By Jacquelyn Lumb
The Center for Audit Quality has released a report on the challenges of highly subjective and complex accounting areas which provides recommendations for deterring fraud and enhancing financial reporting. The report was prepared by the Anti-Fraud Collaboration, which includes CAQ, Financial Executives International, the National Association of Corporate Directors, and the Institute of Internal Auditors, whose goal is to promote the deterrence and detection of financial reporting fraud. The report is the result of two workshops that were held after an analysis of the SEC’s accounting and audit enforcement releases (AAERs) that identified failures in internal control over financial reporting.
Workshops. The workshops focused primarily on revenue recognition, loan impairment, and valuation based on the earlier analysis of the SEC’s AAERs. These areas involve significant judgment and estimates, and were areas of stress during the financial crisis. Following their discussions of the accounting policies relating to these subject areas and the related internal controls, the work shop developed a number of recommendations.
First, the accounting policies must adhere to technical accounting guidance. The policies must be understandable to non-accountants. They must be reviewed on a regular basis and the review process should enable companies to identify and monitor changes in activities that may have an impact on accounting. The group recommended that policies be tested in the field prior to implementation, and then be monitored for compliance once they are implemented.
Revenue recognition. Revenue recognition was a particular area of focus. The group concluded that revenue recognition policies should be very detailed given that even small differences in interpretation can have a major impact. Contract terms should be standardized where possible, and should reflect how transactions at the contract level relate to the requirements of GAAP.
Companies should establish clear lines of responsibility and communication among legal, business, and finance. The group found this recommendation to be particularly important in implementing the new revenue recognition standard which goes into effect January 1, 2018, for calendar year-end companies.
ICFR. During the group’s consideration of ICFR, tone at the top emerged as an essential component. The group also recommends a risk-based evaluation to achieve optimum effectiveness and efficiency. The group found that internal controls over unusual and non-routine transactions may be overlooked or given less attention when developing the ICFR regime.
The group concluded that companies must have both preventative and detective controls. A single control at the end of a process cannot typically be relied upon to deter fraud. The group also determined that smaller companies may be at the greatest risk for ICFR deficiencies due to a lack of resources.
Regulators’ focus. Representatives of the SEC’s fraud group, Office of the Chief Accountant, and the PCAOB’s Division of Enforcement and Investigations briefed the workshop members about their activities, including their close cooperation and the benefits of self-reporting possible securities law violations.
During the regulators’ presentations to the group, a PCAOB representative advised that one of its areas of focus is the quality of cross-border audits, particularly those that involve non-U.S. affiliates of the global accounting networks. The PCAOB is concerned that affiliates in some countries do not follow the auditing standards. The quality control procedures at the U.S. firm do not necessarily translate to certain of their foreign affiliates, even at the biggest affiliates of some of the biggest firms.
Another issue on which the PCAOB is focused is the improper alteration of documents. The staff has warned that any alterations in connection with PCAOB inspections or investigations are a mistake, with the sanction for this activity often being worse that a failure to document something in the audit. An SEC staffer added that while SEC investigations are civil in nature, any destruction or alteration of documents could result in a criminal referral to the Justice Department.
Audit committees. The group also had recommendations for audit committees. There should be open lines of communication or ethics hotlines directed to the audit committee. Audit committees should look beyond the routine materials they receive at meetings. For those in industries with highly specialized accounting, audit committees may benefit from external industry specialists. The group also noted that committee refreshment may revitalize members’ engagement in the accounting issues. Enforcement actions against audit committees are uncommon, but the report points out that they are not unprecedented, citing the MusclePharm case in which the committee chair did not take any action although he had reason to know about certain undisclosed perquisite compensation.