Update on PCAOB Auditing Standard Setting
I am delighted to have the opportunity again to speak at this annual conference. As demonstrated by the interest of so many outstanding professionals attending each year, the AICPA certainly deserves praise for its consistently great work in bringing us all together for this important dialogue.
The Office of the Chief Auditor at the PCAOB has a number of very important projects underway and I'll touch on a few of them. I'm supported by a group of very talented people in OCA who are dedicated, through standard-setting activities, to the continued improvement of the relevance and reliability of audits.
Before I go any further, I must remind you that my remarks represent my views and not necessarily those of the Board, individual Board members or the staff of the PCAOB.
The Auditor's Report
One of the most compelling issues of the day, in our field of endeavor, is the global movement to make meaningful change and meaningful improvement to the Auditor's Report issued on audited financial statements. Millions of people look at auditors' reports as part of their review of an annual report and the financial statements. Unfortunately, that look at the auditor's report is generally just a casual glance. Most are interested in only two things. What firm performed the audit and is the report the standard unqualified boilerplate opinion? That is, essentially the same boilerplate opinion that's been produced for over 50 years.
I know that investors and other users of financial statements truly value the audit. We hear that all the time from the PCAOB's advisory groups and from virtually all who comment on our standard-setting proposals. But we also hear that the auditor's report does not reflect, at all, the value of the audit. Investors tell us that they want to hear more from the auditors about their work and about their findings. They tell us that it's time for the auditor's report to be a more meaningful communication vehicle. It's time for the auditor's report, the audit's most visible product, to change. In fact, investors say that change is well overdue.
This past August, the PCAOB proposed two auditing standards to significantly improve the relevance and usefulness of the auditor's report for investors and other financial statement users. Among other things, those standards would (i) require the auditor's report to include a discussion of "critical audit matters" specific to each audit, (ii) require communication of the auditor's responsibility for and evaluation of "other information" beyond the audited financial statements included in a company's annual report filed with the SEC and (iii) provide investors with information about auditor tenure, that is, the number of years the auditor has consecutively served as the company's auditor. I'll expand on these items in a moment.
To provide even further information of value to investors, just last week the Board proposed additional amendments to the auditor's report. These amendments would provide greater transparency about the audit through disclosure in the audit report (i) of the name of the engagement partner responsible for the audit and (ii) the names of other audit firms who participated in the audit, including their locations and extent of participation.
I believe these new proposed auditing standards and amendments will significantly enhance the usefulness of the auditor's report. If adopted, the auditor's report will no longer be glanced at. It will be studied!
The comment period on the two standards proposed in August closes tomorrow, December 11th. We will carefully analyze comments and we plan to hold a public meeting in March or April of 2014 for discussion by some commenters and others of the proposal, comments received and potential further improvements. The comment period on the transparency proposal ends February 3rd, 2014.
Both the August and December proposals are the result of years of PCAOB outreach, study and analysis of public comment. Furthermore, a number of well-known studies in the US about the role of the audit, including the Cohen Commission as far back as 1978, the Treadway Commission in 1987, and, more recently, the US Treasury's Advisory Committee on the Auditing Profession in 2008, all recommended changes to the auditor's report. But, no meaningful change has yet occurred.
The call for significant change to the Auditor's Report is not limited to the US. The European Union has a proposal outstanding to require new meaningful disclosures in the auditor's report. The United Kingdom has already put into place requirements for the auditor's report to include information about the scope of the audit, materiality and significant risks identified by the auditor. And, the International Auditing and Assurance Standards Board (the IAASB) proposed, for public comment this past July, substantial meaningful revisions to the Auditor's Report. As I said earlier, it is time for the auditor's report to change.
Let me expand briefly on key elements of the PCAOB's proposals on auditor reporting.
A key aspect of the first proposed standard, the auditor reporting standard, is a requirement that the auditor must communicate critical audit matters relating to the audit or state, in the audit report, that the auditor determined there were no critical audit matters. The proposed standard notes it is expected that, in most audits, the auditor would determine that there are critical audit matters.
Critical audit matters are those matters the auditor addressed during the audit that:
- involved the most difficult, subjective, or complex auditor judgments,
- posed the most difficulty to the auditor in obtaining sufficient appropriate audit evidence, or
- posed the most difficulty to the auditor in forming an opinion on the financial statements
The description for each critical audit matter in the auditor's report would:
- identify the critical audit matter,
- describe the considerations that led the auditor to determine that the matter was a critical audit matter, and
- refer to relevant financial statement accounts and disclosures, when applicable
Many investors have said that they would benefit from knowing about those issues that "kept the auditor awake at night." These insights about the audit, that is the most difficult and challenging issues addressed in the audit, would provide investors with valuable information as they assessed a company's financial statements or, for example, when they discussed the financial statements with management on a periodic investor call. Hypothetical examples of critical audit matters are included in an Appendix to the proposal. I believe these demonstrate how critical audit matters can provide very useful information to financial statement users.
Another aspect of the proposed auditor reporting standard is the requirement to disclose tenure. Auditor tenure has been the subject of discussion for decades. Some academic research concludes, and others share this view, that short-term tenure, or first year audits, present risk to investors because the auditor may not be sufficiently aware of risks within the company, especially at a large complex multi-national. Other research suggests, and many others share this differing view, that long-term auditor-company relationships adversely affect audit quality. Does the engagement partner auditing a company where the relationship has existed for, say, 50 years worry not only about the audit but also about the risk of losing the long-standing "crown jewel" client? Could this affect his or her decision making? I don't know the answer to which situation poses greater risk to audit quality but I do know that investors have expressed an interest in tenure, either way. Thus, this disclosure will provide another data point for investors as they assess the audit.
The second proposed standard in the August proposal, the Other Information standard, is intended to improve the auditor's procedures and to enhance the auditor's responsibilities with respect to other information included in the annual report filed with the SEC, further protecting the interests of investors. Also, through our outreach activities, we became aware of confusion among financial statement users regarding the auditor's responsibilities today for such other information.
Among other things, the proposed Other Information standard, would:
- enhance the auditor's responsibility with respect to other information by adding procedures for the auditor to perform in evaluating the other information based on relevant audit evidence obtained and conclusions reached during the audit,
- require the auditor to evaluate the other information for a material misstatement of fact as well as for a material inconsistency with amounts, or the manner of their presentation, in the audited financial statements, and
- require communication in the auditor's report regarding the auditor's responsibility for, and the results of, the auditor's evaluation of the other information.
Other information in annual reports can potentially portray financial results in a different light, possibly suggesting through non-GAAP measures a different performance than indicated by the audited income statement. The auditor is required to evaluate whether this portrayal, if not properly and thoroughly reconciled with the audited statements, results in a material inconsistency with the financial statements. Also, the other information in an annual report may contain information, potentially market-moving information, not directly related to the financial statements.
For example, management might state in the other information that the company has the largest market share in the company's industry. This information could be material to an investor's decision about the company. The auditor might be aware, based on relevant audit evidence obtained during the audit, that the company does not have the largest market share in the relevant industry. The proposed other information standard would require the auditor to evaluate whether management's statement represents a material misstatement of fact.
Let me now turn to the other changes we have proposed to the auditor's report, in this case through last weeks' Transparency amendments.
As I mentioned earlier, under this proposal, the audit report would require disclosure of the name of the engagement partner and the names, locations and extent of participation (as a percentage of the total audit hours) of other accounting firms that participate in the audit.
There are also global developments to consider in this area. The European Union now requires the statutory auditor to sign the audit report. And, the IAASB's proposal to improve the auditor's report includes a proposed requirement to include the name of the engagement partner in the audit report.
Over time, investors will benefit from knowing the identity of the engagement partner and being able to obtain an understanding of an engagement partner's history when evaluating the audit. All that an investor knows today is the name of the firm. However, our oversight activities have made it clear to us that, even within the same firm, the quality of audits can differ significantly. Although such differences might be due to a number of factors, the role of the engagement partner, who is responsible for the audit engagement and its performance, is an important factor to consider. In fact, engagement partner history is an important factor in the PCAOB's process for selecting audits to inspect. While I recognize that an investor will not have access to all the information we do, I believe that over time third-party data providers will collect and disseminate information on individual partners much as they do today on individual audit firms.
Would you, as an investor in a large complex multinational financial institution, like to know if the engagement partner leading the audit had previously audited only small widget manufacturers? Would you find it useful to know that this partner had also been the engagement partner on an audit where the financial statements were subsequently restated for an error? Investors have told us that this type of information would be valuable to them in their decision making.
The final aspect of improved auditor reporting I want to address pertains to naming the other participants in the audit. In large multinational audits many audit firms participate and the firm signing the audit report may have performed less than half of the audit work. The firms may be part of a network, or not, but either way the firms participating in the audit are all separate legal entities, with separate inspection reports and, in some cases, may be in jurisdictions where the PCAOB cannot inspect audits.
We have seen many cases where the nature of the audit was not visible at all to investors. In the case of one multinational, a firm signed the audit opinion even though another firm in the network did most of the audit work. In another case, a US firm signed the audit opinion when nearly all of audit work was performed by an unaffiliated firm in a country where the PCAOB is prohibited from performing inspections. As far as investors could tell, that audit was performed by a US firm.
In my view, it will be very useful for investors to know what other firms participated in an audit and the extent of their participation, as different firms participating in the audit may have very different inspection results or may be located in a jurisdiction where we cannot inspect.
Taken together, the PCAOB has proposed several important and meaningful changes to the auditor's report. As part of these proposals we have laid out the reasons for these changes, including the economic rationale. The proposals ask many questions for commenters to address and we will study all comments carefully. As I said earlier, these proposals come after extensive outreach and study. Changing the auditor's reporting model is a compelling issue and worthy of the attention of anyone interested in company financial reports.
I want to now share brief comments on some of our other very important standard-setting initiatives at the PCAOB.
Audits of Brokers and Dealers
First, I'll talk about audits of brokers and dealers. The SEC adopted amendments to its Rule 17a-5 on July 30, 2013. Rule 17a-5 is applicable to Brokers and Dealers and to examinations by Auditors of Broker/Dealer financial statements and compliance reports.
The amendments include a requirement that audits of broker and dealers be conducted in accordance with standards of the PCAOB, in light of authority given to the PCAOB by the Dodd-Frank Act to oversee audits of broker/dealers.
As such, audits of brokers and dealers are to be performed in accordance with PCAOB standards (no longer AICPA standards) for fiscal years ending on or after June 1, 2014.
SEC Rule 17a-5 also requires brokers and dealers to file new compliance reports. Brokers and Dealers hold trillions of dollars of customer assets. Those broker/dealers that hold customer assets are required to file a compliance report, examined by an auditor, that includes statements about the broker/dealers controls over SEC financial responsibility rules and compliance with SEC rules for maintaining adequate net capital and reserves.
Other broker/dealers that claim exemption from the reserve requirements, for example because they claim not to carry customer assets, are required to file an exemption report, reviewed by an auditor.
The PCAOB adopted Two Attestation Standards on October 10, 2013. Pending SEC approval of these standards, they will be applicable to auditors' examinations of these compliance reports for fiscal years ending on or after June 1, 2014. Of the two Attestation standards, one is an Examination Standard and the other is a Review Standard.
The Examination Standard applies to statements in the compliance reports for broker/dealers holding customer assets. In this Attestation engagement, the auditor tests compliance and controls over compliance with the specified SEC rules and obtains evidence regarding the existence of customer assets.
The Review Standard applies to statements in the exemption reports of non-carrying brokers and dealers. In this review, the auditor performs procedures specified in the standard pertaining to whether the broker/dealer statements are accurate, for example, whether the broker or dealer is holding customer assets contrary to the exemption claimed.
On October 10th, the Board also adopted Auditing Standard No. 17, Auditing Supplemental Information Accompanying Audited Financial Statements, which is also pending SEC approval. AS 17 would apply when an auditor of financial statements is engaged to perform audit procedures and to report on whether supplemental information accompanying the financial statements is fairly stated, in all material respects, in relation to the financial statements taken as a whole. Supplemental information includes, for example, the supporting schedules that brokers and dealers are required to file pursuant to rule 17a-5.
Once again I want to note that audit and related attestation engagements for brokers and dealers must now be performed in accordance with PCAOB standards effective with fiscal years ending on or after June 1, 2014.
Related Party Transactions
Now, let me turn to related party transactions. In the first quarter of 2014, we expect to adopt a new auditing standard regarding the auditor's responsibilities for auditing related party transactions, together with amendments to other standards regarding significant unusual transactions and financial relationships with Executive Officers. The Board has proposed and re-proposed a Related Party auditing standard and accompanying amendments. The standard and amendments were re-proposed on May 7, 2013.
Commenters on the Re-proposal were generally supportive of the proposed standard and amendments, but made some suggestions for further consideration. We are thoroughly addressing those suggestions.
Related Party transactions have been contributing factors in numerous prominent financial reporting frauds. Financial reporting frauds also have involved significant unusual transactions and financial relationships and transactions with Executive Officers. We are planning to adopt changes in these three critical areas contemporaneously because the auditor's efforts in these areas complement each other. I expect the Related Party auditing standard and accompanying amendments to be effective for audits of financial statements with fiscal years beginning on or after December 15, 2014.
Using the Work of Specialists and Other Auditors
Another item on our standard-setting agenda deals with two very important aspects of the audit — using the work of specialists and the work of other auditors (or other audit firms) in an audit. In this project we plan to address specifically two interim standards — AU 336 entitled "Using the work of a Specialist" and AU 543 entitled "Part of an Audit Performed by Other Independent Auditors."
Specialists, who possess skill or knowledge in a field other than accounting or auditing, often play a critical role in the audit, in areas such as actuarial calculations, estimates of fair values on complex securities, or in geological evaluations for oil and gas audits. If the specialist is employed by the auditor, his or her role is governed by AS 10, Supervision of an Audit. If the specialist is a third party engaged by an audit firm, his or her work is governed by AU 336. The requirements in the two standards are very different and we plan to address that and to improve the supervision and review of the work of an engaged specialist.
Similarly, the engagement partner on a multi-location audit can, under existing standards, supervise and review the work of Other Auditors, including through delegating to assistants, under AS 10. Or, the engagement partner can use the work and reports of an Other Auditor by following AU 543, which has less specific supervisory requirements. Given the significance of multinational audits, our goal is to have one approach which both simplifies and strengthens the engagement partner's oversight and use of the work of Other Audit Firms.
We are addressing these standards together because of the common supervisory issues involved, and we are targeting a proposal next quarter.
Another area we are addressing deals with a company's ability to continue as a going concern. Under existing auditing standards, an auditor is responsible for evaluating whether there is substantial doubt about an entity's ability to continue as a going concern for a reasonable period of time, not to exceed one year beyond the date of the financial statements. This requirement of the auditor is also included within Section 10A of the 1934 Exchange Act.
For some time, the FASB has had on its agenda a project to consider whether management should also have such a requirement in connection with the preparation of its financial statements under GAAP.
Many believe the financial crisis evidenced a need for improvements in this area — both in financial reporting and auditing — as many companies with no doubt expressed about their ability to continue as a going concern either went out of business or would have gone out of business without significant government support.
I believe improvements are needed to the existing auditing standard in several areas, including in (i) the auditor's performance obligations under the standard, (ii) the time horizon for looking out and (iii) the determination of what the terms "substantial doubt" and "going concern" mean. However, we have also been advised, including by our Standing Advisory Group, to coordinate any changes with the FASB project.
FASB proposed a new accounting standard regarding Going Concern earlier this year. Based on comments received, FASB recently announced that they plan to re-deliberate substantial portions of that proposal. As such, we will continue to delay our revisions to the existing Going Concern standard until we have a clearer understanding of FASB's plans, including in such important matters as the time horizon and the definition of "substantial doubt."
Other Standard-Setting Projects
Finally, with respect to standard-setting, I'd like to briefly comment on two other projects where we expect to see Action later in 2014.
We are planning to issue a Concept Release to address Audit Firm Quality Controls and to propose new auditing standards for Auditing Accounting Estimates, Including Fair Value Measurements.
PCAOB inspection observations have identified many deficiencies in audit firms' systems of Quality Controls and have identified important drivers of audit quality. Also, significant changes have occurred since the existing interim QC standards were issued, including the enactment of Sarbanes-Oxley legislation which underscored the importance of firms' QC systems. Working with the other Divisions of the PCAOB, we have identified various matters, important to audit quality, that are not sufficiently addressed in existing QC standards. Among many others, these include matters such as
- Tone at the Top
- Risk assessment and Response
- Accountability and supervisory activities within a firm
- Application of professional skepticism
- Alignment of incentives with audit quality objectives, and
- Remediation and root cause analysis
So, we are working on a Concept Release with a framework that represents an holistic approach to audit firm Quality Controls. This is a very important project, which holds the promise of potentially significant improvements to audit quality.
With respect to Fair Value, we have been working on this project for some time, primarily due to the varying issues regarding fair value measurements in financial statements. The staff has considered a number of alternatives relating to this project but is currently recommending a combined standard on auditing accounting estimates, including fair value measurements which would replace interim standards AU 328, "Auditing Fair value Measurements and Disclosures"; AU 332, "Auditing Derivative Instruments, Hedging Activities and Investments in Securities" and AU 342, "Auditing Accounting Estimates."
Our approach is being informed by a number of factors, including the number and frequency of adverse inspection findings in these areas, similarities in auditing fair value measurements and other accounting estimates, actions by other standard-setters, challenges regarding hard-to-value securities discussed by a special Pricing Sources Task Force we formed, and several SAG discussions. As I mentioned, we expect to issue a proposal on these matters in late 2014.
Internal Control Over Financial Reporting
Before I close, I must mention one other matter regarding audits of internal control over financial reporting. In light of the significant audit deficiencies in this area observed by PCAOB's inspections, my office issued a Practice Alert this past October. The Practice Alert highlights certain requirements of PCAOB auditing standards in aspects of audits of internal control where such deficiencies have been frequently cited. I believe this alert should be mandatory reading for all auditors performing parts of ICFR audits, as it holds the potential to improve such audits and reduce the number of adverse inspection findings.
In conclusion, I hope I have given you a flavor of the number of areas in which the PCAOB's Office of the Chief Auditor is working to improve the relevance and reliability of audits. As a former audit partner, I understand the challenges of auditing as well as the importance of high audit quality to the capital markets. I see this as a watershed moment and I hope all of you will participate with your valuable input through the comment process. Thank you so much for the opportunity to address you and for your attention.