Thursday, April 19, 2018

PLI panelists discuss audit committee responsibilities

By Amanda Maine, J.D.

Former PCAOB Member Jeanette Franzel stressed the need for audit committees to be prepared for the new auditor’s reporting model, which was adopted by the Board in June 2017. The auditor’s reporting model and other auditing issues were topics of discussion on a panel at the Practising Law Institute’s recent program on corporate governance issues. The panel, which was moderated by former SEC Corporation Finance Director Alan Beller and Walter Ricciardi of Paul Weiss, also featured SEC Chief Accountant Wesley Bricker and Christine Q. Davine, a former associate chief accountant in Corp Fin and now at Deloitte.

Auditor’s reporting model. The big issue under the new auditor’s reporting model is the requirement to include a discussion of critical audit matters (CAMs) in the audit report, Franzel said. CAMs are matters that have been communicated to the audit committee that are related to accounts or disclosures that are material to the financial statements, and involved especially challenging, subjective, or complex auditor judgment. Although the provisions of the new standard relating to CAMs do not take effect until the audits of fiscal years ending on or after June 30, 2019 for large accelerated filers and for fiscal years ending on or after December 15, 2020 for other filers, audit committees should still be on top of the issue, especially for large accelerated filers, Franzel advised.

According to Franzel, it is important that audit committees for large accelerated filers get involved this year to figure out where the risks are. She also observed that there may be differences of opinion between audit firms and the audit committee about CAMs and addressing these differences early opens a chance for dialogue on the matter. There is also the chance that auditors may end up disclosing CAMs that wouldn’t otherwise be disclosed by the company, and it is advisable to sift through this possibility before it becomes an issue in 2019, according to Franzel.

Franzel also noted that a common deficiency identified by the PCAOB is the auditor’s risk assessment. Audit committees can help ensure that judgments made regarding the CAM requirement are properly aligned with the audit risk assessment, she said.

Davine said that in her experience, audit committees have been very engaged in preparing for the new standard through the use of pilot programs and “dry runs” for CAM disclosures. She said there have been significant time and resources spent in putting out publications to educate clients about the new standard. She also reported that there is an expectation from audit committees that the CAMs cannot just be boilerplate.

Auditor tenure disclosure. Bricker noted that the new standard also requires the auditor's report to disclose the tenure of an auditor; specifically, the year in which the auditor began serving consecutively as the company's auditor. Unlike the delayed implementation for CAM disclosures under the new standard, the auditor tenure disclosure requirement is effective for audits for fiscal years ending on or after December 15, 2017. According to Bricker, the purpose of the auditor tenure requirement is to provide a greater degree of consistency by standardizing the disclosure in the auditor’s report.

Bricker said that, while there has not been conclusive research tying auditor tenure to auditor performance, it is an element that the audit committee can incorporate into its oversight of the auditor’s performance.

Non-GAAP disclosures. Non-GAAP reporting is an important element of communicating with investors, Bricker said, explaining that the SEC has long focused on the integrity of reporting in this area, especially with the issuance of Compliance and Disclosure Interpretations (C&DIs) relating to non-GAAP measures. He emphasized the value of good controls and procedures in non-GAAP disclosures, including how a company would assess changes in its policies for its approach to these disclosures.

Franzel noted that the PCAOB auditor’s reporting model project originally featured questions about the auditor's role regarding other information and company performance measures, including non-GAAP measures. However, this aspect of the auditor’s reporting model is no longer on the board’s standard setting agenda, although it is on the PCAOB’s research agenda, Franzel observed. Even though she doesn’t anticipate seeing standard setting on non-GAAP measures coming from the board anytime soon, audit committees should still talk to audit firms to make sure that the company is following SEC guidance on non-GAAP disclosures, she advised.

Risk management oversight. Beller inquired about how audit committees can fulfill their responsibilities for risk management oversight, including issues like cybersecurity and whistleblowers. Franzel said that audit committees need to think about a number of risks, including economic and political risks, that could wind their way into the financial statements. She also cited natural disaster impacts, low interest rates, and policy developments impacting tax, health care, and financial sector regulation as risks audit committees should take into account.

Regarding cybersecurity, Davine highlighted a recent tool issued by the Center for Audit Quality that provides key questions that board members can use as they discuss cybersecurity risks and disclosures with management and accounting firms. Beller echoed the usefulness of the CAQ’s guidance, stating that every board member should have it in his or her file.

Beller asked about the motivation of whistleblowers, especially in the wake of the Supreme Court’s recent decision in Digital Realty Trust, which held that to be covered under the Dodd-Frank Act’s anti-retaliation provision, whistleblowers must report a securities law violation to the SEC and that simply reporting internally is not sufficient. Ricciardi, who previously served as a deputy director of the SEC’s Division of Enforcement, described a worldwide study conducted by NYU that found that the vast majority of whistleblowers were motivated by frustration that something bad was going on within the company and that they were not really in it for the money; they were just frustrated by hitting a brick wall within the company, he explained.