by Cydney Posner
SEC Chair Mary Jo White and a cast of thousands from the SEC’s Office of the Chief Accountant delivered remarks yesterday before the 2015 AICPA National Conference on Current SEC and PCAOB Developments. Summarized below are some of the key themes of their speeches:
Internal Control Over Financial Reporting. Chair White noted that, while some question whether the ICFR documentation and testing requirements are excessive, the SEC generally hears from stakeholders that the SOX ICFR requirements “have resulted in improved controls and financial reporting.” Discussion about unnecessary requirements is ongoing; however, White emphasized that “it is hard to think of an area more important than ICFR to our shared mission of providing high-quality financial information that investors can rely on.”
Chief Accountant James Schnurr observed that deficiencies in ICFR audits continue to be one of the most frequent findings in PCAOB inspections. While these findings are directed at the sufficiency of auditing procedures performed, Schnurr encouraged the audience to “take a broader view of the PCAOB inspection findings…. [T]he ICFR issues identified by the PCAOB may not be just a problem of audit execution. Rather, they may, at least in part, be indicative of deficiencies in management’s controls and assessments.” Deputy Chief Accountant Brian Croteau reaffirmed Schnurr’s suggestion that PCAOB inspection issues may be indicative of problems with company managements’ controls. He observed that, based on data showing an uptick for the second consecutive year in reporting of material weaknesses in the absence of a restatement as a result of material misstatements, ICFR may be improving. He also reminded companies that, after a control deficiency is identified, it is important to understand “the complete population of transactions that a control is intended to address in advance of assessing the severity of any identified deficiencies. Then, once ready to assess the severity of a deficiency, it’s important to remember that there are two components to the definition of a material weakness – likelihood and magnitude.” This analysis looks at both known errors and reasonably possible potential misstatements. Evaluation of potential misstatements — the “could factor” — often requires management to consider information “incremental to that which would be necessary, for example, for a materiality assessment of known errors pursuant to SAB 99.” In any event, the “could factor” is an important element in determining the severity of deficiencies and should not be an “afterthought.” He also stressed the need to redesign controls as necessary in connection with the application of new accounting standards and policies, such as revenue recognition, and to disclose material changes quarterly as required.
Non-GAAP Financial Measures. White emphasized the need to ensure that the current rules on NGFMs are being followed and that they are
“sufficiently robust in light of current market practices. By some indications, such as analyst coverage and press commentary, non-GAAP measures are used extensively and, in some instances, may be a source of confusion. Like every other issue of financial reporting, good practices in the use of non-GAAP measures begin with preparers. While your chief financial officer and investor relations team may be quite enamored of non-GAAP measures as useful market communication devices, your finance and legal teams, along with your audit committees, should carefully attend to the use of these measures and consider questions such as: Why are you using the non-GAAP measure, and how does it provide investors with useful information? Are you giving non-GAAP measures no greater prominence than the GAAP measures, as required under the rules? Are your explanations of how you are using the non-GAAP measures – and why they are useful for your investors – accurate and complete, drafted without boilerplate? Are there appropriate controls over the calculation of non-GAAP measures?”
Audit Committees. Many of the speakers addressed issues related to audit committees.
- Overload. White expressed her “growing concerns about the amount of work required of some audit committees. The increasing workload may dilute an audit committee’s ability to focus on its core responsibilities: selecting and overseeing the independent auditors; internal controls and auditing; setting up an appropriate system for the receipt and treatment of complaints about accounting; and reporting to shareholders. And when directors serve on multiple boards, including multiple audit committees, we must question whether they can do the job effectively.” Schnurr concurred: “many audit committees have assumed a number of responsibilities that extend beyond their specific regulatory obligations. For example, audit committees are often charged by the board with oversight of a host of major risks facing the company, including cybersecurity, emerging technologies, and compliance risks posed by government regulation.” Although this result is not surprising because the financial implications of these risks are “naturally of interest to audit committees,… in this environment of growing audit committee agendas, it is important not to lose sight of the key SEC and exchange listing requirements for audit committee performance.” (See this PubCo post. )
- Composition. White urged that committee members must “have the time, commitment, and experience to do the job well. Just meeting the technical requirements of financial literacy may not be enough to fully understand the financial reporting requirements or to challenge senior management on major, complex decisions. Nor is experience necessarily transferable. While independent directors should have diversified backgrounds, a director with financial reporting experience limited to manufacturing firms, for example, may not be able to adequately oversee the reporting of a large financial services firm.”
- Oversight. Schnurr advocated that audit committee members should be careful not to act as management advocates, but rather should be tone-setters, creating a “culture of compliance through their oversight of financial reporting. In that role, they should be asking probing questions about, for example, judgments made by management related to critical accounting estimates or important financial statement disclosures. They should require follow-up on their questions and corrective actions, where necessary. Similarly, when it comes to the independent audit, the company’s bottom-line or management’s preference should not drive the audit committee’s decision to hire or retain an auditor. Audit firms should compete for work on the basis of audit quality, keeping in mind that their responsibility is also to the shareholders rather than management of the company.”
- Report. In light of the current discussions about enhancement of the audit committee report, White limited her observations to stating only that the “report serves as a place for engaging with shareholders on important subjects, and the report must continue to meet the needs of investors as their interests and expectations evolve with the marketplace.” Croteau indicated that the SEC has received about 100 comment letters in connection with its concept release on the audit committee report. (See this PubCo post.) There was considerable support from investors for improving disclosures, especially in areas such as selection and appointment of auditors, evaluation of the qualifications and work of the audit team and determination of the auditor’s compensation. These commenters generally advocated adoption of principles-based requirements. Other commenters, however, advocated that disclosure enhancements be voluntary only, raised questions about potential litigation risks and adverse effects on communication between audit committees and independent auditors. Some also suggested that the SEC revise its rules to strengthen the definition of an audit committee financial expert. Croteau encouraged companies to continue the trend toward voluntary enhanced disclosures.
Auditor Independence. Croteau discussed issues related to non-audit services. While Rule 2-01(c) includes a list of prohibited non-audit services, it is not exclusive, and other non-audit services must be evaluated against four general principles: whether the relationship or service
- Creates a mutual or conflicting interest with the audit client;
- Places the auditor in a position of auditing his or her own work;
- Results in the auditor’s acting as management or an employee of the audit client; or
- Places the auditor in a position of being an advocate for the audit client.
Croteau also encouraged management and audit committees to have policies and procedures that provide for ongoing monitoring of non-audit services “to address the risk of ‘scope creep’ that could result in a service becoming impermissible and impairing the auditor’s independence.” Croteau encouraged consultation with the staff in the event of questions. Michael Husich, Senior Associate Chief Accountant, noted that the staff may not always be able to provide definitive views, particularly for issues such as non-audit services, which are very fact specific and may require a fuller picture than the description provides. However, he added, “the staff nonetheless will generally provide feedback or observations with consideration to any written analysis provided by the caller. Lastly, to the extent an independence question is posed to the SEC staff as a result of an ongoing PCAOB inspection, we expect the inquirer to be transparent, as discussions with the PCAOB staff may be warranted in order to determine an appropriate response to the question.” Husich also clarified that “the staff does not have the statutory authority to waive an independence violation because the company and its accountant cannot be relieved of the obligation to file audit reports certified by an independent public accountant.”
Husich also reaffirmed that compliance with the auditor independence rules is a shared responsibility of both the accounting firm and the company and its audit committee. For example, because the independence requirement applies to the company and its affiliates, auditors should have an effective system in place to timely and accurately identify affiliates, and companies need to provide complete and accurate records regarding affiliates. Similar concerns may arise in connection with the prohibition on business relationships between the accountant and its audit client, or persons associated with the audit client in a decision-making capacity, such as officers, directors or substantial stockholders.
Audit Quality. White noted that, although investor confidence in audited financial statements and independent auditors is high and audit quality has improved, there are still “too many instances where companies and their auditors have not discharged their responsibilities adequately under the securities laws and professional standards.” PCAOB inspections have found “significant deficiencies in auditing the effectiveness of ICFR; assessing and responding to risks of material misstatement; auditing accounting estimates; and work performed by audit firms other than the signing firm in cross‑border audits….[W]e have also just recently brought two enforcement cases against national accounting firms and their partners for missing or ignoring red flags. Such failures are totally unacceptable.”
Deputy Chief Accountant Wesley Bricker remarked that three of the most commonly identified topics in restatements are debt/equity accounting, statement of cash flows classification and income tax accounting, indicating a need for increased focus on financial reporting competencies and ICFR in these areas before financial statements are issued. He also advised accountants to study the circumstances associated with financial restatements to determine what improvements can be made and encouraged company management and audit committees to assess whether they have adequate competent resources to support high quality financial reporting and to supplement as appropriate through a designated accounting policy function or qualified service provider.
Revenue Recognition. Bricker also discussed implementation of the new revenue recognition standard. Although revenue recognition is one of the most important measures used by investors, and standard-setters have made “tremendous progress” in addressing questions under the new standard, according to a recent survey, “75% of responding companies had not completed their initial impact assessment and, of those, a third had not begun.” He advised that the audit committee, management and the auditor engage in “timely, candid discussions about not only the appropriateness of the design and status of management’s detailed implementation plans and impact assessments, but also the sufficiency of resources needed to complete the work timely.” The staff is expecting to review annual financial statement disclosures about the anticipated effect of the new standard, and, if the impact is not known, “then in addition to making a statement to that effect, a registrant may consider advising investors when that assessment is expected to be completed.” Ashley Wright, Professional Accounting Fellow, observed that, because the new standard is principles-based and “replaces nearly all existing guidance,” all companies will experience some change and should implement a change management project plan and allocate adequate resources to it. She noted the success some companies were having with a “bottoms-up approach,” which “typically involves: (i) identifying each of the different revenue arrangements and contracts, (ii) taking a fresh look at historical accounting policies and practices, and (iii) identifying any differences that may result from applying the requirements of the new standard to those arrangements.” If the “fresh look” identifies differences in accounting policies and conclusions from those of other companies with similar facts and circumstances, she advocated that management “raise those viewpoints – whether that is through the joint Transition Resource Group (TRG), AICPA industry task forces, or to OCA – so that diversity among companies may be resolved during the implementation phase. Resolution of differences sooner rather than later is preferable from a comparability standpoint, and it could save companies from incurring additional costs associated with changing after the initial implementation date, for example, as a result of interpretative standard setting by the EITF or other settings.”
Staff Consultations. Bricker observed that, during 2015, the three most frequent topics for consultation — revenue recognition, business combinations and segment identification and reporting — were “not among the top three restatement areas, suggesting that companies and audit firms are making progress in identifying and seeking input on application questions, timely.” However, companies sometimes inappropriately contend that “they should not be required to apply a GAAP standard because the result would be ‘competitively harmful’ or ‘misleading.’ Hint from Bricker: these may not be persuasive arguments because they “disregard the thoughtful balance taken by the accounting standard setters in crafting reporting standards that provide transparent, useful information to investors. A better approach starts with identifying what information is useful to investors, why, and how that information can be appropriately reported.” Another hint: over-reliance on peer practices and benchmarking to other disclosures and SEC correspondence can be problematic if that’s all that is done: “Benchmarking may be an element of, but is not a substitute for, management doing the work needed to select, support, and document a company’s accounting policies.”
Segments. Courtney Sachtleben, Professional Accounting Fellow, discussed in detail the analyses required to identify operating segments and to determine aggregation into reportable segments. She noted that when, consistent with the guidance, a single operating segment is identified, “it can be a significant signal to investors about how management has allocated resources. Upon arriving at this conclusion, registrants should disclose that they allocate resources and assess financial performance on a consolidated basis and should explain the basis for that management approach. It would seem counter to the objectives of segment reporting if the business description indicates the entity is diversified across businesses or products, yet is not managed in a disaggregated way.”
Partner Rotations. Husich reminded the audience to consider quarterly reviews in connection with partner rotation requirements: for example, “even if a partner only served as the lead partner for one quarterly review during the year, that year would count as one year toward the total number of years which that partner served as the lead partner on the engagement.”
Domestic Use of IFRS. Schnurr advised that the staff will be in discussions with the SEC Commissioners “regarding certain regulatory changes that would facilitate the ability of domestic issuers to provide IFRS-based information as a supplement to U.S. GAAP financial statements.”
Post-Vesting Restrictions. Barry Kanczuker, Associate Chief Accountant, discussed the impact of post-vesting restrictions, such as transfer or sale restrictions, on the measurement of share-based awards. He indicated that, when estimating the grant date fair value of the award, he “would expect that a post-vesting restriction may result in a discount relative to the market value of common stock…” However, he questioned whether these restrictions would significantly lower stock compensation expense: “when evaluating the appropriateness of measurement in this area, we continue to look to the guidance in ASC 718-10-55-5, which states that ‘…if shares are traded in an active market, post-vesting restrictions may have little, if any, effect on the amount at which the shares being valued would be exchanged.’”
There were a number of other presentations by the OCA staff on matters such as IFRS, discontinued operations, consolidation and other hot accounting issues.