The role of the audit committee is constantly changing. Recent regulations from the SEC and guidance from the PCAOB impact how audit committees, their advisors and those who prepare public company disclosures function. If you are a member of an audit committee, advise audit committees, or are responsible for corporate reporting on financial reporting and controls, you need to have the latest information and stay on top of current updates that occurred over the past year including SEC and PCAOB developments. Register today for PLI’s June 12th live program and webcast, Audit Committees and Financial Reporting being held in New York City.
By: George M. Wilson & Carol A. Stacey
Earlier in March the Enforcement Division announced a settled case against homebuilder Desarrolladora Homex S.A.B. de C.V. This company fraudulently inflated revenues by reporting the sale of over 100,000 homes that had never been built or sold! This was a huge fraud, over $3 billion!
All of that is interesting, but what is really fascinating is how the SEC found that the homes had never been built. They used satellite imagery! You can see one of the pictures here.
We are tempted to say “watch the skies”, but that sounds too much like a 50’s sci-fi movie trailer…..
As always, your thoughts and comments are welcome!
Since its inception with the Sarbanes-Oxley Act the PCAOB has faced many challenges in fulfilling its responsibilities to establish GAAS for public company audits, inspect audit firms and enforce when auditors do not fulfill their responsibilities. As the PCAOB has evolved one important lesson we have all learned is that their activities and agenda do not affect just auditors. All public company reporting participants have a stake in what they do. For example, the recent audit standard about related party issues was important not just for auditors, but companies needed to assure they would have the information the new standard required auditors to obtain. Some companies even modified their D and O questionnaires in this process.
To help us be aware of where the PCAOB’s activities could impact us all, here are a few items of note going on at the PCAOB right now.
- Auditor’s Involvement in non-GAAP Measures
If you use non-GAAP measures in an earnings release, MD&A or other communication vehicles you will want to follow the events of the May 18-19, 2016 meeting of the PCAOB’s Standing Advisory Group. A significant part of the first day’s agenda is a discussion of “Company Performance Measures and the Role of the Auditor”. The meeting will include breakout discussion sessions and a report of the breakout discussions on day two of the meeting. You can find the agenda and how to access a webcast at:
- Anticipating and Avoiding Accounting and Auditing Problems
The PCAOB inspections staff has published a “Staff Inspections Brief” which provides a preview of their observations from 2015 inspections. Interestingly the number of audit deficiencies identified for annually inspected firms, those with over 100 public clients, has decreased. For firms with less than 100 public clients, who are inspected every three years, the inspection staff found “an overall high number of audit deficiencies”. Areas with frequent deficiencies were:
Auditing internal control over financial reporting
Assessing and responding to the risk of material misstatement
Auditing accounting estimates, including fair value
Audit areas affected by economic risks, including factors such as oil prices
The report also discussed several financial reporting issues including business combination accounting, the statement of cash flows, revenue recognition and income taxes.
Auditor independence continued to be a problem area, particularly for triennially inspected firms.
You can read the whole Staff Inspection Brief at:
- A Board Member’s Perspective on Inspections, Enforcement and Standard Setting
This speech, delivered by Board Member Jeanette Franzel, is a wide ranging summary of “progress in audit oversite” and has some interesting perspectives on changes that could be in store for the inspection process. She comments that inspections of large firms are showing fewer audit deficiencies but that at smaller firms there are still some that “just don’t get it”. She also provides summaries of the enforcement program and standard setting at the PCAOB.
You can read the speech at:
- A “Darker” Staff Practice Alert
The PCAOB inspectors continue to see enough instances of auditors making changes after audit workpapers are supposed to be “locked down” that they have issued a Staff Practice Alert to remind, or perhaps warn, auditors not to make changes inappropriately in advance of an inspection. You can read the Alert at:
Interestingly, the last section of the new release has a link to the PCAOB’s tip line……
- Re-proposed Changes to the Auditor’s Report?
The Board met on May 11, 2016 to consider re-proposing changes to the standard auditor’s report. The current pass/fail model would be retained, but the original proposal and the potentially revised proposal hope to provide additional information to make the report more relevant and informative. Stay tuned for updates on the results of the meeting; in the meantime you can read about the meeting, the revised proposal and related original proposal at:
- Naming the Audit Partner is a Done Deal and the PCAOB’s Standard Setting Agenda
Last, as you may have heard, the SEC has approved the PCAOB’s new Auditing Standard requiring disclosure of the names of audit partners and information about other firms involved in an audit beyond the principal auditor. To learn about that change and to see what else is on the horizon, here is a link to the PCAOB’s current rulemaking agenda:
Clearly, the PCAOB is busy!
As always, your thoughts and comments are welcome!
By sending a clear message through the enforcement process, the SEC has come full circle in their concerns about whether ICFR audits are finding material weaknesses. The staff has said on numerous occasions that they see too many situations where a company identifies a control deficiency but the company’s analysis fails when assessing whether the control deficiency is in fact a material weakness.
Over the last few years the SEC Staff have emphasized their concerns in numerous speeches and other public settings. As they sometimes do when they don’t see companies listening, they have also emphasized this issue through enforcement.
This enforcement is dramatic, involving:
Two company officers
The audit partner
The ICFR consulting firm partner (a surprise here!)
This excerpt from a December 2015 speech by Deputy Chief Accountant Brian Croteau summarizes the SEC’s concerns:
Still, given the frequency with which certain ICFR issues are identified in our consultations with registrants, I’d be remiss not to remind management and auditors of the importance of properly identifying and describing the nature of a control deficiency and understanding the complete population of transactions that a control is intended to address in advance of assessing the severity of any identified deficiencies. Then, once ready to assess the severity of a deficiency, it’s important to remember that there are two components to the definition of a material weakness – likelihood and magnitude. The evaluation of whether it is reasonably possible that a material misstatement could occur and not be prevented or detected on a timely basis requires careful analysis that contemplates both known errors, if any, as well as potential misstatements for which it is reasonably possible that the misstatements would not be prevented or detected in light of the control deficiency. This latter part of the evaluation, also referred to as analysis of the so called “could factor,” often requires management to evaluate information that is incremental to that which would be necessary, for example, for a materiality assessment of known errors pursuant to SAB 99. The final conclusions on severity of deficiencies frequently rest on this “could factor” portion of the deficiency evaluation; however, too often this part of the evaluation appears to be an afterthought in a company’s analysis. Yet consideration of the “could factor” is very important.
The issue is clear; too often companies are finding a control deficiency but not appropriately evaluating the severity of the issue to determine if it is a material weakness.
In a “classic” example this SEC enforcement involves a company that performed its annual ICFR evaluation and stated in its form 10-K that ICFR was effective at year-end. Then, shortly after that report in their Form 10-K, the company restated its financial statements and disclosed the existence of a material weakness. It is very unlikely that the material weakness arose between the year-end of the Form 10-K and the date of the restatement.
You can read about the enforcement in this press release, which also has links to the SEC Enforcement Orders for the company and the individuals involved:
The fact that the company and auditor were named is not surprising. What is surprising is that the firm the company retained to provide SOX 404 services, which included assisting “management with the documentation, testing, and evaluation of the company’s ICFR” and no external report, was included in the enforcement.
This is a loud and clear message to all participants in the process! Be thorough and complete in your evaluation of control deficiencies!
If you would like to delve a bit deeper into this issue one of our follow-up posts to this year’s Form 10-K Tune-Up One Hour Briefing focused on ICFR issues, including the issue raised in this enforcement case.
You can read our post at:
As always, your thoughts and comments are welcome and appreciated!
Do you know where the SEC initially stated their position about transitioning to the 2013 Revised COSO framework? It was in September of 2013. Here is the path to that announcement.
One of the topics we discuss in our workshops is the importance of the “CAQ” in the financial reporting process. The CAQ is an important source of information about current positions and developments at the SEC. Surprisingly, we frequently discover that many people are not very familiar with this organization.
So, what is the CAQ? It is, in long form, The Center For Audit Quality.
Their web page is thecaq.org
At their home page you can learn about who they are:
“The Center is an autonomous, nonpartisan, nonprofit group based in Washington, D.C. It is governed by a Board that comprises leaders from the public company auditing firms, the American Institute of CPAs and three members from outside the public company auditing profession. The organization is affiliated with the American Institute of CPAs.”
And what they do:
“The Center for Audit Quality is dedicated to enhancing investor confidence and public trust in the global capital markets by:
- Fostering high quality performance by public company auditors;
- Convening and collaborating with other stakeholders to advance the discussion of critical issues requiring action and intervention;
- Advocating policies and standards that promote public company auditors’ objectivity, effectiveness and responsiveness to dynamic market conditions.”
One really important part of this organization is The CAQ SEC Regulations Committee. This group meets periodically with the SEC staff, generally once each quarter for the first three quarters of the year, and discusses current accounting and disclosure issues. The home page for the committee is:
The minutes of these meetings are published on the Committee’s webpage and frequently contain information that, while sometimes fairly narrow, is helpful in the financial reporting process.
For example, it was at a CAQ meeting that the SEC Staff early on stated their position about the transition to the 2013 COSO Framework. Here is a link to those minutes: (Check out page 6)
The most recent highlights of the SEC Regulations Committee meeting with the Staff are at:
This meeting addressed issues ranging from the reporting implications of the FASB’s new consolidation standard, ASU 2015-02, to the application of S-X Rule 3-14 to real estate acquisitions in prior years for a registration statement.
Yes, many of the issues are narrow and technical, but we suggest you check the CAQ minutes each quarter as you get ready to close!
As usual, your comments and thoughts are appreciated!