Presentation is loading. Please wait.

Presentation is loading. Please wait.

1 NARUC – Jackson Hole, October 10, 2007 PCAOB RECENT DEVELOPMENTS & FUTURE PLANS Mary M. Sjoquist Special Counsel October 10, 2007.

Similar presentations

Presentation on theme: "1 NARUC – Jackson Hole, October 10, 2007 PCAOB RECENT DEVELOPMENTS & FUTURE PLANS Mary M. Sjoquist Special Counsel October 10, 2007."— Presentation transcript:

1 1 NARUC – Jackson Hole, October 10, 2007 PCAOB RECENT DEVELOPMENTS & FUTURE PLANS Mary M. Sjoquist Special Counsel October 10, 2007

2 2 CAVEAT (required by PCAOB Ethics Code) Any opinions expressed are my own and may not represent the views of PCAOB, its board members, or its staff.

3 3 OUTLINE OF PRESENTATION PCAOB (from the inside-out) Registration & Inspection of audit firms Investigation and Enforcement Standards & rules-setting Current topics Internal control over financial reporting (ICFR) -- AS 2  AS 5 Policy issues

4 4 PCAOB’s UNIQUE ARCHITECTURE Not a government agency (?) Organized as private, 501(c)(3) non-profit organization Board members & employees are not government employees Yet, PCAOB is vested with significant sovereign powers (subject to SEC oversight and approval) Authoritative standard setting Regulatory, investigative, & enforcement/disciplinary authority Self-financing (Accounting Support Fee)

5 5 PCAOB ARCHITECTURE (cont’d) Independent (by statutory design): From Accounting Profession Board membership criteria & restrictions Financial Independence (ASF outside the federal appropriations process) Exempt from APA, FOIA, Sunshine Act, and OPM (civil service) rules Subject, however, to SEC oversight Never independent from Congress!

6 6 STAFFING & BUDGET LEVELS Total employees* …………..……………..…. 460 Approx. half in Inspections Year-end (’07) staffing level (planned).....… 519 Approx. half in Inspections Budget (2007) ……………………………… $136m 99+ % comes from issuers, not from accounting firms) * As of June 4, 2007

7 7 REVIEW – PCAOB’s STATUTORY RESPONSIBILITIES Registration Inspection Standard-setting Investigations (including enforcement/discipline)

8 8 REGISTRATION AND ANNUAL REPORTING Predicate for any PCAOB action PCAOB’s authority extends only to registered accounting firms and their associated persons Inspections Investigations/enforcement/discipline of registered firms PCAOB has no direct authority over issuers

9 9 REGISTRATION UNIVERSE Firms registered by PCAOB..………….…. 1,806* U.S. firms (56%)..……………………….. 991 Non-U.S. firms (44%)..…………………. 815 Foreign countries ……………….. 85 Firms w/ ≥ 1 issuer clients (45% of total)... 815** U.S. Firms (61% of U.S. reg. firms). …. 605 Non-U.S. firms (26% of non-U.S. registered firms)…………………. 210 Firms withdrawn from registration …….. 193* * As of Sept, 2007 ** Source: Audit Analytics, as of 6.30.07

10 10 NON-U.S. REGISTERED FIRMS 1. China ……………… 78 2. United Kingdom.... 67 3. Canada ……….…… 57 4. Australia ………..... 40 5. India ……………..... 40 6. German …………… 38 7. France ………….. 35 8. Singapore ………… 20 9. Brazil ……………….. 17 10. Mexico ……………… 17


12 12 RULES FOR ANNUAL & SPECIAL REPORTING (proposed May 23, 2007) Each registered public accounting firm must submit an annual report to the PCAOB [SOX sec. 102(d)] PCAOB proposed rule would establish the framework for reporting: Annually (on Form 2) Within 14 days of the occurrence of certain events (on Form 3) * Not effective until 21 days after SEC approval

13 13 ANNUAL REPORTING (Form 2) Registered firms must provide general information about the identity of the firm and office locations, plus Information related to three broad categories: 1. The firm’s issuer-related practice 2. Internal and external resources used by the firm to conduct audits of issuers 3. Significant new relationships Also – affirmation that the firm consents to cooperate with the PCAOB Form 2 would be due on June 30 with reporting covering the 12-month period ending March 31

14 14 SPECIAL REPORTING (Form 3) Must be filed within 14 days of occurrence of certain triggering events, e.g.; A change in the number of issuer audit clients to either more than 100 or less than 101 clients An audit report that has been withdrawn by the firm and the issuer failed to report it to SEC An issuer client made unauthorized use of the firm’s name The firm and/or associated persons became defendant(s) in certain criminal proceedings The firm’s contact person/information has changed

15 15 SUCCEEDING TO THE REGISTRATION STATUS OF A PREDESESSOR FIRM (Form 4) Establishes the ability and process for a new legal entity to “succeed” to the registration status of a predecessor registered firm Complete and file a timely Form 4 Affirm cooperation w/ PCAOB Accept responsibility Succession may be outright or transitional for a period of up to 90 days

16 16 INSPECTIONS (sec. 104(a)) Source: The New Yorker

17 17 PCAOB INSPECTIONS ARE NOT PEER REVIEWS Enhanced degree of professional skepticism vis-a-vis old peer reviews Inspections are not random Risk-based for firm, engagement, and “slices” of engagements Suspected GAAP violations are referred to SEC PCAOB cannot force restatements

18 18 INSPECTION FREQUENCY Less than half of all registered firms (45 %) are subject to regular inspections Annually for firms w/ > 100 issuer clients Once every 3 yrs for firms w/ ≤ 100 issuer clients Special inspections At any time Based on information from any source

19 19 FOCUS OF PCAOB INSPECTIONS Focus of inspections is on two broad, integrated elements: Audit Performance – Adherence to professional standards (GAAP, auditing, ethics, independence) Quality Control – firm’s QC policies and procedures

20 20 QUALITY CONTROL CRITERIA Tone at the top Partner evaluation (admission, assignment of responsibilities, disciplinary & compensation policies and practices) Independence (non-audit services, business ventures, alliances, personal financial interests, & commissions and contingent fees) Client acceptance & retention policies/practices Firm’s internal inspection program Practices for communication of audit policies, procedures, and methodologies (including training) Supervision of foreign affiliates

21 21 INSPECTIONS FACTS Since PCAOB inception (2003): Completed field work on > 550 inspections Issued > 400 inspection reports Examined portions of audits > 3,000 public companies

22 22 INSPECTIONS (cont.) ENGAGEMENT REVIEWS Meeting with engagement partner & team Review of audit work papers Audit areas selected based on various factors—including risk assessment, industry issues, inspector's judgment Comment forms issued at the conclusion of the inspection field work (at practice office) To ensure that facts are accurately described If firm chooses to respond, must do so in 10 business days

23 23 FIRM RESPONSE TO DRAFT INSPECTION REPORT Firm has 30 days to respond to draft report Another opportunity to respond to the inspection observations (in addition to comment forms) Response can impact the final inspection report Guidelines for response preparation How to respond to info provided with transmittal letter Confidentiality requests Factual inaccuracies in report Firm response treated similarly to inspection report Firm response treated similarly to inspection report Part I (audit observations) is public Part II (quality-control observations) is nonpublic

24 24 FINAL INSPECTION REPORT After internal staff review, staff presents draft report to the Board PCAOB Board must vote to issue reports Public portion of report posted on PCAOB’S web site; entire report is transmitted to SEC and to state boards in which the firm is licensed

25 25 OUTLINE of PCAOB INSPECTION REPORTS Part I - public Provides overview of firm size, legal structure and summary of inspection observations Part II – “ non-public” (but not always) II.A details the inspection observations and is non- public II.B-x discusses criticisms of, and potential defects in, the firm's quality control policies and practices (becomes public if QC deficiencies are not corrected w/in 12 mos.) Also discusses other audit performance issues (e.g., independence)

26 26 INSPECTION REPORTS (cont’d) Part III – non-public Provides guidance to the firm on addressing quality control criticisms: It is the firm’s responsibility to address the criticisms and potential defects 12-month remediation period Report may recommend that the firm review audits that were not inspected Report may include an “imminent disciplinary paragraph” Part IV – public May include portions or all of firm's responses to the draft report

27 27 12-Mo. REMEDIATION PROCESS Final inspection report accompanied by a transmittal letter Provides PCAOB contact information Guidelines for communicating with PCAOB during this process Encourages firm to start a dialogue as soon as practicable Firm should be proactive during remediation period Firm response Written submission addressing each quality control criticism or potential defect must be received within 12-mos from release of final report to firm Describe steps/actions taken or planned Narrative supported with documentary evidence where possible Periodic notification 6-month reminder letter 60-day reminder letter PCAOB’s remediation standard is “good- faith effort”

28 28 TOP “10” INSPECTION "Hot Topics" 1. Revenues 2. Expenses 3. Estimates 4. Contractual arrangements 5. Equity transactions 6. Inventory 7. Going concern 8. Internal control 9. Principal auditor 10. Concurring partner 11. Independence

29 29 PUBLIC INSPECTION-RELATED DOCUMENTS Visit: “4010” Reports Second-yr implementation of AS 2 Inspections observations on fraud Initial implementation of AS 2 Non-4010 reports Statement on approach to inspections Statement on issuance of inspection reports Process for Board determinations re: remediations

30 30 STANDARD SETTING SOX directs PCAOB to establish for auditors of public companies: Auditing standards Attestation standards Quality control standards Ethics standards Independence standards

31 31 AUDITING STANDARDS ISSUED Interim Standards – Pre-existing audit standards “to be used on an initial, transitional basis” AS 1 – References in Auditors' Reports to the Standards of the PCAOB AS 2 – An Audit of Internal Control Over Financial Reporting Performed in Conjunction with an Audit of Financial Statements (superseded by AS 5) AS 3 – Audit Documentation AS 4 – Reporting on Whether a Previously Reported Material Weakness Continues to Exist AS 5 – An Audit of Internal Control Over Financial Reporting That is Integrated with an Audit of Financial Statements (to replace AS 2)

32 32 2007 STANDARDS-SETTING AGENDA 2007 STANDARDS-SETTING AGENDA Principles of Reporting (to address FASB’s proposed No. 154 and the GAAP hierarchy) Proposed by Board 4.03.07 Engagement Quality Review Risk Assessment (incl. fraud risk) Related Parties Confirmations Specialists (including use of specialists in fair-value measurements)

33 33 FUTURE STANDARD-SETTING (POSSIBILITIES) Auditing fair value Communication w/ audit committees Codification of PCAOB standards Quality control



36 36 ENFORCEMENT & INVESTIGATION The Board may investigate possible violations by registered public accounting firms or their associated persons of: any provision of the Sarbanes-Oxley Act “the rules of the Board” “the provisions of the securities laws relating to the preparation and issuance of audit reports and the obligations and liabilities of accountants with respect thereto, including the rules of the Commission issued under the Act,” or professional standards The Board may impose appropriate sanctions if violations are found

37 37 DISCIPLINE – sanctions, options, & flexibility Censure or bar from association w/ registered firms Require professional training Civil monetary penalties: <$750,000 person (each violation) <$15,000,000 firm (each violation) Suspension of registration (nuclear bomb) “…any other appropriate sanction…”

38 38 SOURCES OF INVESTIGATIONS Issuer disclosures (SEC filings) Auditor changes Restatements Public news sources Tips Other regulators Other PCAOB divisions and offices Office of Research & Analysis Division of Registration and Inspections

39 39 REFERALS TO PCAOB’S DEI Board may choose to use its investigative resources instead of relying on its supervisory (inspections) processes, e.g.: Conducting audits with insufficient care Inability to conduct audits with sufficient competence

40 40 INVESTIGATIONS (cont'd) The Act requires confidentiality of information (as it does for inspections) PCAOB may share information with the SEC, DOJ, or other agencies enumerated in SOX May also share w/ state accountancy boards May not share w/ non-U.S. regulators (SOX sec. 105) Coordination with SEC’s Div. of Enforcement is standard practice

41 41 COMMON TYPES OF INVESTIGATIONS Violations of professional standards "Audit failure" or “bust” — issuer's financial statements are not in accordance with GAAP and auditor should have detected the misstatement Non-GAAP departures e.g., Independence violations

42 42 CERTAIN FINDINGS (examples) Firm's engagement as auditor continued after firm principal accepted client's offer to serve on its board of directors Firm used the work of other auditing firms to report on issuer's financial statements and did not refer to the work of the other firms in its audit report. Firm assumed complete responsibility for the work of the other auditing firms Firm consulted with other auditors and relied on the other auditor's work papers, but did not plan or perform audit procedures sufficient to issue an audit report Repeated failure to confirm accounts receivable and failure to perform any procedures other than obtaining management representations Issuer filed financial statements including a document it claimed was an audit report with Form 10-KSB. Auditor had neither issued the audit report nor completed the audit at the time of the issuer's filing. Auditor did not inform issuer's Board of Directors as required under Section 10A(b)(2) of the Securities Exchange Act


44 44 CHRONOLOGY Jul. ‘02 – SOX signed into law Mar. ‘04 – PCAOB adopts AS 2 Jun. ’04 – SEC approves AS 2 SEC subsequently provides compliance extensions to non- accelerated files Accelerated filers have had 3 yrs ICFR experience under AS 2 Dec. ‘06 – PCAOB proposes AS “5” ( & SEC proposes mgmt. guidance May ‘07 – AS 5 adopted by PCAOB (& SEC issues mgmt. guidance) July ’07 – SEC approves AS 5 (& mgmt. guidance)

45 45 SOURCES OF FEEDBACK Inspections experience over 3 yrs of ICFR audits Two public reports (“4010” reports) Standing Advisory Group (SAG) Active working groups Roundtables (2 held) SEC’s Advisory Committee on Smaller Public Companies (final report) Small Business Forums (20 held to date) 170+ formal comments to AS “5” proposal Capitol Hill (and the media) “Over the transom”

46 46 AS 5 – A “NEW & IMPROVED” AS 2 (and to a lessor degree, to Dec, 2006 proposal) Compared w/ AS 2: Shorter, clearer, and organized more logically Less prescriptive (i.e., less rules-based & more principles-based) Allows for more auditor judgment

47 47 Important Goals Focus the audit of internal control on the most important matters Eliminate procedures that are unnecessary to achieve the intended benefits Make the audit clearly scalable to fit any company’s size and complexity Simplify the standard

48 48 Focus the Audit of Internal Control on the Most Important Matters Risk assessment underlies the entire audit process described by AS No. 5, including - The determination of significant accounts and disclosures and relevant assertions, The selection of controls to test, and The determination of the evidence necessary for a given control. More clearly focuses auditors on identifying control weaknesses before they allow material misstatements Emphasizes the importance of fraud risk and anti-fraud controls to assessing risk

49 49 Objective 2 – ELIMINATE UNNECESSARY PROCEDURES Eliminate the requirement to assess management's evaluation process Allow special considerations for subsequent years' audits Encourage greater use of the work of others Eliminate the “principal evidence” provision Recalibrate the walkthrough “requirement” by focusing on objectives to be achieved Provide risk-based multi-location direction Eliminate the "large portion" provision

50 50 Eliminate Procedures that Are Unnecessary to Achieve the Intended Benefits Removes the detailed requirements to evaluate management's evaluation process Permits consideration of knowledge obtained from the auditor's previous years’ audits Removes barriers to using the work of others by eliminating the "principal evidence" provision Clarifies that the top-down approach describes the auditor’s sequential thought process in identifying risks and the controls to test

51 51 Objective 3 – SCALE STANDARD TO COMPANY SIZE & COMPLEXITY Improved direction on scaling the audit Natural extension of the risk-based approach Applicable to companies of all sizes (and complexities) Shortened the separate “Scaling the Audit” section and incorporated discussion of scaling concepts throughout the standard

52 52 Eliminate Procedures that Are Unnecessary to Achieve the Intended Benefits (cont.) Allows auditors to tailor their top- down approach to the facts and circumstances of a particular engagement Focuses the performance requirements for a walkthrough on fulfilling certain important objectives

53 53 Make the Audit Clearly Scalable to Fit Any Company’s Size and Complexity Discussion of scaling concepts throughout the standard Discussion of the attributes of smaller and less complex companies Larger companies may have some business units or processes that may be less complex than others

54 54 Tailoring the Audit in the Planning Phase Factors that might indicate less complex operations include: Fewer business lines; Less complex business processes and financial reporting systems; More centralized accounting functions; Extensive involvement by senior management in the day-to-day activities of the business; and Fewer levels of management, each with a wide span of control.

55 55 Simplify the Standard Reduces granularity and redefines key terms in a simpler way Clarifies that the auditor’s evaluation of materiality for an audit of internal control is the same as the audit of the financial statements Alignment of terms between the standard and SEC’s management guidance

56 56 Evaluating Identified Deficiencies Auditor must evaluate the severity of each control deficiency that comes to their attention To determine whether the deficiencies, individually or in combination, are material weaknesses Auditor is not required to search for deficiencies that, individually or in combination, are less severe than a material weakness.

57 57 GOING FORWARD w/ AS 5 PCAOB will monitor AS 5’s implementation PCAOB will adjust its inspection program to be consistent w/ AS 5 PCAOB is developing tailored guidance and education for auditors applying AS 5 On-going project in cooperation w/ small- company auditors PCAOB will continue “Forums on Auditing in the Small Business Environment” 8 forums scheduled for 2007 (see web site)

58 58 COMPLIANCE DATES for AS 5 For accelerated filers, for fiscal years ending on or after Nov. 15, 2007 AS 5-based ICFR audits for non- accelerated filers are first required for fiscal years ending on or after Dec. 15, 2008 Earlier adoption of AS 5 is ok

59 59 FOR MORE INFO on AS 5 The Standard & the Release ndex.aspx ndex.aspx The Press Release & Fact Sheet News/2007/05-24.aspx News/2007/05-24.aspx

60 60 POLICY QUESTIONS What are the responsibilities of being a public company (and what are the implications for auditors of public companies)? Are they less merely because of company size? Is it sound public policy to provide small-company investors with less protection? Exemption from 404 requirements? “404-Lite”? Would it even matter? (toothpaste theory) How much “change” can firms reasonably absorb? Should SOX be amended? “Be careful what you ask for”


Download ppt "1 NARUC – Jackson Hole, October 10, 2007 PCAOB RECENT DEVELOPMENTS & FUTURE PLANS Mary M. Sjoquist Special Counsel October 10, 2007."

Similar presentations

Ads by Google