When audit inspectors head into the field in 2016 to begin inspecting work on 2015 financial statements, they will be looking closely at the audit of internal controls, accounting estimates, and how auditors responded to risks of misstatement.
Those are the key themes that persisted in 2015 inspections of 2014 financial statements, said Helen Munter, director of inspections for the Public Company Accounting Oversight Board, although reports on those inspections are not yet published for companies to scrutinize. “Audit committees might wish to discuss with their auditors the types of audit deficiencies identified in their PCAOB inspections and ask how they are addressing these matters as part of their company’s audit,” she said at a recent national accounting conference on regulatory issues.
With respect to internal controls, one of the hottest areas between auditors in management over the past few years as a result of PCAOB inspection findings, Munter said inspectors saw “some improvement” in 2015 in the nature and extent of audit issues at certain firms. The board’s guidance in Staff Audit Alert No. 11, issued in 2013, remains as relevant as ever, she said. “It is essential that all involved parties -- issuers, audit firms, and regulators -- continue the discussion in 2016,” she said. “There has already been great benefit from opening up these lines of communication.”
Both the number and the significance of inspection findings around auditors’ assessing and responding to risks of misstatement declined in 2015, said Munter, but inspections staff remains concerned. “Assessing and responding to risks of material misstatement are two critical components of an audit,” she said. “Improper application of these standards may result in audit deficiencies that contribute to an unsupported audit opinion.” Another more recent piece of PCAOB guidance, the board’s inspection observations related to compliance with risk standards, also is still relevant, she said.
As for auditing accounting estimates, Munter said inspectors continue to see instances where auditors did not perform any testing on estimates beyond making an inquiry of management. “Inspections staff continued to identify instances in which auditors did not fully understand how estimates were developed or did not sufficiently test the significant inputs and evaluate the significant assumptions used by management,” she said. “Due to the significant audit deficiencies identified, together with changing market conditions, a low interest rate environment, and an increase in merger and acquisition activity, auditors should continue to remain focused on this area.”
Beyond the audit work itself, inspectors also will take into account other conditions that will factor into the decisions about which audits to select for inspection. Those include the appreciation of the U.S. dollar, heavy activity in mergers and acquisitions, the ongoing focus by the Securities and Exchange Commission on companies’ segment disclosures, a new accounting standard on the going concern assessment, and income taxes, especially where companies assert their foreign-based earnings are permanently reinvested overseas.
Inspectors also will expand their focus in the coming year to consider technology risks, especially cyber-security, said Munter. “Both auditors and companies alike see this as an overall business risk, and not just an information technology risk,” she said. “It is important for auditors to consider whether cyber-security risks pose risks of material misstatement.”
Finally, inspectors will be looking for compliance with a new auditing standard taking effect with 2015 year-end audits, Auditing Standard No. 18 on related parties. It requires auditors to take some extra steps to scrutinize a company’s transactions with related parties, significant unusual transactions, and financial relationships and transactions with its executive officers.