Client Update July 9, 2015 1 www.debevoise.com Client Update SEC Seeks Input on Potential Changes to Audit Committee Disclosures On July 1, 2015, the SEC issued a concept release requesting comment on a broad range of potential changes to existing SEC audit committee reporting requirements, with a focus on the audit committee’s reporting regarding its oversight of the independent auditor. The release seeks input on three broad categories of questions: audit committee oversight of the auditor; audit committee processes for appointment and retention of the auditor; and qualifications of the auditor and members of the engagement team. The tenor of the release suggests that the SEC may seek to significantly increase the detail required in and frequency of public disclosures by audit committees. The release is available at http://www.sec.gov/rules/concept/2015/33-9862.pdf. OVERVIEW OF THE SEC’S QUESTIONS The release seeks input on 74 questions focused on audit committee disclosure requirements. Audit Committee Oversight of the Auditor Communications with the Auditor PCAOB standards require the auditor to communicate about various topics with the audit committee prior to the issuance of the auditor's report. Currently, the audit committee report must disclose that these communications have taken place, but no substantive detail is required. The release asks whether the SEC should adopt rules requiring disclosure of the audit committee’s consideration of the various matters discussed, which may NEW YORK Matthew E. Kaplan email@example.com Anne C. Meyer firstname.lastname@example.org Paul M. Rodel email@example.com Steven J. Slutzky firstname.lastname@example.org Client Update July 9, 2015 2 www.debevoise.com include “the nature of the audit committee's communications with the auditor related to items such as the auditor's overall audit strategy, timing, significant risks identified, nature and extent of specialized skills used in the audit, planned use of other independent public accounting firms or other persons, planned use of internal audit, basis for determining that the auditor can serve as principal auditor, and results of the audit, among others, and how the audit committee considered these items in in its oversight of the independent auditor." The release addresses the potential effects of expanded disclosures on market participants and asks for feedback on whether expanded disclosure requirements could chill communications between audit committees and auditors. There are questions relating to: the nature or substance of the required communications between the auditor and audit committee; for multilocation audits, how the audit committee considered the scope of the audit, including locations visited by the auditor; and the extent to which additional matters (beyond those required by PCAOB and SEC rules) were discussed with the auditor and what level of detail should be required. Meetings with the Auditor Companies are currently required to disclose the number of audit committee meetings held each year. The release asks whether additional disclosure about audit committee meetings with the auditor would be useful to investors, including whether companies should disclose the frequency of the audit committee's private sessions with the auditor and the topics discussed in these sessions. Internal Quality Review and PCAOB Inspection Reports New York Stock Exchange rules currently require audit committees to obtain a report from the auditor describing the firm's internal quality-control procedures and any material issues raised by the firm's most recent internal quality-control review or peer review. The release asks whether enhanced disclosure should be required on certain related topics, including: the nature of any discussions between the audit committee and the auditor about the report and PCAOB inspection results; and how the audit committee considered the results described in PCAOB inspection reports in overseeing the auditor. Client Update July 9, 2015 3 www.debevoise.com Auditor's Objectivity and Professional Skepticism The release seeks input on the utility of disclosure concerning whether and how the audit committee assesses, promotes and reinforces the auditor’s objectivity and professional skepticism. The release also seeks input on how this disclosure might be provided in practice. Audit Committee Processes for Appointment and Retention of the Auditor The release notes that the audit committee's responsibility to appoint and retain the auditor may involve a range of activities and seeks comment on a number of potential additional disclosure requirements. In particular, the release seeks feedback on potential disclosures relating to: the audit committee's rationale for selecting or retaining the auditor; the audit committee's involvement in approving the auditor's compensation; the nature and extent of non-audit services provided by the auditor and the committee's evaluation of how these services impacted its assessment of the auditor's independence and objectivity; the committee's use of any audit quality indicators in evaluating the auditor; and the committee’s use of any requests for proposal relating to the audit, including the committee’s process in reviewing such proposals and the factors considered in selecting the auditor. In addition, the release asks whether there should be additional disclosures about the shareholder vote to ratify the selection of the auditor, including whether it would be useful for companies to provide disclosure about whether the board of directors has a policy on shareholder ratification and consideration of the voting results. The release also asks whether auditor ratification should continue to be considered a "routine matter" for which brokers may use discretionary voting. Qualifications of the Auditor and Members of the Engagement Team The release seeks input on whether audit committees should be required to make additional disclosure about the qualifications of the auditor and the members of the engagement team. Specifically, the release asks whether disclosure of the names of the engagement partner and other key engagement team members should be required and if other information about the engagement team or other audit participants, such as relevant experience and the length of time individuals have served in their roles, should be disclosed. We note that the issuance of the Client Update July 9, 2015 4 www.debevoise.com release by the SEC coincided with the release by the PCAOB of a supplemental request for comment on rules requiring disclosure of certain audit participants on a new form which would be filed with the PCAOB. Audit Committee Input in Selecting the Engagement Partner The release asks whether, and to what extent, disclosure should be required with respect to the nature and extent of the audit committee's involvement in the selection of the engagement partner. Auditor Tenure The release asks whether the audit committee report should include information about the duration of the auditor's tenure, including items such as whether and if so, how, the audit committee considered tenure in evaluating the auditor's independence or deciding to retain the auditor. The release also asks whether tenure information is more appropriately addressed elsewhere, such as in the auditor's opinion or a filing with the PCAOB. Other Requests for Comment The release asks for input on a number of other topics, including where the audit committee-related disclosures should be made (e.g., in the audit committee report within the proxy statement, in the company’s annual report or posted on the company’s website) and whether it is beneficial to have all of the disclosures in one place. Other inquires, such as whether to require periodic updates to the audit committee disclosures and if so, how often, foreshadow the possibility for more frequent and detailed disclosures. In the final question of the release, the SEC notes that commentators have expressed concern that the audit committee is becoming a catch-all committee for the oversight of risk. To that end, the release asks whether the SEC should consider rule changes that would affect the role and responsibilities of the audit committee, such as those related to qualifications of members of the audit committee or areas for which audit committees should (or should not) be responsible. In addition, the release asks whether the audit committee should disclose its role, if any, in risk governance and areas of oversight such as cyber risk or information technology risk, and if this disclosure would distract from the report’s focus on oversight of the audit function. WHAT COMPANIES SHOULD DO NOW We encourage public companies and their board members to review the release and consider providing comments to the SEC to share their views on whether, Client Update July 9, 2015 5 www.debevoise.com on balance, additional disclosure requirements would promote more effective oversight by the audit committee of the auditor or merely chill the necessary dialogue between the auditor and the audit committee. The comment period on the release will likely close in early September 2015. * * * Please do not hesitate to contact us with any questions.