At the end of last week, the SEC approved the PCAOB’s updated standards for audits that involve multiple auditing firms. SEC Chair Gary Gensler said that the amended standards “will strengthen the requirements for lead auditors who supervise other auditors in an audit, helping to enhance audit quality and protect investors.” Why were these updates necessary? According to Gensler, the globalization and increasing complexity of public company operations has meant that auditors must increasingly “rely on other auditors—working across different firms, countries, and even languages—in completing an audit. Last year,” he said, “26 percent of all issuer audit engagements used multiple auditors, and more than half of large accelerated filer audits used multiple auditors. Given the challenges that such multi-firm audits present, it is important that there be robust standards for how lead auditors supervise, communicate with, and coordinate with other auditors on the audit engagement.” Gensler noted that the updates enhance the standards “across two broad areas. First, the amended standards specify certain procedures for lead auditors to perform when supervising other auditors. Second, they require lead auditors to prioritize their supervisory activities around higher-risk areas in the audit.” PCAOB Chair Erica Williams observed that companies “continue to increase their global presence. As a result, the use of other auditors has become more prevalent in the conduct of an audit, which can create additional challenges for the lead auditor. Adding other auditors into the process requires careful consideration and clear communications between all auditors involved in the audit. And when miscommunication occurs or when there are misunderstandings about the nature, timing, and extent of the other auditor’s procedures, audit quality will likely suffer.” It’s worth noting that some aspects of the new amendments will affect communications with the audit committee. The amendments will be effective for audits of financial statements for fiscal years ending on or after December 15, 2024.
SEC Acting Chief Accountant cautions again about auditor independence concerns, especially the “checklist compliance mentality”
Auditor independence—or rather the potential absence of same—is apparently still a cause of significant agita at the SEC’s Office of Chief Accountant. In October last year, Acting Chief Accountant Paul Munter issued a statement regarding the importance of auditor independence—a concept that is “foundational to the credibility of the financial statements.” That statement was prompted largely by the trend at that time toward the use of “new and innovative transactions” to access the public markets, such as SPACs, together with the potential effect on independence of increasingly complex tangles of business relationships among audit firms, audit clients and non-audit clients. (See this PubCo post.) But that caution seems not to have been enough to slay the dragon. In this June statement, Munter again addresses auditor independence. The SEC, he observes, “has long-recognized that audits by professional, objective, and skilled accountants that are independent of their audit clients contribute to both investor protection and investor confidence in the financial statements.” This time, Munter focuses his statement on the critical importance of the general standard of auditor independence and recurring issues in recent auditor independence consultations. He also addresses the value of firms’ treating accounting as a profession, one that fosters “a culture of ethical behavior in all their professional activities, but especially with respect to auditor independence.” Munter appears to be especially concerned about the “decreased vigilance” and “ethical deterioration” that may arise out of “checklist compliance mentality,” an unfortunate state of mind he highlights in several contexts. It is important for companies to keep in mind that violations of the auditor independence rules can have serious consequences not only for the audit firm, but also for the audit client. For example, an independence violation may cause the auditor to withdraw the firm’s audit report, requiring the audit client to have a re-audit by another audit firm. As a result, in most cases, inquiry into the topic of auditor independence should certainly be a recurring menu item on the audit committee’s plate.
This week, Acting Chief Accountant Paul Munter issued a statement regarding the importance of auditor independence—a concept that is “foundational to the credibility of the financial statements.” The responsibility to monitor independence is a shared one: “[w]hile sourcing a high quality independent auditor is a key responsibility of the audit committee, compliance with auditor independence rules is a shared responsibility of the issuer, its audit committee, and the auditor.” That has long been the case. But what is happening in the current setting to prompt this statement? It is the recent trend toward the use of “new and innovative transactions” to access the public markets, such as SPACs, together with the continued expansion by audit firms of business relationships with non-audit clients. That is, gatekeepers must be especially vigilant to prevent an audit firm from unwittingly losing its independence in the event of a transaction by an audit client with a non-audit client, a risk that is enhanced as audit firms engage in consulting relationships with more non-audit clients. This environment, Munter cautions, requires audit committees to be especially attentive in considering “the sufficiency of the auditor’s and the issuer’s monitoring processes, including those that address corporate changes or other events that potentially affect auditor independence.” And it requires audit firms to consider “the impact of business relationships and non-audit services on existing and prospective audit relationships.” It is important for companies to keep in mind that violations of the auditor independence rules can have serious consequences not only for the audit firm, but also for the audit client. For example, an independence violation may cause the auditor to withdraw the firm’s audit report, requiring the audit client to have a re-audit by another audit firm. As a result, in most cases, inquiry into the topic of auditor independence should certainly be a recurring menu item on the audit committee’s plate.
Yesterday, SEC Chair Jay Clayton, SEC Chief Accountant Sagar Teotia and Corp Fin Director William Hinman posted a “Statement on Role of Audit Committees in Financial Reporting and Key Reminders Regarding Oversight Responsibilities.” As the year draws to a close, given the vital role of audit committees in the financial reporting system, the Statement is intended to provide “observations and reminders on a number of potential areas of focus for audit committees. Issuers and independent auditors also should be mindful of these considerations with an eye toward ensuring that audit committees have the resources and support they need to fulfill their obligations.”
Happy New Year Everyone!
Recently, SEC Chief Accountant Sagar Teotia hinted at possible forthcoming changes to the auditor independence rules, remarking that, in connection with the recent changes related to lending relationships, the SEC “also received comments on other aspects of auditor independence rules. In conjunction with that feedback, the Chairman directed the staff to formulate recommendations to the Commission for possible additional changes to the auditor independence rules for potential rulemaking.” However, the nature of the potential changes remained something of a mystery. The proposal to amend the auditor independence rules has now been released. According to the press release issued today, the proposal is intended to modernize aspects of the independence rules to minimize the potential for “relationships and services that would not pose threats to an auditor’s objectivity and impartiality [to] trigger non-substantive rule breaches or potentially time consuming audit committee review of non-substantive matters.” It is important to keep in mind that violations of the auditor independence rules can have serious consequences not only for the audit firm, but also for the audit client. For example, an independence violation may cause the auditor to withdraw its audit report, requiring the audit client to have a re-audit by another audit firm. As a result, in most cases, inquiry into the topic of auditor independence should be a menu item on the audit committee’s plate. The comment period will be open for 60 days.
Last week, the SEC announced settled charges against PwC and one of its audit partners for violations of the auditor independence rules. As described in the Order, the violations included “performing prohibited non-audit services during an audit engagement, including exercising decision-making authority in the design and implementation of software relating to an audit client’s financial reporting, and engaging in management functions.” PwC was also charged with “improper professional conduct” in connection with 19 engagements by failing to comply with PCAOB rules requiring an auditor to “describe in writing to the audit committee the scope of work, discuss with the audit committee the potential effects of the work on independence, and document the substance of the independence discussion.” According to the Order, the failure to properly advise these audit committees prevented them from examining whether the non-audit services affected PwC’s independence. Notably, because it issued an audit report stating that it was independent when it was not, PwC was also charged with having caused its audit client to violate the Exchange Act by filing with the SEC an annual report that contained materially false or misleading information and that failed to include financial statements audited by an independent public accountant, as required. The SEC concluded that these violations reflected “breakdowns in [PwC’s] system of quality control to provide reasonable assurance that PwC maintained independence.” In addition to requiring PwC to pay disgorgement and penalties, the SEC censured PwC. For companies, it is important to keep in mind that the consequences of violations of the auditor independence rules apply not just to the audit firm, but also to the audit client. An independence violation may cause the audit client to violate the Exchange Act, as in this case, and/or lead the auditor to withdraw its audit report, requiring the audit client to have a re-audit by another audit firm. Audit committees need to be on the alert for the possibility of auditor independence violations and be vigilant regarding the performance of non-audit services.
The SEC’s Office of Chief Accountant has updated its FAQs regarding auditor independence. The new and revised questions relate to the general standard for independence, prohibited non-audit services, partner rotation, definitions and miscellaneous other independence issues. It is important to keep in mind that violations of the auditor independence rules can have serious consequences not only for the audit firm, but also for the audit client. For example, an independence violation may cause the auditor to withdraw its audit report, requiring the audit client to have a re-audit by another audit firm. As a result, in most cases, inquiry into the topic of auditor independence should be another menu item on the audit committee’s plate.
The SEC has adopted final amendments to the auditor independence rules relating to lending relationships between the auditor and an audit client or certain shareholders of the audit client. As noted in the press release, the SEC had become aware of circumstances where the existing rules captured attenuated “relationships that otherwise do not bear on the impartiality or objectivity of the auditor. The amendments are intended to focus the rules on those lending relationships that reasonably may bear on external auditors’ impartiality or objectivity and, in so doing, improve the application of the Loan Provision for the benefit of investors while reducing compliance burdens.” Although the issues associated with this independence rule have created the severest compliance challenges for companies in the investment management industry, the final amendments will apply to entities beyond that industry, including operating companies and registered broker-dealers. The final amendments will become effective 90 days after publication in the Federal Register.
Under PCAOB Rule 3520, the auditor “must be independent of the firm’s audit client throughout the audit and professional engagement period,” which includes satisfying the independence criteria of the SEC and the PCAOB. But what happens when the auditor violates one of the independence rules—let’s say one of the specific prohibitions under Rule 2-01(c) of Reg S-X? Can the auditor’s violation be “cured”? Can the auditor still affirm its independence? How is that determined?
The SEC has posted a new rule proposal that would modify the analysis of auditor independence in the context of lending relationships between the auditor and certain shareholders of an audit client during the audit or professional engagement period. Under the current loan provision of Rule 2-01(c) of Reg S-X, some debtor-creditor relationships between an auditor and its audit client are viewed to taint auditor independence. However, the SEC now believes that some of the provisions of this Rule are not as effective as they could be and may present unnecessary practical challenges. The release indicates that the proposed amendments are designed to better focus the loan provision “on those relationships that, whether in fact or in appearance, could threaten an auditor’s ability to exercise objective and impartial judgment.” As Wes Bricker, SEC Chief Accountant, told Bloomberg, “[w]e’re trying to right-size” the Rule.The SEC is also soliciting comment on other potential changes to the loan provision or other provisions of Rule 2-01. Comments are due 60 days after publication in the Federal Register.