Audit firms should be held to a higher standard of internal review to catch more audit problems before reports are published, according to a new proposal from the Public Company Accounting Oversight Board.
The PCAOB last week proposed a new standard for firms’ engagement quality reviews, traditionally known as concurring partner reviews, that would give the internal reviewing partner more responsibility to check the work and approve the results of the audit. Currently, most concurring partners are required to review an audit report and discuss it with the engagement team, but they’re not required to certify or comment on its completeness or its conclusions.
Sarbanes-Oxley requires a concurring partner review for every audit report filed with the Securities and Exchange Commission. Currently, those reviews are governed by the Board’s interim quality control standard, SECPS Requirements of Membership §1000.08(f).
The standard is a holdover from the SEC Practice Section of the American Institute of Certified Public Accountants, and it applies only to audit firms that were members of the practice section when the PCAOB adopted it as an interim standard at the board’s inception in 2003.
Olson
Speaking at the PCAOB’s Feb. 26 meeting, Chairman Mark Olson said the new standard is a reflection of research and consultation with the board’s Standing Advisory Group, PCAOB inspection and enforcement processes, and international standards as written by the International Auditing and Assurance Standards Board.
“The proposed standard builds on the strengths of the interim standards and provides more explicit focus on the areas of the engagement that are likely to pose a higher risk,” he said. “I understand many firms already have procedures substantially in place.” Firms that don’t have a review process in place “need to invest in resources to build an effective review in accordance with the new standard,” he said.
PCAOB member Daniel Goelzer offered a subtle acknowledgment that companies might worry the new standard would increase the cost of audits. “The proposal shouldn’t have a radical effect on the basic nature of these reviews or the cost of public company auditing,” he said. “Many registered firms already have sophisticated review programs. I assume firms would not have to make fundamental changes in the design of their programs if the proposed standard is adopted.”
Scates
The proposed standard would give the reviewing partner four specific new duties, said Gregory Scates, deputy chief auditor at the PCAOB, in recommending the proposal to the Board. The reviewing partner must assure that sufficient evidence supports the audit and reaches an appropriate overall conclusion, said Scates. The reviewer also must certify that the audit report is appropriate and the firm is independent of the client.
“The engagement quality review should serve as a meaningful opportunity to identify problems in time to correct those problems,” Scates said. The proposed standard also says the engagement quality reviewer cannot approve the audit report if there are unresolved differences of opinion between the engagement team and the reviewer.
To address concerns of limited staffing at smaller firms, the proposed standard would allow a firm to get a review from outside its own staff if there’s no one within the firm with the right qualifications to review an audit.
ENGAGEMENT ADVICE
According to the PCAOB, as part of performing the engagement quality review, the engagement quality reviewer should:
A. Obtain an understanding of the firm’s recent engagement experience with the company and risks identified in connection with the firm’s client acceptance and retention process.
B. Obtain an understanding of the company’s business, significant activities during the current year, and significant financial reporting issues and risks.
C. Review the engagement team’s evaluation of the firm’s independence in relation to the engagement.
D. Evaluate engagement planning, including (1) the judgments made about materiality and the effect of those judgments on the engagement strategy and (2) the identification of significant risks, including fraud risks, and the
plan for and performance of engagement procedures in response to those risks.
E. Evaluate judgments made about (1) the materiality and disposition of corrected and uncorrected identified misstatements and (2) the severity and disposition of identified control deficiencies.
F. Determine if appropriate consultations have taken place on difficult or contentious matters. Review the documentation, including conclusions, of such consultations.
G. Read the financial statements, management’s report on internal control, or other information that is the subject of the engagement and the engagement report (if an engagement report is to be issued) for the period
covered by the engagement and for the prior period.
H. Read other information in documents containing financial statements that are the subject of the engagement to be filed with the SEC and evaluate whether the engagement team has taken appropriate action with respect to material inconsistencies with the financial statements or material
misstatements of fact of which the engagement quality reviewer is aware.
I. Determine if appropriate matters have been communicated, or identified for communication to the audit committee, management, and other parties, such as regulatory bodies.
J. Review the engagement completion document and confirm with the person with overall responsibility for the engagement that there are no significant unresolved matters.
Source
The Public Company Accounting Oversight Board (Feb. 26, 2008).
Goelzer
Goelzer said the proposal provides some key changes from the way engagement reviews are conducted currently. In addition to the heightened level of responsibility for the reviewing partner, the proposed standard calls for a more risk-based approach to reviewing the audit, giving the reviewer a duty to focus on aspects of the audit engagement that pose the greatest risk for problems, he said. It also would impose more detailed documentation requirements, expanding on existing requirements for the reviewer simply to certify that the policies and procedures of the review were followed.
Bruce Webb, executive partner in the national office of audit and accounting for McGladrey & Pullen, said the proposal might draw some heat in terms of the standard it sets for the engagement quality reviewer.
“What we had was really negative assurance based on the procedures performed,” he said. “The proposed standard is a slightly higher standard, but not equivalent to the engagement partner. The (engagement quality reviewer) will be responsible not only for what you know, but what you should know if you’ve done your job properly. I can see that being a bit of a bone of contention. Twenty-twenty hindsight is always a contentious issue.”
Webb agreed major audit firms already perform quality reviews that are mostly compliant with the standard now proposed by the PCAOB. He said the requirements as proposed likely would not have a significant impact on audit quality.
Goelzer said he likes the fact that the standard would “backstop” the engagement team, protecting investors “in a way that no after-the-fact review or inspection can.” The standard would focus firms’ attention on the most common quality-control deficiencies cited in PCAOB inspection reports, he said.
“Time and again, the board’s staff identifies audit deficiencies that a properly performed concurring partner review should have detected and would have corrected before the audit report was issued,” Goelzer said. “Based on four years of inspection experience, it seems clear that engagement quality reviews have a real potential to reduce the number of after-the-fact audit failure discoveries.”
The proposal is open to public comment through May 12.
No comments yet