As the audit firms’ watchdog, the Public Company Accounting Oversight Board is required to release publicly what it finds during its inspections process. But how much to reveal?
The sometimes conflicting demands of effective correction of auditor missteps and the public’s right to know creates a “double-edged sword” for the oversight board, according to Susan Lister, national director of audit policy at one of the largest auditors, BDO Seidman. Under the Sarbanes-Oxley Act, the names of the auditors’ clients must remain confidential, leaving the PCAOB to strip their public reports of any identifying information. At the same time, this leaves the organization open to criticism about its own lack of transparency.
For an article about what is and isn’t shared in the PCAOB’s inspections reports, particularly of the Big Four, board member Charles Niemeier responded to CFO.com’s questions by E-mail. His remarks amount to a rare inside look at the oversight board’s inspections process.
What can the 2005 inspections reports on the Big Four tell us about the audit firms? Are they performing well, or do they have a lot of work to do to improve?
The reports are not designed or intended to rate firms according to a scorecard. Rather, they are intended to focus firms on areas where they can improve. That said, after several years of watching changes and developments in auditing practices, I feel comfortable saying the firms have come a long way in identifying and addressing risks to their audit quality, as a part of our inspections as well as on their own. They can still improve further, and in any event need to remain vigilant against new risks. But I will also repeat what I and others have said since the PCAOB began its annual reviews, which is that each of the firms is capable of the highest-quality auditing.
Accounting experts have said the PCAOB inspections reports are useful as learning tools for audit firms, but they don’t seem to be as useful for the public — meaning that at first glance, they seem to render negative judgments. What’s your response to that criticism? For example, the 2003 reports helped to put the findings in context by clarifying they should not be used as “balanced report cards” or “ratings tools” — have you thought about putting that language back in later reports?
The primary purpose of PCAOB inspections reports is to further the dialogue between the board and the firm about areas where the firm can improve its auditing. The board explained this principle in its first-ever inspections reports in connection with its 2003 inspections, and it remains applicable to subsequent inspections reports. It’s an interesting suggestion to consider repeating that explanation on a year-to-year basis.
What is the true intention of releasing the reports publicly (besides it being a requirement)? It seems natural that people want to read them to grab a takeaway about their firms’ performance. Should they not use the reports that way? Why not?
The point of releasing reports publicly is to comply with the Sarbanes-Oxley Act’s instruction that the board release portions of its reports “in appropriate detail,” subject to a number of confidentiality restrictions. One of those restrictions prohibits the board from disclosing quality-control defects or criticisms unless the firm fails to remediate those defects or criticisms within one year. This is a powerful incentive for firms to remediate, and reflects a legislative judgment that reports should be used as a tool to drive quality improvements inside firms as opposed to a ratings system for public use.