A federal law that enables auditors to keep clients in the dark about the audit firms’ quality-control deficiencies for as much as a year leaves public companies open to the risk of financial restatement, audit-committee activists contend.
The statute, Section 104 of the Sarbanes-Oxley Act, says that if the Public Company Accounting Oversight Board (PCAOB) finds during its inspections of auditors issues that need improvement—particularly in the area of quality control—the audit firm has one year from the date of the report to fix them. If they do so within that time frame, the matter stays confidential.
William McDonough, chairman of the PCAOB, praised the statute last summer as an “effective tool” that would help the PCAOB keep auditors honest. “It is a wonderful discipline,” he said at the House Committee on Financial Services hearing. “It is like telling your kid you have to pass school this year.”
At the same time, he noted that he had heard public concern about keeping key parts of the inspection confidential. Under Sarbox, the board is barred for 12 months from making public parts of the report “that deal with criticisms of or potential defects in the quality control systems of the firm under inspection” if the firm mends its ways. PCAOB is, however, required to provide a copy of each report, “in appropriate detail,” to the SEC and certain state regulatory authorities.
To be sure, some of the findings of PCAOB auditor inspections are made public on the regulator’s Web site. But Part II, which addresses internal control deficiencies of the audit firm, isn’t revealed to audit clients.
Fred Lipman, president of the non-profit Association of Audit Committee Members, however, is one of a number of Sarbox critics who believe a client has a right to know if their external auditor is failing in certain areas. He reasons that the nonpublic portion of the PCAOB reports could detail controls deficiencies that could threaten the quality of the client’s audit and potentially lead to a restatement.
That’s why he’s urging corporate directors to ask their companies’ auditors for a copy of the full inspection report. “Many audit committees are naive and do not know that they should be requesting [the reports],” Lipman says.
At the same time, having the entire report could help companies “defuse problems” or even head off a Securities and Exchange Commission (SEC) investigation, Lipman says. At the very least, it could alert audit committee members to accounting practices that need to be altered, not to mention signaling that a change in auditors might be a good idea.
Auditors, however, are under no legal obligation to share the confidential part of the report. Lipman, who is also a partner at Blank Rome LLP, a law firm, says audit committees should negotiate with auditors for a stipulation in the firm’s engagement letter releasing the full report to clients— even if the firm insists that it’s correcting all of its problems.