As audit regulators review comments on their reworked proposal for seven new risk assessment standards, they’re also getting some pretty forthright advice on how to write audit rules.

Even the U.S. Government Accountability Office has weighed in on where the Public Company Accounting Oversight Board may be inviting trouble with its latest attempt. The PCAOB’s approach “will increase the likelihood of misinterpretations, inconsistent application of the standards, and higher costs for all users with a disproportionate burden on smaller and mid-sized firms,” wrote Jeanette Franzel, managing director in financial management and assurance for the GAO.

The comment period ended earlier this week for the PCAOB’s round-two proposal of seven standards that are intended to steer auditors in a new direction when it comes to assessing and responding to risk of misstatement in an audit of public company financial statements. The concepts behind each of the seven standards focus on audit risk, audit planning and supervision, consideration of materiality in planning and performing an audit, identifying and assessing risks of material misstatement, the auditor’s responses to the risks of material misstatement, evaluating audit results, and audit evidence.

The major audit firms and the Center for Audit Quality commented not only on the proposals, but also on PCAOB’s method for developing the standards. They’re concerned that the PCAOB’s rationale and approach in many ways is simply unclear.

The CAQ, for example, along with most of the major firms, told the PCAOB it needs to provide a better description of how it expects auditor performance to change under the new rules. They’re looking for more detailed comparisons of proposed standards with existing standards, not only of the PCAOB itself but also the International Auditing and Assurance Standards Board and the Auditing Standards Board of the American Institute of Certified Public Accountants. They’re looking for more collaboration and convergence, so auditors can work from a more cohesive set of requirements.

“We request the board consider further enhancements to its standards-setting process that would provide additional visibility to the board’s rationale and expectations for changes to practice,” wrote Cindy Fornelli, executive director of the CAQ.

The PCAOB has not set a timeline for when it will act on the comments to move toward finalizing the new standards. The board issued its first proposal in October 2008 and its second proposal in December 2009.

Audit regulators are putting down early notions that a new rule on internal reviews requires copious documentation.

The Public Company Accounting Oversight published a single question and answer addressing implementation of Auditing Standard No. 7: Engagement Quality Review addressing the new standard’s documentation requirements. The Securities and Exchange Commission called for the guidance when it approved the new standard in early January.

AS7 replaces earlier professional standards established by the American Institute of Certified Public Accountants for how audit firms should review their audit work internally before publishing their audit reports. The standard provides more rigorous requirements for all accounting firms auditing public company financial statements to review engagements internally in the hope that it will reduce audit deficiencies before reports are issued.

The PCAOB developed the standard in response to observations by inspectors that audit firms weren’t putting enough elbow grease into the internal review process, causing audit reports to be issued that should have been cleaned up internally before they were issued. Critics of the new standard worried the new requirements would lead to redundant audit work, driving unnecessary audit costs for public companies.

The standard is in effect for audits of interim and annual periods beginning after Dec. 15, 2009. When the SEC issued its order approving the new standard, it instructed the PCAOB to provide implementation guidance to address questions about how much documentation should be provided to comply with the review standard.

The resulting guidance addresses a single question in less than three pages. It says audit firms should not read language in the release adopting the standard to mean that they are required to provide documentation of all the interactions between the engagement quality reviewer and the engagement team, including those that take place before an audit deficiency is identified.

Instead, the PCAOB says, the new standard focuses on how to document interactions once a significant engagement deficiency is identified. The documentation should contain enough information “to enable an experienced auditor, having no previous connection with the engagement, to understand the procedures performed by the engagement quality reviewer, and others who assisted the reviewer, to comply with the provisions of this standard,” the PCAOB wrote.

Audit regulators have sanctioned a Grant Thornton engagement partner and staff auditor for failing to flag questionable revenue recognition practices in the 2004 financial statements of a small technology company.

Partner Ray O. Westguard, 69, has been barred from being associated with a public accounting firm that is registered with the PCAOB to do public company audit work, though he can apply for reinstatement after two years. Staff Auditor Jennifer Nakao, 34, is suspended from being associated with a registered firm for one year.

Both Grant Thornton auditors worked in the firm’s Salt Lake City, Utah, office auditing financial statements for Imergent, Inc., a technology company whose revenue comes primarily from software licensing. Imergent  sells software that allows customers to build their own Websites, and most of the sales went to customers who were given 24-month extended payment term arrangements.

The PCAOB orders against Westguard and Nakao say the two failed to properly challenge Imergent’s practices around recognizing revenue when there was reason to doubt whether the company would fully collect on some of the extended payment plans. Even the firms’ internal concurring review partner questioned the accounting: “I am concerned that some of the company’s recognition conclusions are becoming less plausible,” the internal reviewer wrote in an e-mail message, according to the PCAOB. “Specifically, the company’s ‘bad debt’ experience raises questions.”

Imergent’s accounting ultimately caught the eye of the Securities and Exchange Commission’s Division of Corporation Finance in 2005, prompting the company to restate its 2003 and 2004 financial statements and fire Grant Thornton as its audit firm.

The PCAOB action does not make any findings of wrongdoing against Grant Thornton. The PCAOB’s inspection report regarding Grant Thorton’s 2004 audit work makes no mention of an audit deficiency with circumstances matching the claims against Westguard and Nakao. In that year, the PCAOB performed inspection work at the firm’s national office and 13 of its 49 field offices.

The Public Company Accounting Oversight Board is getting a little more direct about where it is being denied the access necessary to complete international inspections—and resistance seems most pronounced in the European Union and China.

In an effort to be upfront about how far behind the international inspections are falling, the PCAOB said it conducted inspections in only 15 of the 27 countries where it planned to perform overseas inspections in 2009. “Access to information necessary to conduct inspections was, and continues to be, denied in China, Finland, France, Germany, Greece, Ireland, the Netherlands, Norway, Portugal, Sweden, Switzerland, and the United Kingdom,” the PCAOB said in a statement.

So in lieu of publishing inspection reports, the board published a list of 52 firms that are auditing financial statements issued in U.S. capital markets but have not been inspected in at least four years. The board’s rules require that all audit firms performing fewer than 100 audits annually must be inspected at least every three years.

Most of the 52 firms that have not been inspected are affiliates of Big 4 firms Ernst & Young, Deloitte & Touche, KPMG, and PricewaterhouseCoopers. A few are affiliates of second-tier firms Grant Thornton and BDO Seidman. All 52 firms are located in countries of the European Union, China, or Hong Kong.

The PCAOB first indicated it was having trouble getting international inspections completed when it sought an adjustment in the rules regarding when firms were due to be inspected. The board promised it would prioritize its inspection schedule to target firms that audited the greatest amount of market capitalization, but it was unable to reach at least two of the highest priority firms under that criteria in 2009.

The board identified 33 countries where inspections have taken place through 2009 and 28 countries where it wants to perform inspections in 2010. The dozen countries that the PCAOB identified as having restricted access so far are all on the 2010 wish list. Greece and Ireland are the only European Union countries where the PCAOB has completed inspections.

The Securities and Exchange Commission has approved a new auditing standard on engagement quality reviews, clearing the way for the standard to take effect for audits of 2010 financial statements.

Auditing Standard No. 7, Engagement Quality Review, establishes a new, more rigorous approach for audit firms to follow in reviewing their own audit work internally before issuing audit reports. It was developed and adopted by the Public Company Accounting Oversight Board to beef up the traditional “concurring partner” review, which audit firms have long performed internally as a professional practice.

AS 7 will take effect for audits on interim periods and fiscal years beginning on or after Dec. 15, 2009. In approving the new standard, the SEC suggested the PCAOB consider offering some implementation guidance, especially regarding new documentation requirements. The PCAOB said such guidance will be published “in the near future.”

The SEC received only nine comments on the proposed standard, most generally supportive, but a few raising questions about documentation requirements and other details. The SEC said it didn’t find anything inconsistent between the new standard and existing requirements. “However, since several comments were related to this point, we encourage the PCAOB to provide further implementation guidance on the documentation requirement,” the SEC wrote in its adopting release.

The PCAOB’s acting chairman, Daniel Goelzer, said the standard represents an important milestone in the PCAOB’s mandate to improve auditing under Sarbanes-Oxley. “This standard should improve the reliability of audited financial statements by increasing the likelihood that reviewers will identify significant engagement deficiencies before audit reports are issued to the investing public,” he said in a statement.

Martin Baumann, chief auditor for the PCAOB, said a well-performed engagement quality review “can serve as an important safeguard against erroneous or insufficiently supported audit opinions.”

The PCAOB developed the standard because it found in audit firm inspections that firms generally were not performing adequate internal reviews on audit engagements before issuing their audit reports. Reaction to the initial proposal raised concern that prescriptive language would compel audit firms to regard the review process as, in essence, a second audit. The PCAOB revised language through the comment and deliberation process to guard against such a result.

Audit regulators are offering some new tips on how to comply with special new reporting requirements that apply to all audit firms that are registered to audit public company financial statements.

The staff of the Public Company Accounting Oversight Board has published a set of questions and answers on audit firms’ obligations to report certain events to the PCAOB and a second set of Q&As on the process that might lead a firm to become a registered audit firm through a merger or acquisition transaction.

The Q&As arise from new reporting requirements that took effect Dec. 31 for all registered firms, requiring them to report to the board annually with some basic information on the firm’s audit practice and to report specific red-flag events if and when they occur. Annual reports for all registered firms are due by June 30 of each year covering the 12 months prior. The PCAOB said staff Q&As on those “Form 2” annual reporting requirements will be published “at a later date.”

The reporting requirements do not compel audit firms to submit financial statements, a demand investors stated but audit firms resisted through the Treasury Advisory Committee on the Auditing Profession. The PCAOB approved the new requirements in June 2008.

The first Q&A provides an overview of the Form 3 special reporting requirements with a discussion and summary of the events that are required to be reported. Events that might compel a “Form 3” special report to the board include certain audit disputes with clients that should be reported to the Securities and Exchange Commission, a change in the number of audit clients that would change inspection requirements, certain legal or criminal actions, certain disciplinary measures, certain bankruptcy proceedings, and other changes in contact information, legal name, or legal entity.

The Q&A also offers guidance on how to complete and amend the form, how to request confidential treatment for information that is being submitted, and how to navigate the Web-based form. The staff says confidentiality requests will be honored at the outset of reporting until the confidentiality question has been addressed and answered by the board, so Web-based reports will not show information for which a firm has requested confidentiality initially.

The second Q&A focuses on when a firm inherits the status of a registered firm as a result of a merger, acquisition, or other type of business combination. Sometimes firms will need to seek permanent registration, and sometimes not. The Q&A covers the process, the filing deadlines associated with various requirements, how it applies to firms that have had succession events prior to the rules, and how to navigate the Web-based reporting system.

Finally, the board also published a set of Q&As for auditors of non-public broker-dealers regarding their new registration requirements. Sarbanes-Oxley established a requirement for all registered brokers or dealers to file audited financial statements with the SEC, but the SEC initially provided a reprieve from that requirement.

Now that the relief order has expired, the PCAOB is registering and preparing to oversee broker-dealer auditors. The Q&A brings those auditors up-to-speed on the new requirements.

Inspections of non-U.S. audit firms present a “significant risk” to the Public Company Accounting Oversight Board, with a backlog of incomplete inspection reports dating back to 2006 almost certain to embarrass the board if not resolved soon.

That’s the conclusion of a self-assessment of the international inspection program just published by the PCAOB and presented to the Securities and Exchange Commission. Even inspections that are already complete are at risk because of inconsistencies in approach and documentation, the report suggests, should the board ever need to defend the methodology used in completed inspections.

The PCAOB has owned up to problems inspecting audit firms that are registered to do U.S. audit work but are not located inside the United States, citing cultural differences and conflicts between U.S. and other countries’ laws that have become obstacles. The report presented to SEC Chairman Mary Schapiro, however, provides the most candid public account yet of how the board’s own evolving internal processes have created a backlog of unpublished inspection reports for field work performed in 2006, 2007, and 2008.

The report says field work for 143 inspections had been completed through early August 2009, but only 42 reports had been issued. Of the 101 reports not issued, 82 constituted a “backlog” for inspections dating back to 2006.

More than one-third of inspections planned for 2009 had not yet been scheduled, some of them suspended pending the outcome of international negotiations. “Questions had arisen as to the rigor of some international inspections, particularly as concerned documentation, scope, consideration of risk, and reliance on foreign regulators,” the report says.

George Diacont, director of registration and inspections, conceded the program lacked a system of accountability, but also said guidance specifically tailored to international inspections developed at a slower pace than for domestic inspections, contributing to inconsistency.

In his cover letter to Schapiro, PCAOB acting Chairman Daniel Goelzer says 82 inspection reports resulting from field work performed in 2006 through 2008 have been held up in a “retrospective review” of the quality and consistency of the inspections. As a result of the study, the board has made “significant changes” in the way international inspections will be done in the future, said Goelzer.

“The board has recognized the need to increase its focus on the quality control mechanisms of large, global network firms as well as on referred work,” such as work performed by non-U.S. audit firms other than the firm signing the audit report, Goelzer told Schapiro. The board decided to hold up the reports and reassess its non-U.S. inspection program in the face of “revelations of widely reported audit failures outside the U.S., coupled with internal concerns regarding the manner in which international inspections were being performed,” he said.

The board is working on a plan to address the situation, including creating a “national office” structure for the international program, establishing greater staff accountability for international inspection work, and revising the international inspection methodology, said Goelzer.

But the board also needs more resources, he said. The PCAOB recently submitted a 2010 budget request to the SEC proposing a 16-percent increase in large part to increase staffing and technology. The SEC has not yet acted on that request.

While the report concludes that the international inspection program represents a significant risk for the PCAOB, it also notes the full extent of the risk remains a point of debate that the staff is trying to define, “relying, in part, on technology systems still in development.”

Regulators have put accountants on notice that they can’t simply outsource the hardest parts of the financial reporting process and rely blindly on third-party conclusions.

As new fair-value measurement methods are still coalescing, and as volatility and instability have made it difficult to pinpoint market pricing, preparers of financial statements and their auditors are turning to outside specialists to get help on valuing assets and liabilities.

But staff of the Securities and Exchange Commission and the Public Company Accounting and Oversight Board told accountants at a national conference of the American Institute of Certified Public Accountants not to place blind faith in those third-party reports. Management still is expected to understand the assumptions and judgments that go into their financial reports, SEC and PCAOB staff said.

Paul Beswick, deputy chief accountant for the SEC, said the SEC staff has seen instances where individuals have asserted they used judgment but wouldn’t or couldn’t explain their reasoning. While SEC staff says it will respect reasonable judgments, that doesn’t mean they won’t ask preparers to explain their judgments, he said.

“Any standard about judgment would not limit the staff’s necessary and appropriate evaluation of a registrant’s judgment,” Beswick said. Take a careful, good-faith approach that considers all the facts and circumstances, and avoid a checklist approach, he said.

Acknowledging market circumstances that have made it difficult to establish assumptions and estimates, Beswick gave preparers two concise pieces of advice: “do your homework,” and “don’t get cute.” At minimum, a reasoned assumption should include current market data, consideration of what experts in the industry are forecasting, and an evaluation of what others in the industry are doing, among other things, he said.

“If you find yourself rationalizing overly rosy forecasts, making changes to the models or assumptions to achieve a specific result, not being consistent with the objectives of the particular accounting standards, or other things, you might want to take a step back and consider the implications,” he said.

Doug Besch, a professional accounting fellow at the SEC, said the staff hears from auditors that they often struggle to understand assumptions management has used, and especially when management has enlisted outside service providers. “To the extent you can’t provide the auditor with support, you likely have a deficiency in internal control over financial reporting,” he said. “Both the registrant and the auditor would need to evaluate whether a material weakness exists.”

Marty Baumann, chief auditor for the PCAOB, reinforced the SEC’s expectation. “Management has a responsibility for the valuation, and they need to understand the inputs that went into the valuation,” he said. If auditors can’t get comfortable with what management provides, they’re forced to get third-party assistance for themselves, he said.

Evan Sussholz, another professional accounting fellow, offered some ideas on how to develop assumptions from the perspective of a hypothetical market participant, as required by accounting rules under Accounting Standards Codification Topic 820.

Sussholz suggested preparers explore some basic issues that should help guide the process of establishing market participant assumptions, including the potential exit markets for an asset and the asset’s principal or most advantageous market, the highest and best use for the asset, the characteristics of potential market participants, and how they compare with the entity’s own characteristics.

“It is reasonable to anticipate that the staff will continue to inquire about the process employed and judgments made by a reporting entity when developing market participant assumptions,” he said. “we have observed that conversations are generally more productive when a reporting entity has documented how market participant assumptions were developed when performing a fair-value measurement.”

Amid some uncertainty about its own future, the Public Company Accounting Oversight Board approved a five-year strategic plan and an increased budget for 2010 calling for more staff to beef up audit inspections and enforcement.

The PCAOB anticipates a budget of $183.3 million for 2010, a 16-percent increase over the 2009 budget to cover additional staffing in inspections, enforcement, the Chief Auditor’s office, and the Office of Research & Analysis. The board expects overall headcount to reach 636 by the end of 2010 compared with the 576 expected to be on staff at the end of 2009. The budget must be approved by the Securities and Exchange Commission, which oversees the PCAOB. The PCAOB said it will make the budget available publicly after it is approved by the SEC.

“Following a year when investors incurred tremendous losses due to the financial crisis on Wall Street and in the housing markets, investors are looking to regulators, including the PCAOB, for reassurance about the quality of financial reporting in the marketplace and to see that their interests are safeguarded,” said PCAOB member Steve Harris in a prepared statement.

Acting Chairman Dan Goelzer noted the board is dealing with an increasing number of litigated enforcement proceedings, although those proceedings remain private until appeals are exhausted. “The board notes in its strategic plan that the privacy provisions “provide an incentive for respondents to litigate disciplinary actions, which in turn could result in an inefficient use of PCAOB resources and delay important information about disciplinary sanctions.”

The board also notes international inspections are proving more time consuming and complex than anticipated at the PCAOB’s inception. Despite efforts to work with regulatory counterparts in other countries, the board still hits obstacles in completing some required inspections. “If the PCAOB remains unable to inspect certain registered firms, the PCAOB may require additional resources to address firms’ failure to cooperating,” either through disciplinary actions or additional disclosure requirements, the board said.

As the board approves its five-year plan and its 2010 budget, one of the five board seats is vacant and two seats are held by board members whose terms have already expired. The SEC is mulling a replacement for former Chairman Mark Olson, who left in July, and for Charles Niemeier, who has remained after his term expired in October 2008 and has said he wants to leave soon. Bill Gradison also is remaining on the board although his term expired in August 2009.

SEC spokesman John Nester said the selection process is under way, no decisions have been made, and no time line has been established for naming permanent board members.

The PCOAB’s operations remain under challenge as the U.S. Supreme Court prepares to hear arguments in the case of a Nevada audit firm that believes the regulator’s existence and the manner by which board members are selected is unconstitutional. Nester said the case of the Free Enterprise Fund vs. the PCAOB is not a factor in the current selection process.

The board also notes a number of other legislative and regulatory proposals that could alter its operations, including possible revocation of the Sarbanes-Oxley internal control audit requirement for smaller public companies and new requirements to regulate the activities of broker-dealers.

International audit experts are reminding auditors to be careful when relying on third-party confirmations to reach audit conclusions, especially given advances in technology that can make them subject to abuse.

The International Auditing and Assurance Standards Board has published a practice alert that covers some of the emerging practices around audit confirmations. The alert points out areas in international auditing standards that are especially relevant as auditors decide when and how to rely on third-party confirmations.

Confirmations are requests by auditors to third parties to verify information contained in a company’s financial statements. Auditors routinely ask banks to verify account balances, for example, or vendors and customers to verify important transactions.

The Public Company Accounting Oversight Board is studying the confirmation process as well and looking for ideas on how it should write a new standard for when and how auditors should rely on them. The PCAOB has published a concept release outlining its concerns and asking for input on how a new standard might address the use of confirmations as part of the audit process.

The IAASB in its practice alert and the PCAOB in its concept release both point out that confirmations can be tricky for auditors when a third party doesn’t respond to a request for information or when the communication is trafficked over a medium that can be manipulated, such as e-mail or facsimile. The boards also note concerns over how auditors should handle restrictions or disclaimers that often are tacked on when third parties respond to confirmation requests.

The IAASB alert reminds auditors to refer to audit standards and exercise plenty of professional skepticism when deciding how much faith to place in a given confirmation. The PCAOB is finished accepting comments on the concept release and is continuing to consider whether to change current standards to change the definition of a confirmation, the requirements around using confirmations, the design of confirmation requests, controls over confirmation and a variety of other issues.