PCAOB Standing Advisory Group Meeting – Baby Steps, But Important Ones

Last Wednesday, I attended the PCAOB’s Standing Advisory Group”s live meeting in Washington DC. It was more fun, more interesting , than I was expecting. The room was full of professionals from the firms, including several next tier and next, next tier firms who sit on the board as well as representatives from the SEC, PCAOB, and various interested parties. I think I was the only one without an official name tag of some kind.

For those of you wondering who that brunette woman, sitting near feisty Cynthia Richson, in the blue suit and killer Jimmy Choo black suede stiletto boots was, that was me…

There were three topics on the agenda:

1) CIFiR Proposal Relating to Judgments Made by Financial Statement

Preparers and Auditors

2) Accounting Firms’ and Auditors’ Responsibility to Supervise

3) Global Quality Control Practices

I’m not going to say much now about the first topic. I have written about this bunch of baloney before, and my friend Jim Peterson has written about it today better than I ever could. And, I missed this session due to an accident on the way from the Baltimore airport. So, far be it from me to be accused of writing about something I did not experience first hand…

I came in right before the start of the second session, the one on auditor’s responsibility to supervise.

“Mom and apple pie”, you say?

Well, you’d be surprised the lengthy debate on this subject. Leave it to a room full of auditors, regulators, investment bankers, law professors, rating agencies and internal audit industry professionals to split hairs, filibuster, flub, obfuscate and prance around a topic as simple as what level of supervision of audits is expected and should be codified for accounting firms and their management.

As I mentioned before, Mark Olson said hello and I mentioned to him later that it was interesting that the meeting was “public” in the sense that the public was invited, but not “public” in that the public was not allowed to ask questions.

I, of course, love to ask questions. In retrospect, it’s how I got off on the wrong foot the first month I was at PwC. In a large forum, at a practice-wide meeting in Orlando, I asked the partner in charge of sales and marketing when, or if, the systems for tracking opportunities and reporting on the business development process for the audit firm, tax practice and “consulting” practice were ever going to be integrated. I may have asked another question, I can’t remember. When someone says, “Any questions?” it means to me that they want questions. I was new and wanted to make an impression and, boy oh boy, did I.

Later, one of the partners in my practice pointed out that no one else was asking questions except other partners and those questions were not critical but meant to draw out more information. I had asked a question which had put someone on the spot. That was a no-no. No one knew who the hell I was or why I was asking questions and, according to her, no one in the audience cared about those kinds of issues! Business development and systems infrastructure to support it was of interest to only a few top managing partners…

But, I digress. Only to demonstrate how deeply disappointed, but respectful of the fact I was, that questions were not allowed. Now I have this forum and can comment and ask questions to my heart’s desire! Yea!

The PCAOB has done a very 2008 thing and has the live recordings as files and podcast available for your listening pleasure. That’s great. Go listen to this discussion.  You’ll hear it lead off with a reading of a white paper by Professor John C. Coffee, not to be confused with Mr. John P. Coffey who I agree with. The rest of the “discussion” was a series of recitation of prepared responses to this white paper and no open discussion. Suffice it to say, this was unsatisfying and led to no conclusions.

The discussion was broader than what is now covered by the PCAOB’s latest proposed standard over concurring partner opinions. Even though many lament the addition of even more standards and codes where good approaches seem to exist, the PCAOB is a regulatory body and has an obligation to formalize their interim standards. This is one of them. A long standard, covering only how and when a concurring partner review is necessary, how that must be documented and how to judge the integrity, independence, competence and objectivity of the reviewer, may seems excessive to the naive.

However, in the environment I just witnessed on Wednesday, with several different competing interests, all positioning themselves, bloviating on their position and then sitting back self-satisfied and reluctant to compromise, any precision on what will be reviewed and how can only help. I applaud the PCAOB for taking these baby steps, and pinning the son of a guns down on these issues, one by one.

The proposed standard would apply to all engagements performed in accordance with the standards of the PCAOB. In addition to requiring certain specified procedures, the proposed standard requires the engagement quality reviewer to assess whether there are areas within the engagement that pose a higher risk that the engagement team failed (1) to obtain sufficient competent evidence or (2) to reach an appropriate conclusion. In such areas, the engagement quality reviewer should evaluate whether the engagement team responded appropriately to the assessed risks, the judgments made were reasonable, and the results of the procedures performed support the engagement team’s overall conclusions.

Furthermore, the proposed standard includes a new requirement that the engagement quality reviewer must satisfy before providing concurring approval of issuance. As stated above, under the existing requirement, the reviewer has to conclude that no matters have come to his or her attention that would cause the reviewer to believe that the financial statements are not in conformity with generally accepted accounting principles or that the audit was not conducted in accordance with the standards of the PCAOB. Under the proposed standard, the reviewer must not provide concurring approval of issuance if he or she knows, or should know based upon the requirements of the standard, that the engagement team failed to obtain sufficient competent evidence, the engagement team’s overall conclusion or report is inappropriate, or the firm is not independent of its client. Concurring approval of issuance would be required before the firm could grant the client permission to use the engagement report (or communicate a conclusion to a client if no report is issued).

You can listen to the podcast yourself. However, I think a few points were missed in all the discussion, even though they may be hovering in the background somewhere.

There are already two standards of quality which have been applied to the audit firms and their audits:

1) When an audit firm submits their application for registration with the PCAOB, they are required to submit a summary of their Quality Control policies.

PCAOB Release 2003-011 Frequently Asked Question Regarding Registration with the Board November 13, 2003 Quality Control Policies 32. How detailed should we be in describing our quality control policies? As indicated in Item 4.1, your discussion of quality control policies should be a summary description presented in a clear, concise and understandable format. You should not provide us with your entire internal quality control manual in response to this Item, but should prepare a brief document that addresses your quality control policies as they relate to the areas reflected in the Board’s interim quality control standards (see Board Release 2003-006, Establishment of Interim Professional Auditing Standards) Specifically, the description should provide an overview of your firm’s policies with respect to independence, integrity and objectivity; engagement performance; personnel management; acceptance and continuance of clients and engagements; and monitoring.

This process ostensibly follows the AICPA standards. What’s wrong with those?

2) Many of the firms are operating under consent decrees with the Department of Justice to cure violations of independence and related policies. The Department of Justice puts a Monitor in place to review and judge progress on improving and implementing policies and procedures to cure these deficiencies. What standard are they using? Hopefully, the AICPA standard.

Let’s be consistent. If the AICPA Standard is good, codify it for use by PCAOB and therefore the SEC and DOJ. If it needs more detail and precision, PCAOB, use it as a base and work on that.

There were a few other intriguing issues raised including,

– how the partnership model does or does not impede the ability of the firm to take responsibility at the management level for partner’s decisions, and

-the impact of globalization on the ability of the firms to take responsibility for supervision of their “network” offices work on a listed company.

I will expand on these issues in my next post.