“I think the process is well intended, and it is helpful and constructive, but right now it is not producing the kind of results that it should for people who are using the results and trying to understand what this means,” says J. Michael Cook, the former CEO of Deloitte, who chairs four audit committees, including Dow Chemical’s.
Regarding the 2004 inspection reports, which the PCAOB released publicly in the fall of 2005, newspapers widely reported that inspectors had found 19 audit deficiencies out of 76 audit engagements at KPMG. For the 2003 evaluations, which the PCAOB termed “limited inspections,” the regulator looked at “portions of 16 audit engagements” for each firm.
The 2005 Big Four reports are missing those types of facts, which are irrelevant, according to Charles Niemeier, a member of the PCAOB. “In some respects, [the number of engagements] could encourage misleading, superficial comparisons between firms,” he said in written responses to questions submitted by CFO.com. While planning inspections, the PCAOB does not decide beforehand how many audits it will review, and it doesn’t look at any one audit in its entirety, he added.
The board’s 2005 reports did reveal that it reviewed portions of more than 365 audits performed by the nine largest firms. But given the gulf between the Big Four and the next five audit firms, that number leaves observers guessing about the percent of audits reviewed. Ernst & Young, for example, audits more than 2,300 U.S. public companies, while Grant Thornton, considered by some measures to be the sixth-largest audit firm, audits approximately 372.
Furthermore, the PCAOB cautions readers of its reports not to draw any conclusions on a firm’s merits based on the number of reported deficiencies in any given year. The total number of audits performed is a “small portion” of the total number a firm conducts, the PCAOB notes.
The list of audit deficiencies could also throw off the perceived percentage of problems at the Big Four because of how the PCAOB conducts its inspections: rather than randomly selecting a few issuer audits to examine, the PCAOB auditors take a risk-based approach. “They select audits in high-risk industries and look at pieces of an audit that are in the most high-risk areas, like derivatives or revenue recognition or leases, so the target areas are where they’re more likely to find things,” says Bierstaker. The PCAOB chooses which audits to review based on its “assessment of the risk of material misstatements or significant auditing deficiencies, as well as firm-specific risks,” according to its 2005 annual report.
Concentrating on the high-risk areas of individual audits means the PCAOB is more likely able to identify places the auditors should focus on to maintain or improve audit quality, says Niemeier. The board, for example, may decide to look at an audit of an issuer that had several restatements in the previous year.
As a member of the PCAOB’s Advisory Council, Cook has suggested that the board bring back language from the very first reports on the Big Four, which noted that the reports are not intended to be viewed as balanced report cards or even marketing tools. Niemeier says that idea is worth considering.