain] laws and regulations” as it pertains to, for example, SEC Regulation S-K disclosure requirements regarding material risks. However, the SEC currently does not require reasonable assurance on this disclosure and our proposal will essentially require auditors to provide reasonable assurance on this disclosure by first identifying all laws and regulations the public company is subject to, consistent with existing PCAOB standards. Specifically, PCAOB Auditing Standard 1105.10 generally provides that when using information produced by the company, the auditor is presumptively required to perform procedures to test the accuracy and completeness of the information.
Third, the proposal takes a one-size-fits-all approach and does not take into account differences between large auditing firms on the one hand, and mid-sized and smaller firms on the other hand. Auditors are CPAs, not legal experts. The new requirements will significantly expand auditors’ need for expertise from lawyers, legal experts, and possibly other specialists, resulting in a substantial increase in audit fees. The economic analysis acknowledges that the proposal would have a greater cost impact on non-affiliated firms which are generally mid-sized and smaller firms. I am concerned that the proposal would create additional barriers to entry. Investors and the auditing profession can ill afford these barriers, given that the audit market for large multinational public companies is limited to roughly a handful of firms capable of performing such engagements. This significant expansion of auditor responsibilities could therefore further reduce competition and exacerbate the power concentration in the audit marketplace.
As Senator Enzi noted, setting auditing standards is complicated and detailed. Our standards therefore must be clear, thoughtful, fair, and underpinned by a deliberate, transparent, and inclusive process. Although I am critical of some of the key requirements in this proposal, I am keenly interested in commenters’ views on this proposal, especially in response to questions 7, 8, 11, 59, 60, 62, and 63 on whether the expansion of the scope to include indirect noncompliance is clear and reasonable, and whether the completeness assertion is reasonably achievable without significantly increasing the audit fees.
In conclusion and for the reasons stated above, I cannot support this proposal.
I value the opportunity to share my views today, and I look forward to learning other perspectives as healthy debate is the foundation of our democracy. These are not easy problems to solve, so we need to work together to develop the optimal solution, and I am committed to doing so. As American philosopher Eric Hoffer said, “The beginning of thought is in disagreement – not only with others but also with ourselves.”
Finally, I want to express my gratitude to the Office of the Chair, Office of the Chief Auditor, Office of Economic and Risk Analysis for the time they spent discussing this proposal with my office. Special thanks go to Lisa Calandriello for her hard work on this important project. Thank you also to staff in the Office of General Counsel, the Division of Registration and Inspections, and the Division of Enforcement and Investigations for their contribution.
Thank you.