Attorneys at one law firm observing compliance with the new audit standard on related-party transactions say they are seeing a “wide range” of approaches.
Some companies are making no changes to their existing processes around how they identify and flag transactions they carry out with entities that have some kind of close tie to the company or its directors or key officers, says a recent alert from law firm Dorsey. Other companies are facing new audit demands to expand their questionnaires to directors and officers and supplement their internal controls around related-party transactions, the firm says.
“The required changes to D&O questionnaires can range from modifying certain definitions in the questionnaire to adding questions that ask directors and officers to provide lists of immediate family members and their affiliations,” wrote Cam Hoang, a partner with the firm, and associate Tom Ryan. “The additions to the internal controls can range from requiring directors and officers to inform the company of changes to their immediate family members and their affiliations to quarterly certifications from each director and officer.”
The Public Company Accounting Oversight Board adopted Auditing Standard. No. 18 to give auditors some new requirements around how they should approach the audit of related-party transactions and other significant unusual transactions, a hot risk area for possible fraud. The PCAOB adopted the standard in 2014 to take effect for audits of fiscal years beginning after Dec. 15, 2014. That makes calendar-year 2015 audits the first annual audit cycle to be subject to the new standard.
Auditors have always operated under rules requiring them to scrutinize related-party arrangements, but some leading audit firms said companies could expect more scrutiny of related-party transactions and other significant unusual transactions under the new standard. The new requirements provide more specificity, auditors said as they geared up last fall to comply with the new rules.
Dorsey is advising companies to be prepared to have more thoughtful discussions with auditors about what procedures are appropriate to their businesses and their risk profiles. “Considerations may include the industry, prior accounting history, existing compliance processes for related-party transactions, and the risk of a material misstatement given the size of the business,” Hoang and Ryan wrote.
At a year-end accounting conference in December, PCAOB member Jay Hanson said during a Q&A sessions he was surprised by the amount of concern being raised about the new standard leading up to implementation. “We at the PCAOB are scratching our heads about that one,” he said. Historical standards already require much of what the new standard contains, he said. “We didn’t get any pushback in the comment process that management needs to identify related parties and related-party transactions.”
The different approaches companies are seeing in implementing the new standard might relate to how particular auditors approached historical requirements. “If you’ve addressed related parties appropriately in the past, it should not be that big of an issue,” said Peter Bible, a partner and chief risk officer at audit firm EisnerAmper. “If you’ve kind of paid it lip service in the past and not really done the right audit procedures around it, it could be a lot of teeth gnashing.”