Auditors and audit committees should brace themselves for a world of greatly expanded disclosure. The Public Company Accounting Oversight Board (PCAOB) has for several years been vetting proposed standards that would fundamentally change the audit report and the information auditors communicate to their clients’ shareholders. Last week, the Securities and Exchange Commission (SEC) entered the fray by requesting comment on a new regime of audit committee disclosures regarding the audit process. While it will take time to sort out the details, it is clear that audit firms and issuers should be prepared to disclose far more in the future.
The PCAOB Proposal
The standard pass-fail audit report has existed in its current form for decades. On August 13, 2013, the PCAOB proposed sweeping changes to that report in response to what Chairman James Doty characterized as “investors’ calls for more informative, insightful and relevant audit reports.” There were three major proposed changes.
First, auditors would be responsible for determining critical audit matters (CAMs) and disclosing any identified CAMs in a new section of the audit report. The PCAOB defined CAMs as those matters that:
- involved the most difficult, subjective, or complex auditor judgments;
- posed the most difficulty to the auditor in obtaining sufficient appropriate evidence; or
- posed the most difficulty to the auditor in forming the opinion on the financial statements.
The new audit report disclosure would identify each CAM, describe the considerations that led the auditor to determine the matter is a CAM, and reference the relevant financial statement account and disclosures that relate to the CAM.
Second, the proposed standards would require auditors to evaluate “other information” in the issuer’s annual report –– i.e., information other than the audited financial statements –– and determine, based on “relevant evidence obtained … during the audit,” whether the other information contains “material inconsistencies” with amounts or information in financial statements or a material misstatement of fact. The audit report would include a new section describing the auditor’s responsibilities for “other information” and stating whether any material inconsistency or material misstatement was identified. In addition to the new disclosure requirement, the proposed requirement that auditors evaluate other information differs from the current practice of reading and considering other information.
Third, the new proposed audit report would include disclosures relating to the auditor’s responsibilities regarding fraud, the auditor’s independence and registration with the PCAOB and, most controversially, the auditor’s tenure with the issuer.
In the nine months following the release, the PCAOB received almost 250 comment letters on the proposed rules. The PCAOB also convened a public forum to discuss the proposals in April 2014. While comments ran the gamut, some of the recurring criticisms included:
- The CAM standard might require auditors to disclose original issuer information beyond what the issuer itself is required to disclose. Critics contend that the responsibility for disclosure about an issuer should stay with the issuer.
- The CAM standard is not limited to matters material to the financial statements.
- The CAM standard’s requirement that auditors, in some circumstances, disclose original and/or immaterial issuer information might chill an auditor’s communications with issuer management and audit committees.
- Auditors will likely err on the side of inclusion in disclosing CAMs, potentially making the audit report too long to be useful to investors. As stated by the New York State Society of CPAs, “public disclosure of details of critical auditor judgments would not help users make investment or credit decisions or enhance transparency in any meaningful way ... but rather would negate or dilute the pass/fail message and, therefore, diminish the value of an audit report.”
- The requirement to evaluate other information is too vague, generally inconsistent with an auditor’s responsibilities and should be modified to “read and consider.”
- “Other information” in annual reports encompasses subjective information, such as trends, strategy and risks, that is generally beyond an auditor’s traditional role and expertise.
- Both the proposed CAM and “other information” standards would increase (i) the time required to complete an audit, (ii) the costs of an audit, and (iii) litigation risks to audit firms.
- Any disclosure regarding an auditor’s tenure with an issuer is potentially misleading because there is no known link between auditor tenure and audit quality.
The PCAOB has stated it intends to repropose the standards before the end of the year.
The SEC Concept Release
Current Audit Committee Disclosure Requirements
While the PCAOB focuses on expanding the independent auditor’s report, the SEC’s July 1, 2015, concept release relates to disclosures by audit committees –– to be precise, issuer disclosures about their audit committees. Audit committees are required under current rules to make certain disclosures regarding their members and their activities. For example, Item 407 of Reg S-K requires an issuer to disclose in its annual proxy statement:
- confirmation that the audit committee has (i) reviewed and discussed the audited financial statements with management, (ii) discussed with the auditor the matters required by AU 380, (iii) received the required written communication from the auditor regarding independence and has discussed independence with the auditor and (iv) recommended to the Board that the audited financial statements be included in the company’s 10-K;
- names of audit committee members, whether those members are independent and the circumstances surrounding the appointment of any non-independent member;
- whether the audit committee has a charter, and, if so, where it can be accessed; and
- whether there is at least one financial expert serving on the audit committee.
Issuers must also disclose certain information relating to fees paid to the auditor and the nature of any “audit-related” and other non-audit services provided by the auditor. And if an issuer solicits shareholder approval or ratification of the appointment of the auditor, the issuer must disclose certain information about the auditor.
Proposed Additional Disclosures
While the existing rules generally take a “check-the-box” approach to disclosure, the SEC’s concept release contemplates an open-ended, narrative-based disclosure regime. The proposal outlines broad disclosure of how audit committees discharge their responsibilities, and committees would be required to describe, among other things, their procedures and thought processes in something more akin to MD&A (management discussion and analysis). The broad, open-ended disclosures the SEC is considering include:
- information about the actions the audit committee has taken during the year to oversee the auditor and the audit, including how the committee “assesses, promotes, or reinforces the auditor’s objectivity and profession skepticism”;
- “Qualitative disclosures about the nature and timing of the required communications between the audit committee and the auditor”;
- the process the audit committee undertook and the criteria used to assess the auditor and the audit committee’s rationale for selecting or retaining the auditor;
- additional information regarding the nature and extent of non-audit services and an evaluation of how those services relate to the audit committee’s assessment of the auditor’s independence and objectivity;
- the committee’s use and consideration of audit quality indicators in the process for assessing the auditor and determining whether to select or retain the auditor; and
- information considered by the audit committee in providing input on the audit firm’s assignment of the engagement partner.
In addition to these broad topics, the SEC also contemplates disclosure of minute detail, including:
- how frequently the audit committee met with the auditor;
- the “Nature of the audit committee’s communications with the auditor related to items such as the auditor’s overall audit strategy, timing, significant risks identified, nature and extent of specialized skill used in the audit, planned use of other independent public accounting firms or other persons, planned use of internal audit, basis for determining that the auditor can serve as principal auditor, and results of the audit, among others, and how the audit committee considered these items in its oversight of the independent auditor”;
- how the audit committee considered the results described in the PCAOB inspection reports in overseeing the auditor;
- the audit committee’s involvement in evaluating and approving the auditor’s compensation, including how compensation is determined and evaluated;
- the names of the engagement partner and other key members of the audit engagement team, the length of time the individuals have served in that role and any relevant experience;
- the auditor’s tenure and how tenure was considered by the audit committee in retaining the auditor; and
- the names of the firms and other persons involved in the audit, and the extent of their involvement.
The SEC invited comments for 60 days, and there will undoubtedly be many. Concerns are likely to focus on the proposal’s exacerbation of the problem of “disclosure overload” –– a problem the SEC chair has acknowledged. It is also not obvious how many of the additional proposed disclosures would aid any investor in making informed decisions. Critics will also note the potential increased liability risks to issuers and audit committee members given the additional disclosures and the open-ended nature of many of those proposed disclosures. On the topic of identifying the audit engagement partner by name, the PCAOB has been exploring such a disclosure for several years against significant pushback. Indeed, the day before the SEC’s concept release, the PCAOB released for comment a proposed new form naming the engaging partner, which would be filed with the PCAOB. It is unclear why the SEC chose to take on this highly controversial subject along a different path.
For now, we await the PCAOB’s reproposed standards for the auditor’s reporting model and comments on the SEC’s concept release. But the direction is clear; the traditional regime of formulaic auditor and audit committee disclosures may be coming to an end.