Transition in the Office of the Chief Auditor of the PCAOB:

Transition in the Office of the Chief Auditor of the PCAOB:
Exclusive CPA Journal Interviews with Douglas R. Carmichael and Thomas Ray

By Mary-Jo Kranacher

A Changing of the Guard
APRIL 2006 - The Chief Auditor of the Public Company Accounting Oversight Board (PCAOB) serves as “the primary advisor to the Board on accounting and auditing matters.”

Douglas R. Carmichael, PhD, CPA, CFE, the first Chief Auditor and Director of Professional Standards of the PCAOB, has served in this capacity since April 2003. His leadership in this groundbreaking role has provided the foundation upon which to rebuild the credibility of the auditing profession. His distinguished career has included the practice of accounting and auditing, consulting, and teaching. He has also authored several books and articles and received numerous professional honors and awards. As of the beginning of the spring 2006 semester, Carmichael returned to his faculty position at Baruch College, the City University of New York.

Thomas Ray, CPA, has served as Deputy Chief Auditor of the PCAOB since June 2003. He was previously a partner of KPMG LLP in its department of professional practice–assurance, located in New York City. As chair of the International Auditing Standards Subcommittee of the AICPA, he has closely monitored the work of the International Auditing and Assurance Standards Board (IAASB). He assumed the role of PCAOB Chief Auditor in late January 2006.

Carmichael and Ray met separately with Mary-Jo Kranacher, CPA Journal Editor-in-Chief, on January 19, 2006, just prior to the official transition. As indicated by their responses to the following questions, auditors of public companies can expect unwavering consistency in the PCAOB’s approach to the issues facing the profession. Christi Harlan, PCAOB Director of Public Affairs, was also present at these interviews.

Interview with Douglas R. Carmichael

The CPA Journal: In your opinion, has the PCAOB achieved what it set out to do?
Douglas R. Carmichael: Actually, a lot of work remains to be done. I don’t think the PCAOB’s job will ever be over, because its mission is to protect investors and further the public interest in informative, fair, and independent audit reports, and that’s an ongoing mission.

I think the PCAOB has made remarkable strides. When I started, there were fewer than 40 people here, and now there are over 400. About half of them are inspectors needed to perform the centerpiece of PCAOB activities: inspection of the quality of audits. The PCAOB is also well on its way to accomplishing its mission in my own area, standards setting. We’ve had a number of significant accomplishments; but the most important is that we have built a very talented and dedicated staff that’s going to continue to function well. I don’t have the slightest doubt that the quality and productivity of standards-setting activity will continue to improve with the capable staff we have.

Standards Setting

CPAJ: Since the PCAOB’s rule on Interim Auditing Standards refers to compliance with GAAS that was in existence on April 16, 2003, what is the Board’s position on standards issued by the AICPA after that date?
Carmichael: They are not automatically PCAOB standards, so the Board will have to evaluate them and decide whether any change is necessary, and those decisions will vary. For example, the Auditing Standards Board (ASB) is considering modifying the audit report to include the responsibilities of the users of the audit report for financial statements.

The PCAOB’s jurisdiction is the audit of public companies. The relationship and liabilities of auditors to the users of the audit report are spelled out by the securities laws, and there is no need to spell them out in the audit report. So that would be one instance where there would be no change.

The ASB has adopted risk assessment standards that, once they become effective, will significantly change the auditing literature. Our standards-setting division is looking at what changes need to be made to the existing standards to better capture the new responsibilities that are in the risk assessment standards.

The PCAOB will continue to monitor the standards-setting activities of other organizations, including the AICPA and the international effort, the IAASB, and evaluate whether those changes should become part of the PCAOB’s permanent standards.

CPAJ: Many auditors are concerned that we’re going to have divergent standards, one set for public companies and one for private companies. Do you see that happening?
Carmichael: To the extent that there are differences between the needs of investors in public companies and the users of financial statements of private companies, there will have to be differences. But that’s not new. There have always been aspects of audits of public companies that were different, and auditors need to follow different standards. The most obvious example is the independence rules. For a long time there were significant differences between the AICPA’s requirements and the SEC’s requirements.

I think that we are doing a lot to learn what other standards setters are doing. There’s an auditing forum where we meet with the GAO and the ASB periodically. The chairman of the ASB is a prominent observer of our Standing Advisory Group, and where the project warrants it, our involvement is more extensive. For example, on the risk assessment project, we monitored what their task force was doing very closely. On the other side, the ASB has adopted the use of terms that are essentially the same as the PCAOB’s, and its standard on audit documentation is essentially the same. So where it’s possible to not have differences because they’re not warranted, every effort is going to be made to ensure the standards are the same or virtually the same. Where the requirements for protecting investors in public companies create the need for a difference, there will be differences.

CPAJ: Do you believe that the input process for standards setting is sufficiently diverse and fairly representative of the accounting profession and other stakeholders to achieve the desired outcome of protecting the public interest?
Carmichael: The Standing Advisory Group that we appointed, I believe, serves that function. It’s really the first time that auditors, as well as preparers of financial statements and investors, have been able to discuss and debate audit policy issues that were formerly made only by auditors. I think that mechanism provides the initial discussion that brings the key stakeholders together to talk about policy issues. The board has the opportunity to hear them and to benefit from it. Our comment process is very open, and the fact that we use the Standing Advisory Group the way we do, to hear from investors, has encouraged them to comment more on our standards. We received over 800 comments on the proposed rules on independence and tax services, and a substantial portion of that was from investors. For the first time, there’s an effective mechanism for all stakeholders in the process to be involved.

CPAJ: Do you anticipate that Sarbanes-Oxley section 404 will be applicable to any firms, other than accelerated filers, in the foreseeable future?
Carmichael: That’s really the SEC’s call. They are the ones who are going to have to make that decision, and I wouldn’t want to predict what they’ll do.

CPAJ: With regard to the latest independence rules related to the prohibition of selling personal tax services to executives [i.e., “Performance of Other Services”], did the PCAOB consider the possible effect this might have on an auditor’s ability to detect fraud?
Carmichael: Yes, I think those issues were raised. Personally, I am aware of the frauds that have occurred in the past where if the auditors had known what was in the personal tax returns of the top managers, it would have been a tip-off as to the fraud. The unfortunate thing is that the auditors were providing those tax services and there was no communication between the tax people and the audit people, so it really didn’t work that well. The issue was raised as to whether prohibiting that service because of mutuality of interest concerns would, in any way, impede the audit function, and the conclusion was that it really would not. It is possible that that information, if it was so important, might be something the auditor would want to see, but providing personal tax services to company officers wasn’t necessary to achieve that purpose. It’s also not sufficient because the officers are not required to use the auditor for their personal tax services and might not. So it’s not something that could be relied upon anyway.

CPAJ: With regard to the structure of small CPA firms and second-partner reviews, has the PCAOB considered that this might necessitate outsourcing at the small-firm level to comply with this requirement?
Carmichael: Yes, in considering the issue, the PCAOB has been very aware of, and very interested in, having as much information as possible on the effect that a standard in this area would have on small firms. For that reason, we recently had a panel of people from small firms come in and talk to the Standing Advisory Group about their own views and what we refer to as engagement quality review, formerly known as second-partner review. Registered firms that were members of the AICPA’s SEC Practice Section in the past must now have an engagement quality review. That’s an existing requirement, and many smaller firms, to meet that requirement, do outsource the function, hire consultants or another firm to do it. So it’s something that is happening now, and given the importance of an engagement quality review, all firms that audit public companies should meet that requirement. In addition, from what we’ve been able to learn from the panel and the inspectors who have done the inspections of smaller firms, it won’t represent a significant increase in costs.

CPAJ: Regarding the issue of subsequent events, do you perceive any discrepancy between the PCAOB’s cutoff time for an auditor’s responsibility (i.e., through the report release date) and that of the ASB (i.e., through the end of fieldwork)?
Carmichael: Audit procedures need to be done to detect subsequent events. The auditor’s responsibility wasn’t changed by our standard on audit documentation. The audit report date should still be the completion of fieldwork, and my understanding is that the completion of fieldwork is when the work that is necessary to form an opinion has been done, not just the mechanical aspect of when the auditor packs up his or her briefcase and leaves the client’s premises. So I don’t perceive any difference.

The PCAOB’s Ongoing Mission

CPAJ: How do you believe that the role of the PCAOB will change in the future? That is, will it continue to promulgate new and separate standards, or will it primarily interpret GAAS?
Carmichael: Because its mission is protecting investors, and the needs of the investors in public companies may well be different from others’, I believe that the PCAOB will continue to issue standards.

CPAJ: What, if anything, has been the biggest impediment to achieving the PCAOB’s mission?
Carmichael: The PCAOB has done an excellent job of hiring people, but we clearly need more. It’s the same problem that everyone faces, a human resource problem. In the current market, there are not enough qualified people.

Also, the critics of regulation have the ability to be very vocal and get a lot of visibility, and although it’s important for the PCAOB to hear what people are saying and pay attention to it, I hope that our critics, whose sole interest is to reduce regulation, will not carry the day. Most people recognize that investors’ interests need active protection and regulation. I hope that the support for that mission will be strong and come from all stakeholders.

CPAJ: How has the level of funding for the PCAOB changed over the past few years, and has that affected your ability to get the job done?
Carmichael: The PCAOB’s funding is covered under the Sarbanes-Oxley Act, and our funding source has been responsive to a budget that’s necessary to get the job done. It then goes to the SEC for approval after they carefully scrutinize it and discuss any issues. Once the budget is approved by the SEC, it is then allocated among public companies based on their relative market capitalization. So there should never be a problem of not having enough funds, if this process works the way it is supposed to.

CPAJ: And has it worked so far?
Carmichael: I don’t believe there have been major problems. Congress deliberately set it up so they don’t handle the appropriations. They were very aware of organized CPA firms’ influence on Congress and deliberately took themselves out of the appropriation process. Congress also wanted the PCAOB and FASB to have a source of funding independent of the accounting profession. Each board sets its own budget that must be approved by the SEC. Then the PCAOB bills public companies on behalf of both boards.

CPAJ: That’s a nice position to be in.
Carmichael: Unless a public company pays the fee, they cannot get their financial statements audited and, as a result, they won’t have access to the capital markets. That’s part of the Act and Congress’s intent in creating the law.

CPAJ: What effect will the replacement of the Chairman of the PCAOB and the Chief Auditor have on the future direction of the Board?
Carmichael: I don’t think it will have any effect on the Board’s direction. Personalities always differ and there are changes that occur, but essentially, it will be the same. For example, in standards setting, I wouldn’t anticipate any significant changes because of the group that we put together and the way it functions.

CPAJ: During your interview for The CPA Journal [September 2004], you indicated that you anticipated hiring about 25 staffers in the standards-setting area and approximately 150 inspectors. Were you able to recruit and retain those numbers of support staff to fulfill the PCAOB’s mandates?
Carmichael: The recruiting of inspectors has gone beyond what I anticipated. There are approximately 200 inspectors today, and that number may increase depending upon certain issues, such as whether broker-dealers’ auditors need to be inspected. The SEC hasn’t made a decision in that area yet.

Also, if a firm audits more than 100 public companies it is inspected annually; otherwise there’s a three-year rotation. That can change. The workload associated with that will change based on how many registered firms there are—registered firms that do audits for public companies.

So, in the inspections area, hiring has been very successful. It’s proved more difficult to find people who want to work in standards setting because they need to be well informed about auditing, as well as good writers and impassioned about auditing standards. All those qualities, in one person, are difficult to find. At this point we have 12 professional staff. We hope to hire more, but we’re below what I set as the goal in my prior interview.

CPAJ: What specific areas would you identify as having a high priority for the PCAOB to address in the near term?
Carmichael: At each year-end meeting with the Standing Advisory Group, there’s a discussion of the priorities for the next year. The big things are those standards that are specifically mandated by the Sarbanes-Oxley Act. Naturally, our continuing work on section 404 responsibilities of auditors for internal control over financial reporting will be a priority. Also, on engagement quality review, the Act specifically says that we should issue a standard on that matter. In addition, the Standing Advisory Group has advised us that the subject of the auditor’s responsibility for fraud detection should be a priority, so a review of SAS 99, based on inspection results regarding compliance with that standard, will also be a priority.

CPAJ: Do you think that fraud will continue to be addressed as a separate standard, as SAS 99 was, or integrated throughout all of the standards that the PCAOB looks to put out?
Carmichael: I think it will be a combination. I think that every standard that the PCAOB develops will have gone through a process where the implications for fraud detection are considered, though there may not be anything explicit in the standard in connection with fraud detection. However, I think there will probably always be a need for a separate standard that is the core set of requirements for fraud detection.

CPAJ: Do you think that nonprofits, government agencies, or large firms that are not publicly traded but issue securities or use public funds will learn any lessons from the PCAOB?
Carmichael: I think there are lessons to be learned about what they should do, to learn from the experiences of public companies in general. The importance of corporate governance, the importance of having, for entities above a certain size, an independent board, an independent audit committee, and an anonymous complaint hotline, are all things that all kinds of entities should consider.

Laying the Foundation

CPAJ: What is the best way for our readers to find out more about the PCAOB and follow its activities?
Carmichael: The PCAOB’s process is a very open one, but because this is an organization that was created in the electronic age, the main way of finding out information is on the PCAOB’s website www.pcaobus.org. Hard-copy publications are not issued. So some people may not know what the PCAOB is doing. Many organizations generate a lot of paper to inform people about what they’re doing, whereas the PCAOB’s process is entirely electronic.

It was an affirmative decision of the Board that the operations would be electronic and that the annual report, which is required by the Sarbanes-Oxley Act, would be the only publication produced in hard copy. All of the rules, the standards, the comment letters, everything is on the website.

CPAJ: Thank you for sharing your time with us. Is there anything else you would like to elaborate on?
Carmichael: I’d like to identify what we’ve accomplished during my time here that will have a long-range effect on standards setting. The major accomplishment that I’m most proud of is the effective, dedicated standards-setting staff that we put together. Among other things we’ve achieved is an effective working relationship with other divisions—Inspections, particularly, as well as the Office of Research and Analysis—to identify issues that need new standards, work together on the development of standards, and assess how well existing standards are being followed. That process is working very well.

One outcome of that process is the report that we issued on the implementation of Auditing Standard 2. I hope that before too long we’ll have another one on the fraud detection responsibility that will be an important basis for reviewing SAS 99. We also established a very effective program for identifying and evaluating academic research that’s relevant to our standards-setting process. We have a working relationship with the auditing section of the AAA, and a number of teams that are synthesizing existing research and its implications for our most important standards-setting projects. We’ve put together an effective process for dealing with emerging issues through staff questions and answers. Those are accomplishments that will continually raise the quality of auditing standards.

Interview with Thomas Ray, CPA

The CPA Journal: In your opinion, has the PCAOB achieved what it set out to do?
Thomas Ray: I believe the PCAOB clearly is making a lot of progress in its stated mission of ensuring that the audit reports that are issued for public companies are appropriate and can be relied upon by the investing public. There has also been progress in helping the auditing profession to raise its stature, which was significantly diminished as a result of the accounting and auditing failures that occurred prior to the Sarbanes-Oxley Act. I certainly believe that there’s more the PCAOB can do, but we are making a lot of progress.

Standards Setting

CPAJ: Because the PCAOB’s rule
on Interim Auditing Standards refers to compliance with GAAS that was in existence on April 16, 2003, what is the Board’s position on standards issued by the AICPA after that date?
Ray: From a technical and legal perspective, anything the Auditing Standards Board (ASB) does after that date does not become a part of the PCAOB’s standards. For that to happen, the PCAOB would have to undertake rule making to incorporate any changes that are made to those standards. The standards that were adopted by the Board as of April 16, 2003, are the interim standards; however, the Board does have the ability to amend them. For example, as part of adopting Auditing Standard 2, on Internal Control over Financial Reporting, the Board made some consequential amendments to the interim standards.

Second, the ASB and other relevant standards setters, including the International Auditing and Assurance Standards Board (IAASB), establish new standards and make changes to and update their existing standards. We look at those new standards and those changes. We’re very interested in knowing and understanding what those groups are doing and why. To the extent they are making improvements to their standards, we also will consider making similar changes. Of course, we have to fit the efforts to make those additional changes within the Board’s other priorities.

CPAJ: Do you see any downside to the separate standards setting that may be occurring for audits of publicly traded companies and private companies?
Ray: I think it certainly does create difficulties for auditors, particularly those auditors who are involved in the auditing of both publicly held companies and nonpublic companies. It would also create some concern for private companies that have a desire to become public companies.

CPAJ: Do you think that you’re working closely enough with the AICPA on issues like that, to reduce the differences in the standards as much as possible?
Ray: There are a couple of ways in which we’re trying to address this concern. One is through what we call the U.S. Auditing Standards Coordinating Forum. It’s a group composed of the U.S. Government Accountability Office’s (GAO) David Walker; John Fogerty, the chairman of the ASB; the PCAOB’s chairman; and other representatives from our three organizations. We usually meet three times per year. We use this as a means to discuss our current projects and current issues, and exchange our views on those matters. This encourages an open and continuing dialogue among all three U.S. auditing standards setters and helps us to avoid unnecessary differences in our standards.

Another means we use—and this is a significant activity of the Office of the Chief Auditor on behalf of the PCAOB—is serving as an observer to the IAASB. We were invited by the IAASB to sit at the table with them, as an observer with speaking rights. We have been attending all of the meetings of the IAASB for the past two years, which has given us an opportunity to debate the issues with IAASB members to make sure they understand our perspectives on the standards that they are developing. At the same time, it exposes us directly to their thoughts and views on those same issues, so we have a better understanding of their views as we undertake our own standards setting.

CPAJ: During your meetings, have you identified specific areas where there may be significant differences between the different auditing standards-setting bodies?
Ray: As with any deliberative body, you never get unanimity of views. As one example, we came out with Auditing Standard 3 on Audit Documentation a couple of years ago. Very shortly thereafter, the IAASB decided to undertake a standards-setting project to update their audit documentation standard, and they came out with a proposed standard that was very similar to the PCAOB’s standard. They went through their process and ultimately ended up with a standard that is largely consistent with Auditing Standard 3, although there are some differences. Some differences are reflective of the different environment associated with auditing U.S. public companies as compared to certain auditor situations that the IAASB has to deal with. But more important, there are many similarities. The U.S. ASB, shortly thereafter, also undertook a project to update their standard on audit documentation, and they’ve issued a standard that is also very close to Auditing Standard 3. So from my point of view, it’s a success story.

CPAJ: Do you believe that the input process for standards setting is sufficiently diverse and fairly representative of the accounting profession and other stakeholders, to achieve the desired outcome of protecting the public interest?
Ray: Yes. I think one of the successes of this organization is that we have been able to effectively bring to the table some voices that were not as loud in the past, and we expanded the process undertaken by the profession. I think that audit standards setting is something that auditors love, but for others it’s more difficult to become engaged in the process. The PCAOB’s stature and standing has enabled it to bring to the table people who represent investors, as well as actively engage interested parties from public companies. For example, our Standing Advisory Group (SAG), which meets three times per year, is composed of representatives from all three major groups—auditors, public companies, and investors—that are affected by our standards. So I think it’s been very successful. We help those SAG members who aren’t as knowledgeable of auditing standards to participate fully in the SAG process by developing briefing papers to give them a better understanding of, and appreciation for, the various issues on which we are seeking their advice.

CPAJ: Joseph T. Wells, the founder and chairman of the Association of Certified Fraud Examiners (ACFE), has for some time pressed for “executive transparency,” a policy that would allow the personal finances of executives of public companies to be open to the auditors. This would provide a deterrent effect and also assist in detecting fraud, if it has occurred. Some organizations include a specific “right to audit” clause in their contracts with other organizations to assist in the detection of corruption. Executive transparency could serve a similar purpose.

With regard to the structure of small CPA firms and second partner reviews, has the PCAOB considered that this might necessitate outsourcing at the small-firm level to comply with this requirement?
Ray: The staff is in the process of developing a proposal for second-partner reviews for our Board to consider. We certainly are focused on how smaller firms would be able to comply with a new standard or requirement. It is too early in our process for me to speak definitively about how we would expect smaller firms to be able to comply with a new standard, but I would expect there to be various ways in which they would be able to do so. But it certainly is a point that we are well aware of.

Generally, my view on second-partner reviews is that it is a very important part of auditing financial statements. Therefore, my approach would be that the standard we propose to the Board would be a requirement for all firms, regardless of firm size. More important, we want to come out with a standard that is reasonable and can be implemented by the smallest firms that are auditing public companies.

CPAJ: Has there been much solicitation of feedback from the small firms with regard to this issue?
Ray: We had a discussion at our October 2005 meeting of the Standing Advisory Group (SAG) about “engagement quality” review, which is, we believe, more descriptive terminology than “second partner” or “concurring partner” review, the more commonly used terms today. We specifically sought some additional input on small-firm issues at the SAG meeting. We invited representatives from three smaller CPA firms that audit public companies to address the SAG, and we asked them a series of questions and they engaged in a helpful dialogue with the SAG. We, of course, would solicit public comment in connection with any proposed new standard.

CPAJ: What control procedures are in place to ensure the quality of the work of PCAOB inspectors? Who’s watching over the people who are watching over everyone else?
Ray: Although Inspections is outside my area of responsibility, I can comment generally about how the organization works. The Chief Auditor’s office works very closely with our Inspections group. For example, Inspections is in the process of developing their approach for inspecting the implementation of Auditing Standard 2, on Internal Controls. We will be working very closely with the Inspections leadership in developing this approach so that the inspectors are looking at the areas that everyone agrees are most important. This will also ensure that the inspectors have the proper perspective as they’re looking for compliance with, and implementation of, Auditing Standard 2. So the Office of the Chief Auditor is very active in advance of the inspections process.

Our inspectors also have a lot of experience and a great deal of knowledge and skill as auditors. The senior-level Inspections staff has a average of 23 years experience in auditing. The remaining Inspections staff members have an average of approximately 12 years of auditing experience. Therefore, the inspectors are capable of making judgment calls as they go through the inspection process. But they do occasionally run into situations in which they would like to seek additional advice. We have a good, open relationship with Inspections—we just get on the phone, or walk down the hall, and they talk to us about issues as they arise and seek our advice and input. Then, of course, as inspections are being finalized, the Office of the Chief Auditor, and others in our organization, are involved in reviewing the inspection reports.

CPAJ: I assume that some quality-control procedures are in place to oversee the inspections themselves?
Christi Harlan: Inspections has had one review by our Internal Oversight and Performance Assurance (IOPA) division, which fulfills a function similar to that of an inspector general, and that report is on our website (www.pcaobus.org). They were reviewed last year.

CPAJ: Regarding the issue of subsequent events, do you perceive any discrepancy between the PCAOB’s cutoff time for an auditor’s responsibility (i.e., through the report release date) and that of the ASB (i.e., through the end of fieldwork)?
Ray: The auditing standards on subsequent events are the same right now. Basically, the PCAOB’s interim standard is the same as the ASB standard in this area. I think the difference comes into play because we’re dealing with public companies, which have certain additional responsibilities imposed on them by the securities laws, as compared to private companies, which do not. Particularly in circumstances in which the financial statements are incorporated into an open registration statement, auditors have a responsibility to update their subsequent events procedures through the date of that registration statement or the date of the filing. So the difference arises as a result of the nature of the company that’s being audited, rather than the standards that the auditors are applying in those circumstances.

The PCAOB’s Ongoing Mission

CPAJ: How do you believe that the role of the PCAOB will change in the future? That is, will it continue to promulgate new and separate standards, or will it primarily interpret GAAS?
Ray: When the Board adopted the standards of the AICPA as its interim standards, it committed to a process of reviewing those interim standards and adopting and amending them, as they saw appropriate. That will continue to be a near-term focus for us. We have a very extensive list of priorities at this point, some of which include a review of certain interim standards—for example, fraud, related parties, certain reporting standards.

Also, recently, the ASB and IAASB both adopted what they refer to as the risk assessment standards. It’s a suite of the core auditing standards. I believe they made some improvements to those standards that the PCAOB needs to carefully consider and incorporate into its permanent standards, as appropriate. The staff is actively looking at that suite of standards, and part of that process is to study and evaluate what those two other standards-setting organizations have done.

CPAJ: Do you think that there will be additional standards issued by the PCAOB?
Ray: Certainly there will be. Just take, for example, our rule making last year related to auditor independence and the provision of tax services. That was an issue that the Board didn’t have on its initial agenda. It was something that arose after the Board was established and determined to be a priority for rule making. So the Board will undertake rule making or standards setting, when appropriate, to respond to current conditions.

CPAJ: How has the level of funding changed over the past few years for the PCAOB, and has that affected its ability to get the job done?
Ray: Just speaking from the perspective of the Office of the Chief Auditor, we have been able to obtain the funds that we need to do the job that we think we need to do. I would like to get some additional people for my staff, but we haven’t been constrained by the budget on that point. The constraint has been in attracting the right kind of people to come work for the organization. I believe I have the support of the Board to increase the size of our office, and I haven’t seen funding as being an issue.

CPAJ: Is there a particular segment of support staff that you’re looking to increase? For example, standards-setters or inspectors?
Ray: I’m just speaking on behalf of standards setting. We currently have 12 CPAs on staff, including Doug Carmichael and myself, and I would like to increase that by four to six people this year, if possible.

CPAJ: What effect will the replacement of the Chairman of the PCAOB and the Chief Auditor have on the future direction of the Board?
Ray: Bill McDonough and Doug Carmichael both were ideal choices to be the first chairman and the first chief auditor, respectively, of the PCAOB. I think their leadership will have a lasting effect on the organization. Of course, we have yet to see who our new permanent chairman will be and what kind of impact he or she will have, but we’ve built up a very substantial organization. We have a lot of momentum. I don’t expect to make enormous changes in the direction that the Office of the Chief Auditor is going, so I think you’ll see consistency in the advice that we provide to our Board.

Building on the Foundation

CPAJ: How do you anticipate that your time and resources will be spent in the near future?
Ray: The PCAOB has focused a considerable amount of its attention on the effective and efficient implementation of section 404 of Sarbanes-Oxley. That’s a very important goal of the Board and the Office of the Chief Auditor: to make sure that 404 is effectively and efficiently implemented. I expect that we will continue to focus our time and effort to achieve that goal. So in the near term we’ll certainly be focused on section 404. We also have a lot of other priorities that we need to address.

Certain things are included in Sarbanes-Oxley, besides 404, that the Board needs to address. We’ve already discussed second-partner review. The Sarbanes-Oxley Act specifically requires the Board to adopt into its auditing standards a standard on second-partner review, so we need to accomplish that. The Act also changed the relationship between the auditor and the audit committee, and it established certain additional matters for the auditor to communicate to the audit committee. So we believe it’s appropriate for us to revisit and update the interim standard on audit committee communications, to both reflect the change in relationship and update the requirements. The auditors will then have one place to look to ensure that they are complying with all of the communication requirements.

CPAJ: What specific areas would you identify as having a high priority for the PCAOB to address in the near term?
Ray: I’ve mentioned a couple of them. Another one that we hear a lot about, particularly from investors, is that the Board needs to focus on the auditor’s responsibility for fraud detection in financial statement audits. Right now, the staff is conducting a focused analysis on the results of our 2004–2005 inspections of the largest firms and their implementation of SAS 99, which is the Board’s interim standard on the auditor’s responsibility for the consideration of fraud in financial statement audits. We’re evaluating what we’ve learned in the inspection process over the last two years, and we will use that information, among other sources, in our process of reviewing that interim standard. So we do have, as part of our 2006 standards-setting activities, fraud and SAS 99.

CPAJ: Do you anticipate addressing fraud separately or as part of the standards that you consider? That is, do you think that it will insinuate itself throughout all the standards, or work as a separate standard?
Ray: I think that over the longer term it will become more and more integrated with other standards. It’s certainly something that I believe is a natural development. The auditor’s responsibility is to obtain reasonable assurance that the financial statements are free of material misstatement, whether caused by error or fraud. So that’s a fundamental and important responsibility on the part of the auditor.

I don’t think it’s wrong the way the profession has approached fraud in recent history, by having a separate focus on fraud, because it is such an important area. The characteristics of fraud itself justify the enhanced visibility of a separate fraud standard. But I think, over time, we can expect that standard will become more fully integrated with the risk assessment standards and the response to those risks. In considering the risk assessment suite of standards, we will be thinking about how fraud relates to each of those particular standards and make certain that we write the standards in such a way that it is clear how the fraud standard relates fundamentally to the financial statement audit.

CPAJ: I’m sure you know that the perception of detection may deter fraud, and that preventing fraud from occurring in the first place is a lot easier than detecting it and cleaning up the mess afterwards. This is probably one of the strongest arguments for executive transparency—to increase the perception of detection.
Ray: I think that’s right, and clearly the auditor’s responsibility is one of detection, but I absolutely do believe that a good audit also has a very strong deterrent effect. If companies know that auditors are looking for fraud and looking for it in a systematic way, then they’re less likely to try to commit fraud.

CPAJ: Do you think the PCAOB presents any lessons to be learned from the PCAOB by nonprofits, government agencies, or large firms that are not publicly traded but issue securities or use public funds?
Ray: I think you raise a very interesting point, which is that it’s not just public companies that are “public interest” entities. Many other organizations tap public sources of funding and financing, and large not-for-profit corporations, as you mention, are one example. Nothing about our standards setting would prohibit anyone from looking to our standards if they think they’re appropriate to apply in their circumstance.

CPAJ: Thank you for sharing your time with us. Are there any other thoughts or recommendations that you would like to share with our members?
Ray: One of the things that has been confirmed over the past several years is that investors and other financial-statement users place a lot of value on reliable financial reporting, and that they rely on and value good financial-statement audits. Auditing is an honorable profession, and I am delighted at this point in my professional career to be able to contribute to the strengthening of the profession. It has been a pleasure to speak with you.

Close