Everyone knows you have to fight for your right to party—and starting next year, companies will need to fight harder for their right to related parties, too.

That will be the consequence of Auditing Standard No. 18, Related Parties, adopted by the Public Company Accounting Oversight Board last week. AS 18 directs audit firms to look more carefully at a company’s business transactions with “related parties” (that is, anyone with close ties to senior managers or board directors), to look for signs of fraud. The new package of rules also requires auditors to get tougher on significant unusual transactions and on any financial relationships or transactions with executive officers.

All that means many more questions and demands for evidence will be coming at financial reporting executives, starting with audits and reviews of periodic filings as of Dec. 15, 2014.

Heightened scrutiny of related-party transactions isn’t unwarranted; the history of corporate fraud is filled with misconduct hidden away in precisely such deals. At a PCAOB meeting to adopt the new rules last week, board members cited examples from Enron, Dynegy, Adelphi Communications, and Tyco in the 2000s, plus a string of more recent episodes involving Chinese companies trading on U.S. exchanges.

“Despite past egregious related-party transactions, our inspections division continues to find problems with audit quality in this area,” PCAOB member Steve Harris said. “The new standard contains clear procedures, which should help auditors better identify, evaluate, and respond to the higher-than-normal risk of fraud, material mis-statement and asset misappropriation that [related-party] transactions may present.”

The new standard will require auditors to perform some basic procedures to better identify red flags, to get a better understanding of the business purpose behind such transactions, and to communicate more with audit committees. The new requirements around financial relationships and transactions with executive officers focus on steering the auditor to better understand the incentives in executive compensation that might tempt executives to game the system in their favor.

Historical auditing standards included guidance and examples auditors could consider when reviewing some of these riskier transactions; the new rules establish specific procedures auditors will be required to perform. “Auditors have long had the basic tools to identify and address risks associated with related-party and significant unusual transactions, and many auditors have used them for years,” says Marty Baumann, the PCAOB’s chief auditor. Yet despite existing guidance and persistent discovery of fraud, inspections have found that audit firms use those tools inconsistently.

The new standards draw from the risk assessment standards that the board adopted in 2010, Baumann says. “We think this is the right way to focus auditors’ procedures on risk.”

Phil Wedemeyer, chairman of the audit committee at $1.1 billion Atwood Oceanics and a former Arthur Andersen partner, says he sees the inconsistency that the new standards are meant to target. “There has been a fair amount of variation in practice in the areas covered in this standard, particularly with smaller [audit] firms,” he says. “This standard should give a more consistent approach and likely will impact smaller firm practice more than larger firms.”

Audit firm Freidman has a fairly extensive practice dealing with China-based companies, so its own audit procedures have already moved closer to what the new standards will require, says Neil Ehrenkrantz, a partner with the firm. “We’ve developed questionnaires that we send to related parties, so we’ll start with that,” he says. “We look at minutes, background checks of related parties, conduct interviews. We look at transactions that are outside the normal course of business and are non-recurring to see the size and the timing. We will probably be scanning cash receipts and cash disbursements that contain the names of related parties.” Those procedures and many more will become routine, he says.

Nancy Reimer, a shareholder on the professional liability defense team at law firm LeClairRyan, says the new procedures take audit firms closer to forensic audit practices. “In some ways they are elevating this section of the audit to almost being a fraud audit,” she says. “The skepticism and the procedures a CPA does in a fraud audit are much more involved, because a regular audit is not designed to catch fraud. The PCAOB is really putting this burden on CPAs because obviously they’re concerned in what they’re seeing.”

Relationships and Transactions With Related Parties

Below the PCAOB describes some of the requirements for Auditing Standard No. 18.

Perform specific procedures to obtain an understanding of the company's relationships and transactions with its related parties, including obtaining an understanding of the nature of the relationships and of the terms and business purposes (or the lack thereof) of transactions involving related parties. The new procedures are performed in conjunction with the auditor's risk assessment procedures in Auditing Standard No. 12, Identifying and Assessing Risks of Material Misstatement.

Evaluate whether the company has properly identified its related parties and relationships and transactions with its related parties. In making that evaluation, the auditor performs procedures to test the accuracy and completeness of management’s identification, taking into account information gathered during the audit. If the auditor identifies information that indicates that undisclosed relationships and transactions with a related party might exist, the auditor performs procedures necessary to determine whether undisclosed relationships or transactions with related parties in fact exist.

Perform specific procedures if the auditor determines that a related party or relationship or transaction with a related party previously undisclosed to the auditor exists.

Perform specific procedures regarding each related-party transaction that is either required to be disclosed in the financial statements or determined to be a significant risk.

Communicate to the audit committee the auditor’s evaluation of the company’s (a) identification of, (b) accounting for, and (c) disclosure of its relationships and transactions with related parties, and other related significant matters arising from the audit.


Source: PCAOB.

Enter the Billables

All the new procedures are bound to increase the cost of the audit, a fact the PCAOB concedes (although without quantifying it) in its economic analysis of the new rules. “In general, the board recognizes that imposing new requirements will involve some additional audit effort and related costs, both to audit firms and companies,” the board wrote. Because existing practice includes such variation, quantifying the additional cost is difficult, Wedemeyer says.

Sara Lord, a partner with McGladrey, says the firm still needs to evaluate the new rules internally and determine how the requirements will be integrated into audit methodology. As such, assessing cost is difficult right now.

“There’s definitely going to be a heightened amount of documentation, particularly in the first year,” she says. She suggests companies spend some time in the latter part of this year reviewing the requirements themselves so they will understand what auditors will be doing. “Look at your process around related parties, significant unusual transactions, and executive financial relationships. Look at your controls around that and make sure they are robust and documented.”

Ehrenkrantz agrees that costs are likely to rise. “I would imagine billings are going to go up, but I’m not sure how much,” he says. “Different entities have different related parties, different transactions, and different controls.”

Smaller companies that rely on outside consultants to help them design and implement controls would be wise to pick up the phone and assure that AS 18 is on their radar for this year. “It’s going to be a bit more work in all companies in the audit planning and risk assessment stages to identify all the relationships with shareholders, contractors, executive officers, board members, family members, and the compensation issues. It’s going to be a little more tedious, but in a couple of periods we’ll all get used to it.”