The PCAOB has released a new Spotlight on auditor independence, which provides observations from PCAOB inspections regarding independence issues and identifies considerations for both auditors and audit committees. Auditor independence has, for years, been a major focus of the SEC’s Office of the Chief Accountant, and current Chief Accountant Paul Munter has addressed the issue in a number of statements, characterizing auditor independence as a concept that is “foundational to the credibility of the financial statements.” (See, for example, this PubCo post and this PubCo post.) But auditor independence is not just an issue for auditors. It’s important for companies to keep in mind that violations of the auditor independence rules can have serious consequences not only for the audit firm, but also for the company as the audit client. For example, an independence violation may cause the auditor to withdraw the firm’s audit report, requiring the audit client to have a re-audit by another audit firm. What’s more, auditor independence violations can sometimes even result in charges against the company; for example, Lordstown Motors was charged with several Exchange Act violations in connection with misrepresentations and failures to include financial statements audited by independent auditors required in current and periodic reports. Munter has long recognized that the responsibility to monitor independence is a shared one: “[w]hile sourcing a high quality independent auditor is a key responsibility of the audit committee, compliance with auditor independence rules is a shared responsibility of the issuer, its audit committee, and the auditor.” As a result, in most cases, inquiry into the topic of auditor independence should certainly be a recurring menu item on the audit committee’s plate. Fortunately, the Spotlight offers advice, not only for auditors, but fortunately, also for audit committee members.
In the Spotlight, the PCAOB, much like Munter, characterizes auditor independence as “foundational to building investor confidence and fostering trust in the capital markets.” Through its inspections, however, the PCAOB has found that “it is an area of common deficiencies year after year.” Over the last three inspection periods, from 2021 to 2023, the staff “has observed that an increasing number of comment forms have been issued related to independence issues,” doubling over the period from 7% to 14% of the total comments issued.
What were some of the most problematic areas?
- A frequent category of comment related to the absence of pre-approval of services. In some of these cases, the audit firms provided “no persuasive evidence that the necessary pre-approval from the audit committee had occurred prior to the audit firm commencing audit, non-audit, and/or tax services or that the pre-approval requirement had been waived.” (SEC Rule 2-01(c)(7))
- Another common issue was the failure to provide communication with the audit committee concerning independence under PCAOB Rule 3526, which requires, among other things, first, describing in writing all relationships between the firm and its affiliates and the audit client or persons in financial reporting oversight roles that could reasonably be thought to bear on independence and, second, discussing with the audit committee the potential effect of those relationships on independence. For example, the staff reported instances where the auditors did not describe to the audit committee in writing the scope of the non-audit services it provided. (See this PubCo post for a discussion of 2019 PCAOB staff guidance on communications with audit committees under this rule.)
- Under AS 2101, Audit Planning, the auditor is required to determine compliance with independence and ethics requirements at the beginning of the audit. QC 20 requires the audit firm to ensure that its personnel comply with the professional standards applicable to its practice. The staff observed instances where the audit firms did not perform any procedures to determine compliance with PCAOB standards and rules and SEC rules regarding independence of engagement team members from other audit firms, such as members of global networks, that participated in the audit. The staff also saw examples of deficiencies in quality control systems indicating that they may not provide reasonable assurance of compliance by personnel with the audit firms’ independence policies and procedures.
The staff also found, among other things, instances where audit firm personnel engaged in prohibited financial relationships with the audit client, where the audit firm provided prohibited non-audit services to the audit client or its affiliate, where the engagement letter of an associated entity of an audit firm included indemnification provisions, or where audit client employees had prohibited employment relationships with the audit firm or vice versa. The Spotlight highlights the rules related to independence and illustrates potential problems through examples of staff observations. A lot can go wrong.
The Spotlight also identifies a number of audit firm good practices for independence, such as increasing the use of technology-based tools to promote early detection of independence violations, enhancing the frequency of personal independence representations and other enhanced processes.
Importantly, for these purposes, the Spotlight identifies a number of useful considerations for audit committees. As you know, under SOX, audit committees are responsible for the engagement and oversight of the company’s independent auditor. Below are considerations for audit committees on their oversight responsibilities regarding their auditor’s independence identified by the PCAOB in the Spotlight:
- “Audit committees are required to consider whether any services provided by the audit firm may impair the audit firm’s independence in advance.
- Audit committees should be aware that certain financial relationships between the company and the independent auditor are prohibited.
- Audit committees should consider whether the public company’s policies and procedures require that all audit and non-audit services are brought before the audit committee for pre-approval.
- Audit committees should not approve engagements that remunerate an independent auditor on a contingent fee or a commission basis, as such remuneration is considered to impair the auditor’s independence.
- Audit committees should consider whether their auditor has implemented processes to identify prohibited relationships.
- Audit committees should discuss the following with the audit firm:
- Processes the audit firm uses to ensure complete disclosure of all relationships with the public company and its affiliates.
- Relationships the audit firm may have with officers, board members, and significant shareholders.
- If the audit committee pre-approves services using pre-approval policies and procedures, the audit committee should consider whether the pre-approval policies and procedures are sufficiently detailed as to the particular services to be provided so that the audit committee can make a well-reasoned assessment of the impact of the service on the auditor’s independence.
- Independence is a shared responsibility between the entity under audit, its audit committee, and its auditor. It is important for the company to have policies and procedures to proactively alert auditors to proposed or pending merger and acquisition activity that could have an impact on auditor independence.”
Hat tip to the thecorporatecounsel.net.
