Audit regulators are teeing up discussions with investors to explore growing criticisms that the regulatory approach around internal controls is out of sync with risk.
The Public Company Accounting Oversight Board will convene its Investor Advisory Group in early September to discuss, among other topics, a call from the U.S. Chamber of Commerce to explore whether the PCAOB’s inspection process is pushing unreasonable demands around internal control over financial reporting. The PCAOB has slotted 75 minutes in its daylong agenda with the IAG on September 9 to discuss the Chamber’s request for a meeting among audit stakeholders.
Tom Quaadman, vice president of the Center for Capital Markets Competitiveness at the Chamber, sent a letter in late May to PCAOB Chairman James Doty and James Schnurr, chief accountant at the Securities and Exchange Commission, to ask for a meeting among audit stakeholders to “address issues impacting internal controls and audits that may erode judgment and impair capital formation.” The letter calls out three major areas of concern: management review controls, a “checklist” or “one-size-fits-all” approach to auditing, and materiality.
The PCAOB has put a heavy focus on internal control auditing through its inspection process, delivering harsh remarks to all major audit firms beginning in 2010 to beef up auditor compliance with Auditing Standard No. 5. That’s the revised standard governing the audit of internal control over financial reporting that arose out of the Sarbanes-Oxley Act in 2002.
As poor inspection results persisted and the PCAOB issued guidance focused on internal controls, auditors have stepped up their testing and their demands for various types of documentation to serve as evidence supporting their audit opinions. In his letter, Quaadman questions whether the PCAOB’s demands on auditors exceed the demands in guidance management is following, such as historical and present COSO frameworks on internal control and the SEC’s interpretive guidance to management.
“Balance is essential, and it is reasonable to expect that companies understand why certain audit activities take place,” the letter says. “It is problematic to expect companies to support apparent excessive compliance activities that are not understood and where the costs clearly exceed the benefits.”
Quaadman says he’s especially concerned about the “apparent retrenchment” on the rationalization of Sarbanes-Oxley Section 404 implementation that occurred when Auditing Standard No. 5 replaced Auditing Standard No. 2, the original standard governing internal control audits. “In the current environment, from a company perspective, principles-based guidance such as the SEC’s guidance for management and COSO, has not been able to withstand the authoritative weight of new interpretations of AS 5 for auditors from the PCAOB inspections and the goal of both audit firms and individual auditors to reduce the risk of inspection findings.”
The PCAOB’s agenda with the IAG also includes discussions on an investor survey, the auditing standard on going concern, PCAOB publications.