| 
Transition
in the Office of the Chief Auditor of the PCAOB:
Exclusive
CPA Journal Interviews with Douglas R. Carmichael and Thomas
Ray
By
Mary-Jo Kranacher
A
Changing of the Guard
APRIL 2006 - The Chief Auditor of the Public Company Accounting
Oversight Board (PCAOB) serves as “the primary advisor
to the Board on accounting and auditing matters.”
Douglas
R. Carmichael, PhD, CPA, CFE, the first Chief Auditor and
Director of Professional Standards of the PCAOB, has served
in this capacity since April 2003. His leadership in this
groundbreaking role has provided the foundation upon which
to rebuild the credibility of the auditing profession. His
distinguished career has included the practice of accounting
and auditing, consulting, and teaching. He has also authored
several books and articles and received numerous professional
honors and awards. As of the beginning of the spring 2006
semester, Carmichael returned to his faculty position at
Baruch College, the City University of New York.
Thomas
Ray, CPA, has served as Deputy Chief Auditor of the PCAOB
since June 2003. He was previously a partner of KPMG LLP
in its department of professional practice–assurance,
located in New York City. As chair of the International
Auditing Standards Subcommittee of the AICPA, he has closely
monitored the work of the International Auditing and Assurance
Standards Board (IAASB). He assumed the role of PCAOB Chief
Auditor in late January 2006.
Carmichael
and Ray met separately with Mary-Jo Kranacher, CPA Journal
Editor-in-Chief, on January 19, 2006, just prior to
the official transition. As indicated by their responses
to the following questions, auditors of public companies
can expect unwavering consistency in the PCAOB’s approach
to the issues facing the profession. Christi Harlan, PCAOB
Director of Public Affairs, was also present at these interviews.
Interview
with Douglas R. Carmichael
The
CPA Journal: In your opinion, has the PCAOB achieved what
it set out to do?
Douglas R. Carmichael: Actually, a lot of
work remains to be done. I don’t think the PCAOB’s
job will ever be over, because its mission is to protect
investors and further the public interest in informative,
fair, and independent audit reports, and that’s an
ongoing mission.
I think
the PCAOB has made remarkable strides. When I started, there
were fewer than 40 people here, and now there are over 400.
About half of them are inspectors needed to perform the
centerpiece of PCAOB activities: inspection of the quality
of audits. The PCAOB is also well on its way to accomplishing
its mission in my own area, standards setting. We’ve
had a number of significant accomplishments; but the most
important is that we have built a very talented and dedicated
staff that’s going to continue to function well. I
don’t have the slightest doubt that the quality and
productivity of standards-setting activity will continue
to improve with the capable staff we have.
Standards
Setting
CPAJ:
Since the PCAOB’s rule on Interim Auditing Standards
refers to compliance with GAAS that was in existence on
April 16, 2003, what is the Board’s position on standards
issued by the AICPA after that date?
Carmichael: They are not automatically PCAOB
standards, so the Board will have to evaluate them and decide
whether any change is necessary, and those decisions will
vary. For example, the Auditing Standards Board (ASB) is
considering modifying the audit report to include the responsibilities
of the users of the audit report for financial statements.
The
PCAOB’s jurisdiction is the audit of public companies.
The relationship and liabilities of auditors to the users
of the audit report are spelled out by the securities laws,
and there is no need to spell them out in the audit report.
So that would be one instance where there would be no change.
The
ASB has adopted risk assessment standards that, once they
become effective, will significantly change the auditing
literature. Our standards-setting division is looking at
what changes need to be made to the existing standards to
better capture the new responsibilities that are in the
risk assessment standards.
The
PCAOB will continue to monitor the standards-setting activities
of other organizations, including the AICPA and the international
effort, the IAASB, and evaluate whether those changes should
become part of the PCAOB’s permanent standards.
CPAJ:
Many auditors are concerned that we’re going to have
divergent standards, one set for public companies and one
for private companies. Do you see that happening?
Carmichael: To the extent that there are differences
between the needs of investors in public companies and the
users of financial statements of private companies, there
will have to be differences. But that’s not new. There
have always been aspects of audits of public companies that
were different, and auditors need to follow different standards.
The most obvious example is the independence rules. For
a long time there were significant differences between the
AICPA’s requirements and the SEC’s requirements.
I think
that we are doing a lot to learn what other standards setters
are doing. There’s an auditing forum where we meet
with the GAO and the ASB periodically. The chairman of the
ASB is a prominent observer of our Standing Advisory Group,
and where the project warrants it, our involvement is more
extensive. For example, on the risk assessment project,
we monitored what their task force was doing very closely.
On the other side, the ASB has adopted the use of terms
that are essentially the same as the PCAOB’s, and
its standard on audit documentation is essentially the same.
So where it’s possible to not have differences because
they’re not warranted, every effort is going to be
made to ensure the standards are the same or virtually the
same. Where the requirements for protecting investors in
public companies create the need for a difference, there
will be differences.
CPAJ:
Do you believe that the input process for standards setting
is sufficiently diverse and fairly representative of the
accounting profession and other stakeholders to achieve
the desired outcome of protecting the public interest?
Carmichael: The Standing Advisory Group that
we appointed, I believe, serves that function. It’s
really the first time that auditors, as well as preparers
of financial statements and investors, have been able to
discuss and debate audit policy issues that were formerly
made only by auditors. I think that mechanism provides the
initial discussion that brings the key stakeholders together
to talk about policy issues. The board has the opportunity
to hear them and to benefit from it. Our comment process
is very open, and the fact that we use the Standing Advisory
Group the way we do, to hear from investors, has encouraged
them to comment more on our standards. We received over
800 comments on the proposed rules on independence and tax
services, and a substantial portion of that was from investors.
For the first time, there’s an effective mechanism
for all stakeholders in the process to be involved.
CPAJ:
Do you anticipate that Sarbanes-Oxley section 404 will be
applicable to any firms, other than accelerated filers,
in the foreseeable future?
Carmichael: That’s really the SEC’s
call. They are the ones who are going to have to make that
decision, and I wouldn’t want to predict what they’ll
do.
CPAJ:
With regard to the latest independence rules related to
the prohibition of selling personal tax services to executives
[i.e., “Performance of Other Services”], did
the PCAOB consider the possible effect this might have on
an auditor’s ability to detect fraud?
Carmichael: Yes, I think those issues were
raised. Personally, I am aware of the frauds that have occurred
in the past where if the auditors had known what was in
the personal tax returns of the top managers, it would have
been a tip-off as to the fraud. The unfortunate thing is
that the auditors were providing those tax services and
there was no communication between the tax people and the
audit people, so it really didn’t work that well.
The issue was raised as to whether prohibiting that service
because of mutuality of interest concerns would, in any
way, impede the audit function, and the conclusion was that
it really would not. It is possible that that information,
if it was so important, might be something the auditor would
want to see, but providing personal tax services to company
officers wasn’t necessary to achieve that purpose.
It’s also not sufficient because the officers are
not required to use the auditor for their personal tax services
and might not. So it’s not something that could be
relied upon anyway.
CPAJ:
With regard to the structure of small CPA firms and second-partner
reviews, has the PCAOB considered that this might necessitate
outsourcing at the small-firm level to comply with this
requirement?
Carmichael: Yes, in considering the issue,
the PCAOB has been very aware of, and very interested in,
having as much information as possible on the effect that
a standard in this area would have on small firms. For that
reason, we recently had a panel of people from small firms
come in and talk to the Standing Advisory Group about their
own views and what we refer to as engagement quality review,
formerly known as second-partner review. Registered firms
that were members of the AICPA’s SEC Practice Section
in the past must now have an engagement quality review.
That’s an existing requirement, and many smaller firms,
to meet that requirement, do outsource the function, hire
consultants or another firm to do it. So it’s something
that is happening now, and given the importance of an engagement
quality review, all firms that audit public companies should
meet that requirement. In addition, from what we’ve
been able to learn from the panel and the inspectors who
have done the inspections of smaller firms, it won’t
represent a significant increase in costs.
CPAJ:
Regarding the issue of subsequent events, do you perceive
any discrepancy between the PCAOB’s cutoff time for
an auditor’s responsibility (i.e., through the report
release date) and that of the ASB (i.e., through the end
of fieldwork)?
Carmichael: Audit procedures need to be done
to detect subsequent events. The auditor’s responsibility
wasn’t changed by our standard on audit documentation.
The audit report date should still be the completion of
fieldwork, and my understanding is that the completion of
fieldwork is when the work that is necessary to form an
opinion has been done, not just the mechanical aspect of
when the auditor packs up his or her briefcase and leaves
the client’s premises. So I don’t perceive any
difference.
The
PCAOB’s Ongoing Mission
CPAJ:
How do you believe that the role of the PCAOB will change
in the future? That is, will it continue to promulgate new
and separate standards, or will it primarily interpret GAAS?
Carmichael: Because its mission is protecting
investors, and the needs of the investors in public companies
may well be different from others’, I believe that
the PCAOB will continue to issue standards.
CPAJ:
What, if anything, has been the biggest impediment to achieving
the PCAOB’s mission?
Carmichael: The PCAOB has done an excellent
job of hiring people, but we clearly need more. It’s
the same problem that everyone faces, a human resource problem.
In the current market, there are not enough qualified people.
Also,
the critics of regulation have the ability to be very vocal
and get a lot of visibility, and although it’s important
for the PCAOB to hear what people are saying and pay attention
to it, I hope that our critics, whose sole interest is to
reduce regulation, will not carry the day. Most people recognize
that investors’ interests need active protection and
regulation. I hope that the support for that mission will
be strong and come from all stakeholders.
CPAJ:
How has the level of funding for the PCAOB changed over
the past few years, and has that affected your ability to
get the job done?
Carmichael: The PCAOB’s funding is covered
under the Sarbanes-Oxley Act, and our funding source has
been responsive to a budget that’s necessary to get
the job done. It then goes to the SEC for approval after
they carefully scrutinize it and discuss any issues. Once
the budget is approved by the SEC, it is then allocated
among public companies based on their relative market capitalization.
So there should never be a problem of not having enough
funds, if this process works the way it is supposed to.
CPAJ:
And has it worked so far?
Carmichael: I don’t believe there have
been major problems. Congress deliberately set it up so
they don’t handle the appropriations. They were very
aware of organized CPA firms’ influence on Congress
and deliberately took themselves out of the appropriation
process. Congress
also wanted the PCAOB and FASB to have a source of funding
independent of the accounting profession. Each board sets
its own budget that must be approved by the SEC. Then the
PCAOB bills public companies on behalf of both boards.
CPAJ:
That’s a nice position to be in.
Carmichael: Unless a public company pays the
fee, they cannot get their financial statements audited
and, as a result, they won’t have access to the capital
markets. That’s part of the Act and Congress’s
intent in creating the law.
CPAJ:
What effect will the replacement of the Chairman of the
PCAOB and the Chief Auditor have on the future direction
of the Board?
Carmichael: I don’t think it will have
any effect on the Board’s direction. Personalities
always differ and there are changes that occur, but essentially,
it will be the same. For example, in standards setting,
I wouldn’t anticipate any significant changes because
of the group that we put together and the way it functions.
CPAJ:
During your interview for The CPA Journal [September 2004],
you indicated that you anticipated hiring about 25 staffers
in the standards-setting area and approximately 150 inspectors.
Were you able to recruit and retain those numbers of support
staff to fulfill the PCAOB’s mandates?
Carmichael: The recruiting of inspectors has
gone beyond what I anticipated. There are approximately
200 inspectors today, and that number may increase depending
upon certain issues, such as whether broker-dealers’
auditors need to be inspected. The SEC hasn’t made
a decision in that area yet.
Also,
if a firm audits more than 100 public companies it is inspected
annually; otherwise there’s a three-year rotation.
That can change. The workload associated with that will
change based on how many registered firms there are—registered
firms that do audits for public companies.
So,
in the inspections area, hiring has been very successful.
It’s proved more difficult to find people who want
to work in standards setting because they need to be well
informed about auditing, as well as good writers and impassioned
about auditing standards. All those qualities, in one person,
are difficult to find. At this point we have 12 professional
staff. We hope to hire more, but we’re below what
I set as the goal in my prior interview.
CPAJ:
What specific areas would you identify as having a high
priority for the PCAOB to address in the near term?
Carmichael: At each year-end meeting with
the Standing Advisory Group, there’s a discussion
of the priorities for the next year. The big things are
those standards that are specifically mandated by the Sarbanes-Oxley
Act. Naturally, our continuing work on section 404 responsibilities
of auditors for internal control over financial reporting
will be a priority. Also, on engagement quality review,
the Act specifically says that we should issue a standard
on that matter. In addition, the Standing Advisory Group
has advised us that the subject of the auditor’s responsibility
for fraud detection should be a priority, so a review of
SAS 99, based on inspection results regarding compliance
with that standard, will also be a priority.
CPAJ:
Do you think that fraud will continue to be addressed as
a separate standard, as SAS 99 was, or integrated throughout
all of the standards that the PCAOB looks to put out?
Carmichael: I think it will be a combination.
I think that every standard that the PCAOB develops will
have gone through a process where the implications for fraud
detection are considered, though there may not be anything
explicit in the standard in connection with fraud detection.
However, I think there will probably always be a need for
a separate standard that is the core set of requirements
for fraud detection.
CPAJ:
Do you think that nonprofits, government agencies, or large
firms that are not publicly traded but issue securities
or use public funds will learn any lessons from the PCAOB?
Carmichael: I think there are lessons to be
learned about what they should do, to learn from the experiences
of public companies in general. The importance of corporate
governance, the importance of having, for entities above
a certain size, an independent board, an independent audit
committee, and an anonymous complaint hotline, are all things
that all kinds of entities should consider.
Laying
the Foundation
CPAJ:
What is the best way for our readers to find out more about
the PCAOB and follow its activities?
Carmichael: The PCAOB’s process is a
very open one, but because this is an organization that
was created in the electronic age, the main way of finding
out information is on the PCAOB’s website www.pcaobus.org.
Hard-copy publications are not issued. So some people may
not know what the PCAOB is doing. Many organizations generate
a lot of paper to inform people about what they’re
doing, whereas the PCAOB’s process is entirely electronic.
It
was an affirmative decision of the Board that the operations
would be electronic and that the annual report, which is
required by the Sarbanes-Oxley Act, would be the only publication
produced in hard copy. All of the rules, the standards,
the comment letters, everything is on the website.
CPAJ:
Thank you for sharing your time with us. Is there anything
else you would like to elaborate on?
Carmichael: I’d like to identify what
we’ve accomplished during my time here that will have
a long-range effect on standards setting. The major accomplishment
that I’m most proud of is the effective, dedicated
standards-setting staff that we put together. Among other
things we’ve achieved is an effective working relationship
with other divisions—Inspections, particularly, as
well as the Office of Research and Analysis—to identify
issues that need new standards, work together on the development
of standards, and assess how well existing standards are
being followed. That process is working very well.
One
outcome of that process is the report that we issued on
the implementation of Auditing Standard 2. I hope that before
too long we’ll have another one on the fraud detection
responsibility that will be an important basis for reviewing
SAS 99. We also established a very effective program for
identifying and evaluating academic research that’s
relevant to our standards-setting process. We have a working
relationship with the auditing section of the AAA, and a
number of teams that are synthesizing existing research
and its implications for our most important standards-setting
projects. We’ve put together an effective process
for dealing with emerging issues through staff questions
and answers. Those are accomplishments that will continually
raise the quality of auditing standards.
Interview
with Thomas Ray, CPA
The
CPA Journal: In your opinion, has the PCAOB achieved what
it set out to do?
Thomas Ray: I believe the PCAOB clearly is
making a lot of progress in its stated mission of ensuring
that the audit reports that are issued for public companies
are appropriate and can be relied upon by the investing
public. There has also been progress in helping the auditing
profession to raise its stature, which was significantly
diminished as a result of the accounting and auditing failures
that occurred prior to the Sarbanes-Oxley Act. I certainly
believe that there’s more the PCAOB can do, but we
are making a lot of progress.
Standards
Setting
CPAJ:
Because the PCAOB’s rule
on Interim Auditing Standards refers to compliance with
GAAS that was in existence on April 16, 2003, what is the
Board’s position on standards issued by the AICPA
after that date?
Ray: From a technical and legal perspective,
anything the Auditing Standards Board (ASB) does after that
date does not become a part of the PCAOB’s standards.
For that to happen, the PCAOB would have to undertake rule
making to incorporate any changes that are made to those
standards. The standards that were adopted by the Board
as of April 16, 2003, are the interim standards; however,
the Board does have the ability to amend them. For example,
as part of adopting Auditing Standard 2, on Internal Control
over Financial Reporting, the Board made some consequential
amendments to the interim standards.
Second, the
ASB and other relevant standards setters, including the
International Auditing and Assurance Standards Board (IAASB),
establish new standards and make changes to and update their
existing standards. We look at those new standards and those
changes. We’re very interested in knowing and understanding
what those groups are doing and why. To the extent they
are making improvements to their standards, we also will
consider making similar changes. Of course, we have to fit
the efforts to make those additional changes within the
Board’s other priorities.
CPAJ:
Do you see any downside to the separate standards setting
that may be occurring for audits of publicly traded companies
and private companies?
Ray: I think it certainly does create difficulties
for auditors, particularly those auditors who are involved
in the auditing of both publicly held companies and nonpublic
companies. It would also create some concern for private
companies that have a desire to become public companies.
CPAJ:
Do you think that you’re working closely enough with
the AICPA on issues like that, to reduce the differences
in the standards as much as possible?
Ray: There are a couple of ways in which we’re
trying to address this concern. One is through what we call
the U.S. Auditing Standards Coordinating Forum. It’s
a group composed of the U.S. Government Accountability Office’s
(GAO) David Walker; John Fogerty, the chairman of the ASB;
the PCAOB’s chairman; and other representatives from
our three organizations. We usually meet three times per
year. We use this as a means to discuss our current projects
and current issues, and exchange our views on those matters.
This encourages an open and continuing dialogue among all
three U.S. auditing standards setters and helps us to avoid
unnecessary differences in our standards.
Another means
we use—and this is a significant activity of the Office
of the Chief Auditor on behalf of the PCAOB—is serving
as an observer to the IAASB. We were invited by the IAASB
to sit at the table with them, as an observer with speaking
rights. We have been attending all of the meetings of the
IAASB for the past two years, which has given us an opportunity
to debate the issues with IAASB members to make sure they
understand our perspectives on the standards that they are
developing. At the same time, it exposes us directly to
their thoughts and views on those same issues, so we have
a better understanding of their views as we undertake our
own standards setting.
CPAJ:
During your meetings, have you identified specific areas
where there may be significant differences between the different
auditing standards-setting bodies?
Ray: As with any deliberative body, you never
get unanimity of views. As one example, we came out with
Auditing Standard 3 on Audit Documentation a couple of years
ago. Very shortly thereafter, the IAASB decided to undertake
a standards-setting project to update their audit documentation
standard, and they came out with a proposed standard that
was very similar to the PCAOB’s standard. They went
through their process and ultimately ended up with a standard
that is largely consistent with Auditing Standard 3, although
there are some differences. Some differences are reflective
of the different environment associated with auditing U.S.
public companies as compared to certain auditor situations
that the IAASB has to deal with. But more important, there
are many similarities. The U.S. ASB, shortly thereafter,
also undertook a project to update their standard on audit
documentation, and they’ve issued a standard that
is also very close to Auditing Standard 3. So from my point
of view, it’s a success story.
CPAJ:
Do you believe that the input process for standards setting
is sufficiently diverse and fairly representative of the
accounting profession and other stakeholders, to achieve
the desired outcome of protecting the public interest?
Ray: Yes. I think one of the successes of
this organization is that we have been able to effectively
bring to the table some voices that were not as loud in
the past, and we expanded the process undertaken by the
profession. I think that audit standards setting is something
that auditors love, but for others it’s more difficult
to become engaged in the process. The
PCAOB’s stature and standing has enabled it to bring
to the table people who represent investors, as well as
actively engage interested parties from public companies.
For example, our Standing Advisory Group (SAG), which meets
three times per year, is composed of representatives from
all three major groups—auditors, public companies,
and investors—that are affected by our standards.
So I think it’s been very successful. We help those
SAG members who aren’t as knowledgeable of auditing
standards to participate fully in the SAG process by developing
briefing papers to give them a better understanding of,
and appreciation for, the various issues on which we are
seeking their advice.
CPAJ:
With regard to the latest independence rules related to
the prohibition of selling personal tax services to executives
[i.e., “Performance of Other Services”], did
the PCAOB consider the possible effect this might have on
an auditor’s ability to detect fraud?
Ray: That’s an interesting question.
Certainly, understanding the activities of the senior officers
of a corporation is something that I believe auditors do
as part of the audit of financial statements. But the fact
that auditors are not providing tax services to those individuals
would not necessarily prohibit them from performing procedures
to be able to understand, to the extent necessary, what
kind of activities those individuals are involved in.
CPAJ:
Joseph T. Wells, the founder and chairman of the Association
of Certified Fraud Examiners (ACFE), has for some time pressed
for “executive transparency,” a policy that
would allow the personal finances of executives of public
companies to be open to the auditors. This would provide
a deterrent effect and also assist in detecting fraud, if
it has occurred. Some organizations include a specific “right
to audit” clause in their contracts with other organizations
to assist in the detection of corruption. Executive transparency
could serve a similar purpose.
With
regard to the structure of small CPA firms and second partner
reviews, has the PCAOB considered that this might necessitate
outsourcing at the small-firm level to comply with this
requirement?
Ray:
The staff is in the process of developing a proposal for
second-partner reviews for our Board to consider. We certainly
are focused on how smaller firms would be able to comply
with a new standard or requirement. It is too early in our
process for me to speak definitively about how we would
expect smaller firms to be able to comply with a new standard,
but I would expect there to be various ways in which they
would be able to do so. But it certainly is a point that
we are well aware of.
Generally, my
view on second-partner reviews is that it is a very important
part of auditing financial statements. Therefore, my approach
would be that the standard we propose to the Board would
be a requirement for all firms, regardless of firm size.
More important, we want to come out with a standard that
is reasonable and can be implemented by the smallest firms
that are auditing public companies.
CPAJ:
Has there been much solicitation of feedback from the small
firms with regard to this issue?
Ray: We had a discussion at our October 2005
meeting of the Standing Advisory Group (SAG) about “engagement
quality” review, which is, we believe, more descriptive
terminology than “second partner” or “concurring
partner” review, the more commonly used terms today.
We specifically sought some additional input on small-firm
issues at the SAG meeting. We invited representatives from
three smaller CPA firms that audit public companies to address
the SAG, and we asked them a series of questions and they
engaged in a helpful dialogue with the SAG. We, of course,
would solicit public comment in connection with any proposed
new standard.
CPAJ:
What control procedures are in place to ensure the quality
of the work of PCAOB inspectors? Who’s watching over
the people who are watching over everyone else?
Ray: Although Inspections is outside my area
of responsibility, I can comment generally about how the
organization works. The Chief Auditor’s office works
very closely with our Inspections group. For example, Inspections
is in the process of developing their approach for inspecting
the implementation of Auditing Standard 2, on Internal Controls.
We will be working very closely with the Inspections leadership
in developing this approach so that the inspectors are looking
at the areas that everyone agrees are most important. This
will also ensure that the inspectors have the proper perspective
as they’re looking for compliance with, and implementation
of, Auditing Standard 2. So the Office of the Chief Auditor
is very active in advance of the inspections process.
Our inspectors
also have a lot of experience and a great deal of knowledge
and skill as auditors. The senior-level Inspections staff
has a average of 23 years experience in auditing. The remaining
Inspections staff members have an average of approximately
12 years of auditing experience. Therefore, the inspectors
are capable of making judgment calls as they go through
the inspection process. But they do occasionally run into
situations in which they would like to seek additional advice.
We have a good, open relationship with Inspections—we
just get on the phone, or walk down the hall, and they talk
to us about issues as they arise and seek our advice and
input. Then, of course, as inspections are being finalized,
the Office of the Chief Auditor, and others in our organization,
are involved in reviewing the inspection reports.
CPAJ:
I assume that some quality-control procedures are in place
to oversee the inspections themselves?
Christi Harlan: Inspections has had one review
by our Internal Oversight and Performance Assurance (IOPA)
division, which fulfills a function similar to that of an
inspector general, and that report is on our website (www.pcaobus.org).
They were reviewed last year.
CPAJ:
Regarding the issue of subsequent events, do you perceive
any discrepancy between the PCAOB’s cutoff time for
an auditor’s responsibility (i.e., through the report
release date) and that of the ASB (i.e., through the end
of fieldwork)?
Ray: The auditing standards on subsequent
events are the same right now. Basically, the PCAOB’s
interim standard is the same as the ASB standard in this
area. I think the difference comes into play because we’re
dealing with public companies, which have certain additional
responsibilities imposed on them by the securities laws,
as compared to private companies, which do not. Particularly
in circumstances in which the financial statements are incorporated
into an open registration statement, auditors have a responsibility
to update their subsequent events procedures through the
date of that registration statement or the date of the filing.
So the difference arises as a result of the nature of the
company that’s being audited, rather than the standards
that the auditors are applying in those circumstances.
The
PCAOB’s Ongoing Mission
CPAJ:
How do you believe that the role of the PCAOB will change
in the future? That is, will it continue to promulgate new
and separate standards, or will it primarily interpret GAAS?
Ray: When the Board adopted the standards
of the AICPA as its interim standards, it committed to a
process of reviewing those interim standards and adopting
and amending them, as they saw appropriate. That will continue
to be a near-term focus for us. We have a very extensive
list of priorities at this point, some of which include
a review of certain interim standards—for example,
fraud, related parties, certain reporting standards.
Also,
recently, the ASB and IAASB both adopted what they refer
to as the risk assessment standards. It’s a suite
of the core auditing standards. I believe they made some
improvements to those standards that the PCAOB needs to
carefully consider and incorporate into its permanent standards,
as appropriate. The staff is actively looking at that suite
of standards, and part of that process is to study and evaluate
what those two other standards-setting organizations have
done.
CPAJ:
Do you think that there will be additional standards issued
by the PCAOB?
Ray: Certainly there will be. Just take, for
example, our rule making last year related to auditor independence
and the provision of tax services. That was an issue that
the Board didn’t have on its initial agenda. It was
something that arose after the Board was established and
determined to be a priority for rule making. So the Board
will undertake rule making or standards setting, when appropriate,
to respond to current conditions.
CPAJ:
How has the level of funding changed over the past few years
for the PCAOB, and has that affected its ability to get
the job done?
Ray: Just speaking from the perspective of
the Office of the Chief Auditor, we have been able to obtain
the funds that we need to do the job that we think we need
to do. I would like to get some additional people for my
staff, but we haven’t been constrained by the budget
on that point. The constraint has been in attracting the
right kind of people to come work for the organization.
I believe I have the support of the Board to increase the
size of our office, and I haven’t seen funding as
being an issue.
CPAJ:
Is there a particular segment of support staff that you’re
looking to increase? For example, standards-setters or inspectors?
Ray: I’m just speaking on behalf of
standards setting. We currently have 12 CPAs on staff, including
Doug Carmichael and myself, and I would like to increase
that by four to six people this year, if possible.
CPAJ:
What effect will the replacement of the Chairman of the
PCAOB and the Chief Auditor have on the future direction
of the Board?
Ray: Bill McDonough and Doug Carmichael both
were ideal choices to be the first chairman and the first
chief auditor, respectively, of the PCAOB. I think their
leadership will have a lasting effect on the organization.
Of course, we have yet to see who our new permanent chairman
will be and what kind of impact he or she will have, but
we’ve built up a very substantial organization. We
have a lot of momentum. I don’t expect to make enormous
changes in the direction that the Office of the Chief Auditor
is going, so I think you’ll see consistency in the
advice that we provide to our Board.
Building
on the Foundation
CPAJ:
How do you anticipate that your time and resources will
be spent in the near future?
Ray: The PCAOB has focused a considerable
amount of its attention on the effective and efficient implementation
of section 404 of Sarbanes-Oxley. That’s a very important
goal of the Board and the Office of the Chief Auditor: to
make sure that 404 is effectively and efficiently implemented.
I expect that we will continue to focus our time and effort
to achieve that goal. So in the near term we’ll certainly
be focused on section 404. We also have a lot of other priorities
that we need to address.
Certain
things are included in Sarbanes-Oxley, besides 404, that
the Board needs to address. We’ve already discussed
second-partner review. The Sarbanes-Oxley Act specifically
requires the Board to adopt into its auditing standards
a standard on second-partner review, so we need to accomplish
that. The Act also changed the relationship between the
auditor and the audit committee, and it established certain
additional matters for the auditor to communicate to the
audit committee. So we believe it’s appropriate for
us to revisit and update the interim standard on audit committee
communications, to both reflect the change in relationship
and update the requirements. The auditors will then have
one place to look to ensure that they are complying with
all of the communication requirements.
CPAJ:
What specific areas would you identify as having a high
priority for the PCAOB to address in the near term?
Ray: I’ve mentioned a couple of them.
Another one that we hear a lot about, particularly from
investors, is that the Board needs to focus on the auditor’s
responsibility for fraud detection in financial statement
audits. Right now, the staff is conducting a focused analysis
on the results of our 2004–2005 inspections of the
largest firms and their implementation of SAS 99, which
is the Board’s interim standard on the auditor’s
responsibility for the consideration of fraud in financial
statement audits. We’re evaluating what we’ve
learned in the inspection process over the last two years,
and we will use that information, among other sources, in
our process of reviewing that interim standard. So we do
have, as part of our 2006 standards-setting activities,
fraud and SAS 99.
CPAJ:
Do you anticipate addressing fraud separately or as part
of the standards that you consider? That is, do you think
that it will insinuate itself throughout all the standards,
or work as a separate standard?
Ray: I think that over the longer term it
will become more and more integrated with other standards.
It’s certainly something that I believe is a natural
development. The auditor’s responsibility is to obtain
reasonable assurance that the financial statements are free
of material misstatement, whether caused by error or fraud.
So that’s a fundamental and important responsibility
on the part of the auditor.
I don’t
think it’s wrong the way the profession has approached
fraud in recent history, by having a separate focus on fraud,
because it is such an important area. The characteristics
of fraud itself justify the enhanced visibility of a separate
fraud standard. But I think, over time, we can expect that
standard will become more fully integrated with the risk
assessment standards and the response to those risks. In
considering the risk assessment suite of standards, we will
be thinking about how fraud relates to each of those particular
standards and make certain that we write the standards in
such a way that it is clear how the fraud standard relates
fundamentally to the financial statement audit.
CPAJ:
I’m sure you know that the perception of detection
may deter fraud, and that preventing fraud from occurring
in the first place is a lot easier than detecting it and
cleaning up the mess afterwards. This is probably one of
the strongest arguments for executive transparency—to
increase the perception of detection.
Ray: I think that’s right, and clearly
the auditor’s responsibility is one of detection,
but I absolutely do believe that a good audit also has a
very strong deterrent effect. If companies know that auditors
are looking for fraud and looking for it in a systematic
way, then they’re less likely to try to commit fraud.
CPAJ:
Do you think the PCAOB presents any lessons to be learned
from the PCAOB by nonprofits, government agencies, or large
firms that are not publicly traded but issue securities
or use public funds?
Ray: I think you raise a very interesting
point, which is that it’s not just public companies
that are “public interest” entities. Many other
organizations tap public sources of funding and financing,
and large not-for-profit corporations, as you mention, are
one example. Nothing about our standards setting would prohibit
anyone from looking to our standards if they think they’re
appropriate to apply in their circumstance.
CPAJ:
Thank you for sharing your time with us. Are there any other
thoughts or recommendations that you would like to share
with our members?
Ray: One of the things that has been confirmed
over the past several years is that investors and other
financial-statement users place a lot of value on reliable
financial reporting, and that they rely on and value good
financial-statement audits. Auditing is an honorable profession,
and I am delighted at this point in my professional career
to be able to contribute to the strengthening of the profession.
It has been a pleasure to speak with you.
|