Auditing Standard (AS) 1215, Audit Documentation

Auditing Standard (AS) 1215 is an “umbrella” standard that provides general requirements for documentation the auditor should prepare and retain in connection with engagements to audit financial statements, audit internal control over financial reporting, and review interim financial information. Specific audit documentation requirements are also set out in other professional standards (for example, AS 2401, Consideration of Fraud in a Financial Statement Audit).

Basic provisions

Audit documentation is the written record of the basis for the auditor’s conclusions that provides support for the auditor’s representations, whether those representations are contained in the auditor’s report or otherwise. The standard requires it to be prepared in sufficient detail to provide a clear understanding of its purpose, source, and conclusions reached.

The guiding principle of AS 1215 is that, with respect to all relevant financial statement assertions, auditors must document the following:

• The procedures that were performed
• The evidence obtained
• Conclusions reached

Documentation must be sufficient to enable an experienced auditor, having no previous connection with the engagement, to understand the procedures, evidence, and conclusions, as well as identify who performed and reviewed the work and the dates (month/day/year) of that performance and review. An experienced auditor is defined in the standard as having “a reasonable understanding of audit activities and has studied the company’s industry as well as the accounting and auditing issues relevant to the industry.”

Audit documentation under AS 1215 is directed to the level of an outside reviewer, and not engagement team members. When preparing and reviewing audit documentation, the auditor needs to remember to document the procedures performed, evidence obtained, and conclusions reached with the perspective of a third-party reviewer in mind. Clear, concise, fully cross-referenced documentation is necessary. As stated in the standard, “audit documentation must clearly demonstrate that the work was in fact performed.” For example, documentation should be in sufficient detail to identify the specific items examined (for example, by invoice number, or by criteria such as “all amounts over $25,000”). Copies of original documents need to be retained only if the specific documents examined will not or are not likely to be retained by the company (for example, a real-time computerized status report of open sales orders), or if retaining copies would facilitate the communication of the procedures performed, evidence obtained, and conclusions reached.

The scope of documentation includes the support for oral presentations to management, such as an oral presentation of the results of a quarterly review, and also includes the support for certain required communications with the audit committee or the board of directors.

Documentation also includes information that demonstrates compliance with independence rules; training and proficiency; and client acceptance and retention.

Documentation content

Significant findings or issues must be documented. Significant issues include the following:

• Selection, application, and consistency of accounting principles and disclosures
• Accounting for complex transactions, estimates, and uncertainties
• Findings that require a change in the planned auditing procedures or a change in the assessed risk for an account or balance
• Audit adjustments
• Disagreements among engagement team members or those consulted regarding significant matters
• Circumstances that cause difficulty in applying auditing procedures
• Matters that could affect the auditor’s report

Documentation includes memoranda, confirmations, correspondence, schedules, audit programs, and representation letters. Copies or abstracts of significant contracts or agreements should be retained in the working papers.

The five factors to consider in determining the nature and extent of documentation are as follows:

1. Nature of the procedure
2. Risk associated with the assertion
3. Extent of judgment involved
4. Significance of the evidence
5. Clarity of the evidence in indicating a conclusion

The standard requires the completion of an engagement completion document for each engagement. Significant issues must be included in this document, as well as issues pertaining to the review of interim financial information.

Reports from specialists on which the auditor relies should be included in the working papers, and should be sufficiently robust (including assumptions, data, and other relevant information) to enable the auditor to carry out responsibilities under AS 1210, Using the Work of a Specialist, or AS 2502, Auditing Fair Value Measurements and Disclosure, as appropriate.

Multilocation engagements

The office issuing the audit report is responsible for ensuring that engagement documentation meets this standard and is retained as required. The documentation must be accessible to or retained by the reporting office. This requirement extends to the work performed by other auditors.

The standard requires that prior to releasing the report, the engagement team in the reporting office must obtain, review, and retain the following documentation for all work at subsidiaries or locations that are material to the financial statements. Other offices (or other firms that are not referred to in the audit report) that are conducting a part of the audit in a different location will also need, at a minimum, to assemble a reporting package containing the following items for the office issuing the report:

• An engagement completion document with cross-referenced supporting documentation
• Any significant fraud risk factors identified, and the auditor’s response to these factors and findings
• Significant issues or findings that are inconsistent or contradictory to the final conclusions
• Findings affecting the consolidation of accounts (for example, intercompany transfers)
• Information necessary to reconcile the financial statements of the location to the consolidated financials
• A schedule of audit adjustments that is clear about the nature and cause of each misstatement
• All significant deficiencies and material weaknesses in internal control over financial reporting, including a clear distinction between these two categories
• Management representation letters
• All matters to be communicated to the audit committee

Retaining documentation

Within 45 days from the date the auditor gives permission to use the firm’s opinion (the report release date), a complete and final set of documentation should be prepared (the documentation completion date). During the 45-day period, documentation can be updated, and superseded documents discarded. The added documentation should include the date, the name of the person adding the information, and reason for adding it. After the documentation completion date, no deletions from the file can be made, but documentation can be added to the file if fully documented as previously described. The measurement date for engagements where a report is not issued is 45 days from the completion of fieldwork or the cessation of work.

The auditor must retain documentation for seven years from the report release date, unless another law or regulation requires a longer retention period.

In addition to the requirements of the standard, other regulators or laws may require the retention of additional documentation and records, such as the SEC. Furthermore, AS 1215 does not negate any of the existing state regulations or rules. For example, in New York, state law states that no changes to an electronic audit file can be made after the 45-day limit. The California statute still contains a “rebuttable presumption” rule that states that, in the absence of written documentation, a procedure supported only by oral representation is presumed to have not been performed.

Both the New York and California documentation regulations extend to all engagements performed in those states, and not just public company audits.

Other auditors

AS 1215 also refers to the required pieces of documentation for multilocation engagements in paragraph .12 of AS 1205, Part of the Audit Performed by Other Independent Auditors, when the auditor does not reference the other auditor in the report. In addition, the document must include all cross-referenced, supporting audit documentation for these items. This documentation must be assembled before the release date and the primary auditor should perform a review of the work in one or more of the following ways:

• Visit the other auditor to discuss the procedures and results.
• Review the audit programs from the other auditor or provide instructions regarding scope.
• Review additional documentation of significant findings or issues.

When another auditor is referenced in the report, the auditor should follow the guidance in AS 1205; the documentation requirements outlined for circumstances in which other auditors are not referenced do not apply.

This standard is available on the PCAOB website at https://pcaobus.org/Standards/Auditing/Pages/ AS1215.aspx.

AS 1220, Engagement Quality Review

AS 1220 requires an engagement quality review and concurring approval of issuance for each audit engagement and each engagement to review financial information conducted in accordance with PCAOB standards. The objective of the engagement quality reviewer is to perform an evaluation of the significant judgments made by the engagement team and the related conclusions reached in forming the overall conclusion on the engagement and in preparing the engagement report, if a report is to be issued, in order to determine whether to provide concurring approval of issuance.

The standard provides a framework for the engagement quality reviewer to objectively evaluate the significant judgments made and related conclusions reached by the engagement team in forming an overall conclusion. Specifically, the reviewer is required to evaluate

• the significant judgments related to engagement planning;
• for an audit, the engagement team’s assessment of, and audit responses to, significant risks, including fraud risks; and
• the significant judgments made about identified misstatements and control deficiencies.

An engagement quality review includes the performance of certain specified procedures; discussions with the engagement partner and other members of the engagement team; and a review of documentation. Specified procedures include the following:

• Reviewing the engagement team’s evaluation of independence in relation to the engagement
• Reviewing the engagement completion document and confirming with the engagement partner that there are no significant unresolved matters
• Reading other information in documents containing financial information to be filed with the SEC, and determining whether the engagement team has appropriately acted upon any material inconsistencies or material misstatements of fact
• Evaluating whether appropriate consultations have taken place, and reviewing the documentation associated with such consultations
• Evaluating whether appropriate communications have been made to the audit committee, management, and regulatory authorities
• For audits, reviewing the financial statements, management’s report on internal control, and the engagement report
• For interim reviews, reviewing the interim financial information; management’s disclosure, if any, about changes in ICFR; and the engagement report, if a report is to be issued

Further, AS 1220 describes the qualifications that any reviewer, whether inside or outside the firm, would be required to meet in order to provide for a high-quality engagement quality review. Accordingly, the standard requires an engagement quality reviewer from within the firm issuing the report to be a partner or another individual in an equivalent position (when the legal structure of the firm is not a partnership). The qualifications for reviewers from outside the firm are consistent with those required for reviewers from inside the firm such that they must meet the competence and other qualification requirements, including a level of knowledge and competence related to accounting, auditing, and financial reporting required to serve as the person who has overall responsibility for the engagement under review.

In addition to the qualifications, the reviewer is required to be independent of the company, perform the review with integrity, and maintain independence. To ensure objectivity, AS 1220 requires a “cooling off” period that prohibits an engagement partner from serving as the engagement quality reviewer for at least two years following the last year as the engagement partner. To address concerns of smaller firms with fewer personnel, the standard exempts firms that qualify for the exemption from the SEC partner rotation requirements from the “cooling off” period under this standard.

Concurring approval of issuance may be provided only when the reviewer is not aware of a significant engagement deficiency after having performed the review required by the standard with due professional care. A significant engagement deficiency exists when (1) for an audit, the engagement team did not obtain sufficient appropriate audit evidence, or, for an interim review, did not perform the necessary procedures, (2) the engagement team reached an inappropriate overall conclusion on the engagement, (3) the engagement report is not appropriate, or (4) the firm is not independent of its client.

Further, the firm may grant permission to the client to use the engagement report (or communicate an engagement conclusion to its client, if no report is issued) only after the engagement quality reviewer provides concurring approval of issuance.

Documentation of the engagement quality review should include identification of the engagement quality reviewer and others who assisted the review, the documents reviewed, and the date of concurring approval of issuance, or if no approval was provided, the reasons for not providing the approval.

AS 1220 can be found at https://pcaobus.org/Standards/Auditing/Pages/AS1220.aspx.

AS 1301, Communications with Audit Committees

AS 1301 provides a definition of audit committee; retains or enhances existing communication requirements; incorporates certain SEC auditor communication requirements to audit committees; and adds communication requirements that generally relate to requirements in other PCAOB standards. It also includes an appendix that identifies other PCAOB standards and rules that require communication with the audit committee to assist auditors in understanding and communicating all specific matters that require communication.

AS 1301 defines an audit committee as a committee (or equivalent body) established by and among the board of directors of a company for the purpose of overseeing the accounting and financial reporting processes of the company and audits of the financial statements of the company; if no such committee exists, then the audit committee is the company’s board of directors. AS 1301 recognizes that some non- issuers, including brokers and dealers, may have governance structures that do not include boards of directors or audit committees. In those cases, the auditor would identify those persons at the non-issuer company who oversee the company’s accounting and financial reporting processes and audits.

AS 1301 strengthens previous auditor communication requirements in the following ways:

• Establishes a mutual understanding with the audit committee regarding the audit engagement terms and requires that this understanding be established specifically with the audit committee. AS 1301 also requires the auditor to record this understanding in a written audit engagement letter, and to have the engagement letter executed by the appropriate party or parties on behalf of the company and determine that the audit committee has acknowledged and agreed to the terms annually.
• Requires the auditor to communicate significant accounting policies and practices to the audit committee; however, the standard acknowledges that such communications may be made by management and if the auditor meets certain conditions, these communications need not be duplicated by the auditor.
• Enhances communications regarding the auditor’s evaluation of the quality of the company’s financial reporting by aligning the communication requirements with the risk assessment standards and incorporating certain SEC communication requirements.
• Requires the auditor to communicate significant unusual transactions and the auditor’s understanding of the business rationale for such transactions.
• Enhances the requirement for the auditor to communicate his or her views regarding significant accounting or auditing matters, when the auditor is aware that management consulted with other accountants about such matters and the auditor has identified a concern regarding these matters.
• Enhances auditor inquiries of the audit committee regarding relevant audit matters, including knowledge of violations or possible violations of laws or regulations.

AS 1301 provides communication requirements that inform the audit committee about significant aspects of the audit. Under AS 1301, the auditor is required to communicate the following:

• An overview of the audit strategy, including timing of the audit, significant risks that the auditor identified, and significant changes to the planned audit strategy or identified risks; however, the standard also cautions the auditor not to compromise the effectiveness of the audit procedures by communicating details about specific audit procedures that might reduce the effectiveness of those procedures.
• Information about the nature and extent of specialized skill or knowledge needed in the audit and the extent of the planned use of internal auditors, company personnel or other third parties, and other independent public accounting firms or other persons not employed by the auditor that are involved in the audit.
• The basis for the auditor’s determination that he or she can serve as principal auditor, if significant parts of the audit will be performed by other auditors.
• Situations in which the auditor identified a concern regarding management’s anticipated application of accounting pronouncements that have been issued but are not yet effective and might have a significant effect on future financial reporting.
• Contentious or difficult matters for which the auditor consulted outside the engagement team.
• The auditor’s evaluation of going concern.
• Departure from the auditor’s standard report. The auditor is required to communicate when the auditor expects to modify the opinion in the auditor’s report or include an explanatory paragraph, the reasons for the modification or explanatory paragraph, and the wording of the modification or explanatory paragraph.
• Other audit matters that are significant to the oversight of the company’s financial reporting process, including complaints or concerns regarding accounting or auditing matters that have come to the auditor’s attention during the audit.

AS 1301 also requires timely communication by the auditor to the audit committee, prior to the issuance of the auditor’s report.

AS 1301 can be found at https://pcaobus.org/Standards/Auditing/Pages/AS1301.aspx.

AS 2201, An Audit of Internal Control over Financial Reporting that is Integrated with an Audit of Financial Statements

AS 2201 is a principles-based standard that is designed to allow auditors to exercise professional judgment in focusing effort on those areas that present the greatest risk of a material misstatement occurring in the financial statements, and in reducing testing in those areas of lowest risk. The standard provides direction on how to scale the audit for a smaller or less complex company or portions thereof. The highlights of AS 2201 are as follows:

• Top-down approach. The standard emphasizes the top-down approach and provides that in certain circumstances, entity-level controls may be sufficient to address the risk of misstatement related to a particular relevant assertion when such entity-level controls operate at a sufficient level of precision.
• Large portion requirement. AS 2201 removed the requirement contained in Auditing Standard No. 2 to test a “large portion based on coverage” concept, and instead incorporates a risk-based assessment of locations and financial statement areas to test.
• Risk assessment. AS 2201 emphasizes the auditor’s assessment of risk and the use of risk assessment in the selection of controls to test. As a result, there is an expanded discussion of the relationship of risk to the evidence necessary to conclude that a given control is effective. Further, there is expanded guidance on the auditor’s assessment of the risk of fraud, including identification and testing of controls to address the risk of material misstatement due to fraud and due to management override.
• Integration with the financial statement audit. The standard directs the auditor to consider the results of substantive audit procedures performed in the financial statement audit when determining the overall risk related to a control; however, controls must be directly tested and effectiveness cannot be inferred solely from the absence of misstatements detected by the auditor in the substantive testing relative to the financial statement audit.
• Revision of certain definitions. The definitions of material weakness and significant deficiency are consistent with those included within the SEC’s rules.
• Clarification of the role of materiality, including interim materiality. AS 2201 clarified that the same materiality is used for assessing ICFR and financial statements and that the role of interim materiality is relevant only to the evaluation of deficiencies and not to determining the scope of the engagement.
• Elimination of the requirement to report on management’s assessment and evaluate management’s process. The auditor is required to obtain an understanding of management’s process as a starting point to understanding the company’s internal control, assessing risk, and determining the extent to which the work of others may be used, but is no longer required to opine on management’s assessment.
• Using the work of others. The standard encourages auditors to use the work of others when that work is of high quality and performed by competent and objective client personnel; however, the extent to which the auditor may use the work of others also depends on the risk associated with the control being tested. As the risk increases, the need for the auditor to perform his or her own work increases.
• Performing walkthroughs. AS 2201 emphasizes the requirement to obtain an understanding of the likely sources of potential material misstatements in determining which controls to test, rather than prescribing the process by which this understanding is obtained. Therefore, AS 2201 does not require walkthroughs, but states that walkthroughs will frequently be the most effective way of achieving some of the specific objectives of the standard. The standard states that due to the degree of judgment involved in achieving the objectives, these procedures would ordinarily be performed by the auditor, but permits auditors to supervise the work of others who may provide direct assistance in this regard.
• Scalability. AS 2201 provides scalability considerations for entities of varying sizes and complexities. The standard recognizes that even large complex companies may have noncomplex components and, as a result, this concept applies to all entities.

The standard is available on the PCAOB website at https://pcaobus.org/Standards/Auditing/Pages/AS2201.aspx.

AS 2201—Related rule and conforming amendment

• PCAOB Rule 3525, Audit Committee Pre-approval of Non-Audit Services Related to Internal Control Over Financial Reporting. Requires the auditor to provide both written and oral communications of the scope of the work to be performed and documentation of the substance of the auditor’s discussion with the audit committee regarding internal control-related non-audit services. See the following section regarding rules and amendments for further discussion of Rule 3525.
• Dating of the Independent Auditor’s Report. Also, in association with AS 2201, the board amended the existing requirement on dating the auditor’s report. Previously, the auditor’s report was dated generally at “the date of completion of the fieldwork.” Now the auditor’s report should be dated “no earlier than the date on which the auditor has obtained sufficient competent evidence to support the auditor’s opinion.” In Release 2006-007, the PCAOB explained that “[t]his proposed change is consistent with changes adopted by both the International Auditing and Assurance Standards Board (IAASB) and the AICPA Auditing Standards Board (ASB) and more accurately states the date at which the auditor’s responsibility for events affecting the financial statements should reasonably end.” The rules are available on the PCAOB website.

AS 2410, Related Parties

The following summarizes the more significant requirements included within AS 2410 and the related amendments.

Amendments to certain PCAOB auditing standards regarding significant unusual transactions

The amendments regarding significant unusual transactions — which revised AS 2401, Consideration of Fraud in a Financial Statement Audit — strengthen the requirements for the identification and evaluation of significant unusual transactions. These amendments require the auditor to (1) perform procedures to identify significant unusual transactions, (2) perform procedures to obtain an understanding of, and evaluate, the business purpose (or lack thereof) of identified significant unusual transactions, and (3) consider certain factors in evaluating whether significant unusual transactions may have been entered into to engage in fraudulent reporting or conceal misappropriation of assets.

Financial relationships and transactions with executive officers

The amendments to existing standards regarding financial relationships and transactions with executive officers require the auditor to perform procedures to obtain an understanding of the company’s financial relationships and transactions with its executive officers. Such amendments are intended to increase the auditor’s attention on incentives or pressures for the company to achieve a particular financial position or operating result. These enhancements address the potential influence a company’s executive officers may exert over the company’s accounting and financial statement presentation. Although this new focus represents an important risk assessment consideration, it is not intended to be an assessment of the appropriateness or reasonableness of executive compensation arrangements.

AS 2410 can be found https://pcaobus.org/Standards/Auditing/Pages/AS2410.aspx.

AS 2701, Auditing Supplemental Information Accompanying Audited Financial Statements

AS 2701 was adopted by the PCAOB, and approved by the SEC, in the fourth quarter of 2013. AS 2701 requires auditors to perform certain audit procedures when engaged to audit and report on supplemental information accompanying financial statements. Such supplemental information includes the following:

• Supporting schedules that brokers and dealers are required to file pursuant to SEC Rule 17a-5
• Supplemental information (i) required to be presented pursuant to the rules and regulations of a regulatory authority and (ii) covered by an independent public accountant’s report on that information in relation to financial statements that are audited in accordance with PCAOB standards
• Information that is (i) ancillary to the audited financial statements, (ii) derived from the company’s accounting books and records, and (iii) covered by an independent public accountant’s report on that information in relation to the financial statements that are audited in accordance with PCAOB standards

AS 2701 does not apply to schedules prepared pursuant to Regulation S-X, because those schedules are deemed by the SEC to be part of the financial statements.

AS 2701 includes the following requirements, among others, for the auditor to (1) determine that the supplemental information reconciles to the underlying accounting and other records or to the financial statements, as applicable; (2) test the completeness and accuracy of the supplemental information, to the extent that it was not tested as part of the financial statement audit; and (3) evaluate whether the supplemental information, including its form and content, complies with relevant regulatory requirements or other applicable criteria, if any.

AS 2701 can be found at https://pcaobus.org/Standards/Auditing/Pages/AS2701.aspx.

AS 2820, Evaluating Consistency of Financial Statements

AS 2820 provides guidance about the auditor’s evaluation of, and reporting on, the consistency of financial statements. The standard directs the auditor to recognize, in the auditor’s report, (1) a change in accounting principle or (2) an adjustment to correct a misstatement in previously issued financial statements, if it had a material effect on the financial statements. This standard does not establish new or additional audit requirements. The standard is meant to enhance the clarity of auditor reporting on accounting changes (including both changes in accounting principle that result from the adoption of a new accounting pronouncement and those that do not) and corrections of misstatements, by distinguishing between these events.

Further, the standard aligns the auditor’s reporting responsibilities with the accounting standards, which require disclosure of all restatements, by requiring an explanatory paragraph when the company has restated the financial statements.

Changes in classification do not require recognition in the auditor’s report, except for reclassifications that result from changes in accounting principle or correction of a material misstatement.

The standard also provides guidance on the periods covered by the auditor’s evaluation of consistency.

The standard can be found at https://pcaobus.org/Standards/Auditing/Pages/AS2820.aspx.

AS 6115, Reporting on Whether a Previously Reported Material Weakness Continues to Exist

AS 6115 establishes a voluntary engagement that allows auditors to report on the elimination of a material weakness in a company’s internal control over financial reporting. The standard was issued in response to both management and report user concerns about the need for a mechanism to provide assurance on management’s assertion concerning the elimination of a material weakness. The assurance that is set forth in the standard is not required by the Sarbanes-Oxley Act of 2002 or other securities laws and is purely voluntary on the part of company management. The objective of an engagement performed pursuant to this standard was to provide assurance on management’s assertions about whether a previously reported material weakness continued to exist. Highlights of AS 6115 include the following:

• Establishes requirements and provides direction that applies when an auditor is engaged to report on whether a previously reported material weakness in internal control over financial reporting continues to exist as of a date specified by management.
• Any engagement under AS 6115 is entirely voluntary. There is no requirement for companies to retain the auditor to report on whether a previously reported material weakness continues to exist.
• The report on a previously reported material weakness can be issued at any date. It does not need to be issued in connection with issuance of annual or interim financial statements.
• An AS 6115 report should state, “In our opinion, the material weakness described above no longer exists.” No reason need be provided to indicate why the material weakness no longer exists.
• If the auditor concludes that the material weakness continues to exist, no report would be issued, but the auditor is required to report this finding to the audit committee.
• Material weaknesses can be resolved through various environmental factors such as a change in operations or a change in size and materiality, but in these circumstances there are other qualitative factors that the auditor should consider prior to reporting that the material weakness no longer exists.
• The focus of AS 6115 is narrow in scope. If there are more complex organizational changes or other factors related to the assertion that the material weakness no longer exists, the auditor might conclude that separate reporting on the material weakness is not appropriate, and that re- examination of the material weakness should instead be done in connection with the next audit of internal controls under AS 2201.

Filing with the SEC

The SEC has provided the following guidance regarding acceptable methods and forms to use in filing both management’s and the auditor’s report.

• If an issuer decides to publicly disseminate the reports of management and the auditor on whether a previously reported material weakness continues to exist, an issuer can use any Exchange Act form it believes appropriate.
• SEC rules do not specify the form of disclosure that management should use when describing the circumstances surrounding the remediation of a previously reported material weakness. General disclosure principles and requirements apply; however, the SEC emphasized that the disclosure should not amend management’s conclusion on the effectiveness of internal control over financial reporting (ICFR) as of the end of the fiscal year.
• If the remediation was completed between the end of the fiscal year and the filing of the Form 10-K, management may provide a single, combined report on the results of the annual assessment of ICFR and the subsequent conclusion related to the remediation of a material weakness identified in the annual assessment. (Note that the provisions of AS 6115 are sufficiently flexible and nothing in this standard or AS 2201 would preclude the auditor from issuing a single, combined report, consistent with the SEC guidance.)

The standard is available at https://pcaobus.org/Standards/Auditing/Pages/AS6115.aspx.

Auditing standards related to the auditor’s assessment of, and response to, risk

The following eight auditing standards provide guidance on all stages of a risk-based audit, from initial planning through evaluation:

• AS 1101, Audit Risk. This standard discusses the auditor’s consideration of audit risk. The standard describes the components of audit risk, as well as the auditor’s responsibilities for reducing audit risk to an appropriately low level to obtain reasonable assurance that the financial statements are free of material misstatement.
• AS 1105, Audit Evidence. This standard explains what constitutes audit evidence, and establishes requirements for designing and performing audit procedures to obtain appropriate audit evidence that is sufficient to support the opinion expressed in the auditor’s report.
• AS 1201, Supervision of the Audit Engagement. This standard describes the responsibilities of the engagement partner and other engagement team members for supervising and reviewing the work of the engagement team.
• AS 2101, Audit Planning. The standard describes the auditor’s responsibilities for planning the audit, including assessing matters that are important to the audit, and establishing an appropriate audit strategy and audit plan.
• AS 2105, Consideration of Materiality in Planning and Performing an Audit. This standard describes the auditor’s responsibilities for considering materiality in planning and performing an audit.
• AS 2110, Identifying and Assessing Risks of Material Misstatement. This standard establishes requirements for auditors to identify and assess the risks of material misstatement. The risk assessment process discussed in this standard includes obtaining an understanding of the company, its environment, and its internal control to identify risks, and analyzing the identified risks.
• AS 2301, The Auditor’s Responses to the Risks of Material Misstatement. This standard establishes auditor requirements for addressing the risks of material misstatement through overall audit responses and audit procedures regarding significant accounts and disclosures.
• AS 2810, Evaluating Audit Results. This standard establishes auditor requirements with regards to evaluating audit results and determining whether the audit evidence obtained is sufficient and appropriate to support the audit opinion. The evaluation process includes evaluating (1) identified misstatements, (2) the presentation of the financial statements and disclosures, and (3) the potential for management bias.

The board issued these standards so that an appropriate risk assessment process would be applicable and reflected in all public company audits; however, the process is not expected to be a one-size-fits-all approach to risk assessment, and as such, the standards have incorporated guidance about how the risk assessment process can be tailored to a company’s size and complexity.

The risk standards also provide guidance on the integration of the audit of the financial statements with the audit of ICFR. AS 2201 describes a risk-based audit of ICFR that should be fully integrated with the audit of financial statements. The risk standards describe the auditor’s responsibilities for assessing risk, responding to risk, and evaluating audit results in the context of an integrated audit of financial statements and ICFR, which should help auditors better understand how certain procedures required by AS 2201 can be integrated with financial statement audit procedures.

The auditor’s responsibilities for considering fraud during the audit have been integrated into the applicable risk assessment standards. This integration is intended to prompt auditors to make a more thorough assessment of fraud risks and to modify audit plans to address identified fraud risk factors. This integration is intended to eliminate the sometimes mechanical approach to the consideration of fraud that the board had noted in inspections and encourages a more thoughtful and thorough assessment of fraud risks.

The sections can be found at https://pcaobus.org/Standards/Auditing/Pages/default.aspx.

AS 3101, The Auditor’s Report on an Audit of Financial Statements When the Auditor Expresses an Unqualified Opinion

In October 2017, the SEC approved the PCAOB’s new auditor reporting standard, AS 3101, The Auditor’s Report on an Audit of Financial Statements When the Auditor Expresses an Unqualified Opinion, as adopted by the PCAOB in June 2017. The SEC also approved related amendments to certain other PCAOB standards and redesignated paragraphs that address departures from the auditor’s unqualified opinion and other reporting circumstances as AS 3105, Departures from Unqualified Opinions and Other Reporting Circumstances.

The new standard and related amendments retain the pass/fail opinion in the existing auditor’s report, but significantly change the existing auditor’s report through the following requirements:

• The new standard requires the auditor to communicate in the auditor’s report any critical audit matters (CAMs) arising from the audit, or state that the auditor determined that there were no CAMs. CAMs are matters that were communicated or required to be communicated to the audit committee, and that (1) relate to accounts or disclosures that are material to the financial statements and (2) involve especially challenging, subjective, or complex auditor judgment.
• The auditor’s report will include disclosure of the auditor’s tenure (i.e., the year in which the auditor began serving consecutively as the company’s auditor).
• The auditor’s report will also include a statement that the auditor is required to be independent.
• The phrase “whether due to error or fraud” will be included in the auditor’s report in describing the auditor’s responsibility under PCAOB standards to plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatements.
• The opinion will appear in the first section of the auditor’s report, and section titles will be added to the report.
• The auditor’s report will be addressed to the company’s shareholders and board of directors or equivalents (additional addressees are also permitted).

The communication of each CAM in the auditor’s report will include the following:

• Identification of the CAM
• A description of the principal considerations that led the auditor to determine that the matter was a CAM
• A description of how the CAM was addressed during the audit
• A reference to the applicable financial statement accounts or disclosures

The standard generally applies to audits conducted under PCAOB standards; however, communication of CAMs is not required for audits of emerging growth companies, brokers and dealers, investment companies other than business development companies, and employee stock purchase, savings, and similar plans. Auditors of these entities may choose to voluntarily include CAMs in the auditor’s report. The other requirements of the final standard apply to these audits.

The PCAOB adopted a phased approach to the effective date for the new standard and amendments to provide accounting firms, companies, and audit committees more time to prepare for implementation of the critical audit matter requirements, which are expected to require more effort to implement than the other improvements to the auditor’s report.

The final standard and amendments will take effect as follows:

The PCAOB plans to conduct a post-implementation review of the new standard to ensure it is working as intended and does not lead to any unintended consequences.

The standard and related amendments can be accessed at https://pcaobus.org//Rulemaking/Docket034/2017-001-auditors-report-final-rule.pdf

Additionally, the PCAOB has developed a fact sheet on the standard, which may be helpful in understanding the main provisions of the standard. It is available at https://pcaobus.org//News/Releases/Pages/fact-sheet-auditors-report-standard-adoption-6-1-17.aspx

AS 2501, Auditing Accounting Estimates, Including Fair Value Measurements, and related amendments

On December 20, 2018, the PCAOB adopted a new auditing standard, Auditing Accounting Estimates, Including Fair Value Measurements, and amendments to other PCAOB auditing standards. The standard strengthens and enhances the requirements for auditing accounting estimates by establishing a single standard that sets forth a uniform, risk-based approach.

The new standard replaces three existing standards by establishing a single standard that sets forth a uniform, risk-based approach. Auditing Accounting Estimates (AS 2501) will be updated and retitled Auditing Accounting Estimates, Including Fair Value Measurements (AS 2501). Two other standards, Auditing Fair Value Measurements and Disclosures (AS 2502) and Auditing Derivative Instruments, Hedging Activities, and Investments in Securities (AS 2503), will be superseded.

The new standard builds on the common approaches in AS 2501, AS 2502, and AS 2503 and strengthens existing requirements by adding the following:

• Extending certain key requirements in the existing standard on auditing fair value measurements, the newest and most comprehensive of the three existing standards, to other accounting estimates in significant accounts and disclosures, reflecting a more uniform approach to substantive testing for estimates.
• Focusing auditors on estimates with greater risk of material misstatement.
• Prompting auditors to devote greater attention to addressing potential management bias in accounting estimates, as part of applying professional skepticism.
• Providing a special topics appendix to address certain aspects unique to auditing fair values of financial instruments, including the use of pricing information from third parties, such as pricing services and brokers or dealers.
• Making other updates to the requirements for auditing accounting estimates to provide additional clarity and specificity.

Adoption of amendments on the auditor’s use of the work of specialists

Also on December 20, 2018, the PCAOB adopted amendments to its auditing standards that strengthen the requirements that apply when auditors use the work of specialists in an audit. The amendments are designed to increase audit attention in areas where a specialist is used and to align the applicable requirements with the PCAOB's risk assessment standards.

The Board is amending two existing auditing standards, AS 1105, Audit Evidence, and AS 1201, Supervision of the Audit Engagement. The Board is also retitling and replacing AS 1210, Using the Work of a Specialist, with a new AS 1210, Using the Work of an Auditor-Engaged Specialist. These amendments strengthen existing requirements by adding the following:

Supplemental request for comment: Proposed Amendments Relating to the Supervision of Audits Involving Other Auditors and Proposed Auditing Standard, Dividing Responsibility for the Audit with Another Accounting Firm

In September 2017, the PCAOB issued a supplemental request for comment on a proposal designed to strengthen existing requirements regarding a lead auditor’s use of other auditors. Following the initial April 2016 proposal, the board received comments asking for clarification to some provisions and requesting changes to other provisions. In response to the comments received, the PCAOB proposed certain incremental clarifications and modifications to the requirements, primarily related to the following topics in the 2016 proposal:

• Planning, including the sufficiency of the lead auditor’s participation and other auditors’ qualifications
• Supervision, including the communication between auditors and supervision of multiple tiers of other auditors
• Division of responsibility, including situations that involve different financial reporting frameworks
• Documentation, including documenting the lead auditor’s review
• Engagement quality review

The proposed clarifications are intended to increase the lead auditor’s involvement in, and evaluation of, the work of other auditors and impose a uniform approach to the use of other auditors by

• directing the lead auditor’s supervisory responsibilities to the audit areas of greatest risk, consistent with the PCAOB’s risk assessment standards;
• clarifying that, to act as lead auditor, an audit firm must itself audit a meaningful portion of the financial statements; and,
• requiring more explicit procedures involving communication between the lead auditor and other auditors, and more robust evaluation of other auditors’ qualifications and work.

The comment period closed and the PCAOB staff is currently analyzing the comments received to determine its next steps.

Attestation Standard No. 1, Examination Engagements Regarding Compliance Reports of Brokers and Dealers, and Attestation Standard No. 2, Review Engagements Regarding Exemption Reports of Brokers and Dealers

Attestation Standard Nos. 1 and 2 (collectively, the “attestation standards”) were adopted by the PCAOB, and approved by the SEC, in the fourth quarter of 2013. The board also adopted related amendments to certain PCAOB standards, including amendments regarding documentation and amendments to require engagement quality reviews of the examination and the review engagements. The attestation standards and amendments were effective for examination engagements and review engagements for fiscal years ending on or after June 1, 2014.

These attestation standards coincide with the effective date of corresponding amendments to SEC Rule 17a-5. Pursuant to SEC Rule 17a-5, the audits of brokers and dealers, including attestation engagements, are required to be performed under PCAOB standards. The amendments to SEC Rule 17a-5 established a requirement for the annual report to contain a compliance report or an exemption report. These reports contain information regarding broker and dealer compliance with key SEC financial responsibility rules that the SEC believed the amendments enhance its ability to oversee the financial responsibility practices of registered brokers and dealers, including the safekeeping of customer assets.

The attestation standards establish a framework of specific procedures that are required for auditors to opine or conclude on a broker’s or dealer’s statements or assertions in compliance reports and exemption reports required by SEC Rule 17a-5, respectively. Furthermore, both of the attestation standards emphasize coordination between the examination engagement or review engagement, the audit of the broker’s or dealer’s financial statements, and audit procedures performed on the supplemental information.

The attestation standards can be found at https://pcaobus.org/Standards/Attestation/ Pages/default.aspx.

Form of auditor’s report

The new standard requires that the “Opinion on the Financial Statements” section be the first section, immediately followed by the “Basis for Opinion” section. Additionally, section titles have been added to the auditor’s report to guide the reader. Appropriate section titles are to be included for explanatory and emphasis paragraphs, such as when a going concern explanatory paragraph is included within the auditor’s report.

Addressee

The new standard requires that the auditor’s report be addressed to the shareholders and the board of directors, or equivalents for companies not organized as corporations. The staff guidance includes the following examples of addressees for companies not organized as corporations:

1. The plan administrator and plan participants for benefit plans
2. The directors (or equivalent) and equity owners for broker-dealers
3. The trustees and unit holders or other investors for investment companies organized as trusts

Auditors can assess, based on the individual circumstances, whether to voluntarily include additional addressees in the auditor’s report.

Auditor independence

The new standard requires a statement in the “Basis for Opinion” section that the auditor is a public accounting firm registered with the PCAOB (United States) and is required to be independent with respect to the company in accordance with U.S. federal securities laws and the applicable rules and regulations of the SEC and the PCAOB.

Auditor tenure

The new standard requires a statement in the auditor’s report containing the year the auditor began serving consecutively as the company’s auditor. The disclosure of tenure should reflect the entire relationship between the company and the auditor, taking into account firm or company mergers, acquisitions, or changes in ownership structures. For example, when a company acquires another company, if the acquirer’s current auditor continues serving as the combined company’s auditor, auditor tenure would continue; however, if the acquired company’s auditor is selected to serve as the combined company’s auditor, auditor tenure would begin at that time. Auditor tenure is not affected by the company’s status as a public company. If a company went public and maintained the same auditor, auditor tenure will include the years before and after the company became subject to SEC reporting requirements.

The staff guidance states that in determining the year the auditor began serving consecutively as the company’s auditor, the auditor will look to the year when the firm signs an initial engagement letter to audit a company’s financial statements or when the firm begins performing audit procedures, whichever is earlier. The staff guidance provides the following examples on determining auditor tenure:

1. If the auditor signs the engagement letter in January 2012 to audit a company’s financial statements for the year ended December 31, 2012, and the auditor’s report is dated February 28, 2013, the auditor would state 2012 as the year the auditor began serving consecutively as the company’s auditor.
2. If the auditor signs the engagement letter in December 2011 to audit a company’s financial statements for the years ended December 31, 2010, 2011, and 2012, the auditor would state 2011 as the year the auditor began serving consecutively as the company’s auditor.
3. If the auditor signs the engagement letter in January 2013 to audit a company’s financial statements for the years ended December 31, 2010, 2011, and 2012, the auditor would state 2013 as the year the auditor began serving consecutively as the company’s auditor.

If auditors cannot readily determine when an initial engagement letter was signed, they can determine tenure based on their own records, the company’s records, or publicly available information, such as company filings available on the SEC’s Electronic Data Gathering, Analysis and Retrieval (EDGAR) system.

In the absence of other evidence about when the auditor signed an initial engagement letter or began performing audit procedures, tenure can be determined based on the year in which the auditor first issued an audit report on the company’s financial statements or, if earlier, the auditor’s estimate of when work would have commenced to enable the issuance of such report.

If there is uncertainty as to the year the auditor began serving consecutively as the company’s auditor, the auditor should state that the auditor is uncertain and provide the earliest year of which the auditor has knowledge. The staff guidance provides the following example of such a statement:

For an investment company that is part of a group of investment companies, the new standard requires that the auditor’s statement regarding tenure will contain the year the auditor began serving consecutively as the auditor of any investment company in the group. The staff guidance provides the following example to illustrate this:

Determination of Auditor Tenure

The updated guidance clarifies the following:

• A company’s benefit plan that files annual reports on Form 11-K is considered a separate issuer, and has a separate tenure determination.
• Publicly available information available to help determine auditor tenure includes annual reports on Form 10-K, current reports on Form 8-K reporting a change in the company's independent registered public accounting firm, or other company filings available on the SEC’s Electronic Data Gathering, Analysis, and Retrieval ("EDGAR") system.
• If there is uncertainty as to the year the auditor began serving consecutively as the company's auditor, language other than that described in the Staff Guidance issued on December 28, 2017, may be used in the auditor’s report to express uncertainty regarding tenure, as long as the statement effectively communicates the first year the firm knows that it served as the company’s auditor and that it is uncertain of the specific year when tenure began. The explanatory language should not state or imply that the auditor did not make a tenure determination.
• When the auditor’s report is reissued by a predecessor auditor, the predecessor auditor may expand the tenure statement to indicate when its tenure ended.

Auditor reporting regarding ICFR

In certain circumstances, management is required to report on the company’s ICFR, but such report is not required to be audited. In such cases, the auditor is required to include explanatory language to that effect in the “Basis for Opinion” section. The annotated example included in the staff guidance illustrates this presentation by adding the following explanatory language:

Additionally, the requirements for auditor reporting on management reports on ICFR have been updated to conform to the new standard. Updated examples are included in AS 2201, as amended.

If an audit of ICFR is performed — whether pursuant to SEC rules, the rules of another regulator, or otherwise — such explanatory language in the Basis for Opinion section would not be included.

Additionally, the updated guidance clarifies that if the auditor issues separate reports on ICFR and the financial statements, the required paragraph referencing the separate report should appear in the Opinion on the Financial Statements section, immediately following the opinion paragraph. Auditor tenure is not required to be disclosed in the auditor's separate ICFR report.

Explanatory and emphasis paragraphs

Explanatory language is to be added when management is required to report on ICFR but an audit of ICFR is not performed, representing a key change to the list of circumstances in which explanatory language is required. The staff guidance also explains that if an audit report includes an emphasis of matter paragraph, an appropriate section title is to be used.

Some PCAOB standards specify the location of required explanatory language within the auditor's report. The updated guidance states that if the auditor is required to include explanatory language in the auditor's report but the location is not specified, the language may be placed where the auditor considers appropriate.

When an emphasis paragraph is included in the auditor’s report, the updated guidance states that it is not appropriate for the auditor to use phrases such as “with the foregoing [following] explanation” in the opinion paragraph. The updated guidance also clarifies that the emphasis paragraph may be placed where the auditor considers appropriate, with an appropriate section title.

Information about certain audit participants

If the auditor voluntarily decides to provide information about certain audit participants that is required to be reported on PCAOB Form AP, Auditor Reporting of Certain Audit Participants, the auditor should include an appropriate section title. The auditor may include information about the engagement partner, information about the other accounting firms, or both. If the auditor includes information about the other accounting firms in the auditor’s report, all other accounting firms required to be disclosed on Form AP must be included in the auditor’s report.

Note: AS 1301, Communications with Audit Committees, now requires engagement teams to provide to and discuss with the audit committee a draft of the auditor’s report prior to issuance.

Critical audit matters

The staff guidance provides an overview of requirements to disclose CAMs and reminds auditors that CAMs may be included voluntarily before the effective date or for entities for which the requirements do not apply. Communication of CAMs is not required for audits of emerging growth companies; brokers and dealers; investment companies other than business development companies; and employee stock purchase, savings, and similar plans.

Other Reporting Situations

The appendix in the updated guidance includes the following topics:

• Supplemental information. AS 2701, Auditing Supplemental Information Accompanying Audited Financial Statements, allows the auditor's report on supplemental information to be included in the auditor's report on the financial statements, but does not specify a location. Because there is no specified location, such report may be placed where the auditor considers appropriate, and an appropriate section title may be added to differentiate the auditor’s report on supplemental information from the other sections of the auditor’s report on the financial statements.
• Reviews of interim financial information. The updated guidance points out that the reporting requirements in AS 4105, Reviews of Interim Financial Information, conform to the requirements of AS 3101, and that AS 4105.37C.e requires a statement on auditor independence to be included in the Basis for Review Results section of the auditor's report on the review of interim financial information.
• Special reports. AS 3305, Special Reports, provides reporting requirements for various types of special reports, such as reports on specified elements, accounts, or items of a financial statement. AS 3305.01 indicates that if a special report is filed with the SEC, the auditor's report is required to include the basic elements that would be required in an unqualified auditor's report under AS 3101. Additionally, for reports that are prepared in conformity with a comprehensive basis of accounting other than generally accepted accounting principles under AS 3305.01.a, the auditor is required to communicate CAMs, when applicable.

The most recent staff guidance is available at https://pcaobus.org/Standards/Documents/PCAOB-Auditors-Report-Guidance-8-23-18.pdf

Additional staff guidance on critical audit matters

On March 18, 2019, the PCAOB released three staff guidance documents to support implementation of the new CAM requirements. Auditors will be required to communicate CAMs in the auditor’s report under PCAOB AS 3101, The Auditor’s Report on an Audit of Financial Statements When the Auditor Expresses an Unqualified Opinion, according to the following timeline:

The staff guidance consists of: (1) A Deeper Dive on the Determination of CAMs, (2) Implementation of Critical Audit Matters: The Basics, and (3) Staff Observations from Review of Audit Methodologies. The following provides a brief summary of each of the staff guidance documents; however, the staff guidance should be read in its entirety to ensure a complete understanding of the CAM requirements.

Implementation of Critical Audit Matters: A Deeper Dive on the Determination of CAMs

This staff guidance provides responses to frequently asked questions that arose during firm pilot testing and dry runs, as follows:

1. How should the auditor apply the requirement to determine matters that involve “especially challenging, subjective, or complex auditor judgment?”

   AS 3101 uses the word especially, instead of most, to clearly indicate that there could be multiple CAMs and that matters are assessed on a relative basis within the specific audit. In determining CAMs, the auditor should consider each of the criteria in the CAM definition: a CAM may involve especially challenging auditor judgment, especially subjective auditor judgment, especially complex auditor judgment, or some combination thereof. When communicating CAMs, auditors may choose to identify which of the three criteria specifically apply to each CAM. However, labeling a matter as challenging, subjective, and/or complex is not a substitute for the required description of the principal considerations as to why the matter is a CAM.

2. Should CAM determinations be consistent across auditors, or will CAMs vary depending on the auditor?

   Some audit areas are inherently more challenging, subjective, or complex than others, regardless of the auditor’s experience, knowledge, and resources. For example, accounting estimates generally involve subjective assumptions and measurement uncertainty and may involve complex methods. The requirements for determining CAMs should be applied in the context of the facts and circumstances of the specific audit. Differences in auditors’ judgment, as well as in the nature, timing, and extent of the audit response required, will affect the determination of CAMs.

3. Are CAMs expected to vary from year to year or should they be consistent?

   Some matters may always require especially challenging, subjective, or complex auditor judgment, and may be determined to be CAMs every year. Other matters may be CAMs in a single period or intermittently. For example, implementation of a new accounting standard or accounting for a significant unusual transaction may require especially challenging, subjective, or complex auditor judgment only in the year in which they occur. Furthermore, the audit of deferred tax assets accounts and disclosures may involve especially challenging, subjective, or complex auditor judgment only in years when additional auditor judgment and effort is necessary to assess the entity’s ability to utilize net operating loss carryforwards.

4. How should significant events or matters pertaining to the company’s overall business operations or economic or regulatory environment be evaluated for purposes of determining CAMs?

   Significant events (e.g., natural disasters, cybersecurity breaches) or matters relating to the business and regulatory environment (e.g., significant regulatory changes, new accounting standards, significant changes in the economic or business environment, significant changes in government operations or policy) could affect the financial statements and become a subject of communications between the auditor and the audit committee. When evaluating such events or matters for purposes of determining CAMs, auditors would consider the relevant audit impact, which will largely depend on the nature, timing, and extent of the required audit response.

5. How should a material weakness or significant deficiency in internal control over financial reporting be considered when determining CAMs?

   The evaluation and determination process for control deficiencies does not relate to a financial statement account or disclosure, and therefore the existence of a control deficiency would not, in and of itself, be a CAM. However, a control deficiency may relate to controls over one account and/or disclosure or multiple accounts and/or disclosures, or the ineffective controls may have a pervasive effect on the financial statements. If auditing the affected account balances and disclosures involved especially challenging, subjective, or complex auditor judgment, the auditor would determine one or more CAMs. The deficiency may then be among the considerations that led the auditor to determine such CAMs.

   If a significant deficiency was considered in determining that a matter was a CAM, the auditor would describe the relevant control-related issues over the matter without using the term significant deficiency in the auditor’s report. If material weaknesses are identified, they are reported by the entity, and therefore that term is permitted to be used in a CAM description.

6. What is the relationship between CAMs and a company’s disclosures regarding critical accounting estimates?

   The critical accounting estimates that management is required to disclose in MD&A may overlap with CAMs, but they are not the same. Although some critical accounting estimates (or components of those estimates) may be the subject of CAMs, not all critical accounting estimates necessarily would be. Furthermore, the source of CAMs is broader than just critical accounting estimates (i.e., all matters communicated or required to be communicated to the audit committee).

7. How should significant risks be considered in determining whether a matter involved especially challenging, subjective, or complex auditor judgment?

   The factors relevant to identifying significant risks (see paragraph 71 of AS 2110, Identifying and Assessing Risks of Material Misstatement) overlap with, but are not identical to, the criteria used in determining CAMs. For example, if responding to a significant risk did not involve especially challenging, subjective, or complex auditor judgment, the auditor would not determine that a related CAM exists. Conversely, responding to risks of material misstatement that are not significant risks may involve especially challenging, subjective, or complex auditor judgment, particularly when the risks relate to financial statement areas that involve greater degrees of judgment and estimation. In such instances, the auditor may determine that one or more CAMs exist.

8. How should decisions about audit strategy be considered in determining CAMs?

   Audit strategy decisions may be indicative of the reasons that a matter was a CAM and be included in the description of how a CAM was addressed in the audit. For example, audit strategy may affect the following:

   • Degree of auditor judgment related to financial statement areas that involved significant judgment or estimation by management
   • Nature and extent of audit effort (e.g., efforts to supervise other auditors and the auditor’s use of a specialist)
   • Nature of available audit evidence
   • Other factors specific to the audit
9. What is the interaction between CAMs and company disclosures outside the financial statements?

   In communicating CAMs, auditors are required to refer to the relevant financial statement accounts or financial statement disclosures, rather than to disclosures outside the financial statements. Company disclosures outside of the financial statements, however, may be relevant in the context of CAM communication. When describing CAMs in the auditor’s report, the auditor is not expected to provide information about the company that has not been made publicly available by the company (i.e., information that the company has made available through all means, including SEC filings, press releases, and other public statements), unless such information is necessary to describe the principal considerations that led the auditor to determine that a matter is a CAM or how the matter was addressed in the audit.

Implementation of Critical Audit Matters: The Basics

Implementation of Critical Audit Matters: Staff Observations from Review of Audit Methodologies

The PCAOB’s Office of the Chief Auditor reviewed CAM methodologies, practice aids, training materials, and examples (“methodologies”) submitted by 10 U.S. audit firms that collectively audit approximately 85% of large accelerated filers, and observed the following:

• Some audit firm methodologies excluded certain audit committee communications from the source of CAMs; however, AS 3101 does not exclude any audit committee communications.
• Certain firm methodologies referenced only the six factors listed in paragraph 12 of AS 3101 when referring to the determination of which matters involved especially challenging, subjective, or complex auditor judgment and did not include consideration of other factors specific to the audit.
• Certain sample CAMs that were reviewed included only a statement that the matter involved especially challenging, subjective, or complex auditor judgment. The CAM description should be tailored to the circumstances and include why the matter involved especially challenging, subjective, or complex auditor judgment.
• Some audit firm materials instructed auditors to describe general internal control testing in every CAM communication. CAM communications are expected to reflect the specific circumstances of the matter (e.g., by including a description of the testing of relevant controls, if applicable).
• Some methodologies indicated that the auditor can communicate either the relevant account or the relevant disclosure, but not both, to avoid duplication; however, the auditor is permitted to refer to one or more account(s) or disclosure(s), or both.
• When communicating CAMs, the auditor is not expected to provide information about the entity that has not been made publicly available by the entity, unless such information is needed to describe the principal considerations that led the auditor to determine that a matter is a CAM or how the matter was addressed in the audit. Some methodologies identified “publicly available” information only as information disclosed in financial statements or a document containing the financial statements; however, information can be made publicly available by the entity in a variety of ways, such as the annual report, press releases, or other public statements.
• Some audit firm methodologies indicated that the auditor would provide draft CAMs for the audit committee’s review and feedback. Although the auditor is required to provide the audit committee with a draft of the auditor’s report for discussion, CAMs are the responsibility of the auditor, and not the audit committee.

Auditor’s report implementation page on PCAOB website

The PCAOB also created a new auditor’s report implementation page to provide information, resources, and training regarding implementation of AS 3101, with an emphasis on how auditors are preparing to identify and communicate CAMs.

Staff Audit Practice Alert No. 15, Matters Related to Auditing Revenue from Contracts with Customers

In October 2017, the PCAOB released Staff Audit Practice Alert No. 15. The auditing matters discussed in this alert are relevant to the auditor’s consideration of implementation of the new revenue standards issued by both FASB and IASB, and are applicable for both interim reviews and year-end audits. Additionally, the alert points out that certain matters discussed in the alert may be applicable to auditing the implementation of the new accounting standards on leases and credit losses.

The alert discusses the following:

• Auditing management’s transition disclosures in the notes to the financial statements
• Auditing transition adjustments
• Considering internal control over financial reporting
• Identifying and assessing fraud risks
• Evaluating whether revenue is recognized in conformity with the applicable financial reporting framework
• Evaluating whether the financial statements include the required disclosures regarding revenue

The matters discussed in the alert are applicable to both planning and performing audit procedures with respect to revenue. The alert also contains a caveat indicating that although the alert highlights certain areas, it is not intended to identify all areas that might affect audit risk arising from the implementation of the new revenue standard, nor is it a substitute for the relevant auditing standards.

The complete text of Staff Audit Practice Alert No. 15 is available at https://pcaobus.org/Standards/QandA/SAPA-15-revenue-accounting-standard.pdf

Staff Audit Practice Alert No. 14, Improper Alteration of Audit Documentation

Staff Audit Practice Alert No. 14 emphasizes that improperly altering audit documentation in connection with a PCAOB investigation or inspection violates PCAOB rules and can result in disciplinary action with severe consequences. The alert also points out that improperly altering audit documentation is inconsistent with an auditor’s professional duty to act with integrity and as a gatekeeper in public securities markets.

The alert summarizes PCAOB audit documentation requirements under AS 1215, Audit Documentation. The alert also emphasizes that PCAOB Rule 4006, Duty to Cooperate with Inspectors, includes an obligation not to provide improperly altered documents or misleading information in connection with the board’s inspection processes.

According to the alert, in the past several years, the board has sanctioned firms and individuals for violating both their obligation to cooperate with board inspections and the requirements of AS 1215, as a result of those firms and individuals improperly deleting, adding, or altering documentation in connection with an inspection. PCAOB enforcement staff have recently discovered evidence of additional instances of improperly altered audit documentation, including documents that were created shortly in advance of, or during, an inspection, and then backdated. The alert further states that failures to cooperate with a board inspection or investigation can result in a board disciplinary action and significant sanctions, including revoking a firm’s PCAOB registration, barring an individual from further association with any registered firm, and imposing civil monetary penalties.

To reduce the risk of improper alteration of audit documentation in connection with a PCAOB inspection, the alert states that registered firms should take action to assure that (1) work papers are properly archived; (2) work papers, once archived, are not improperly altered; and (3) the documentation provided to PCAOB inspectors for an audit is the original archived documentation for that audit (supplemented, as appropriate, in accordance with AS 1215).

Registered firms or individuals that become aware of any improper alteration of audit documentation in connection with a board inspection or investigation should report that information. They can do so by contacting PCAOB staff in the Division of Registration and Inspections or the Division of Enforcement and Investigations, or by contacting the PCAOB Tip and Referral Center, including anonymously. In addition, in appropriate circumstances, individuals may use their firm’s internal whistleblower and complaint systems to report improper alteration of audit documentation or other suspected misconduct. The alert also points out that voluntary and timely self-reporting of misconduct, including violations of the obligation to cooperate with board inspections or investigations, may be a factor in determining whether to impose sanctions against a firm or person and what sanctions to impose.

Staff Audit Practice Alert No. 13, Matters Related to the Auditor’s Consideration of a Company’s Ability to Continue as a Going Concern

Staff Audit Practice Alert No. 13 was issued to remind auditors that the existing PCAOB standards remain in effect, notwithstanding the recent changes to U.S. generally accepted accounting principles (U.S. GAAP) about disclosure of uncertainties about a company’s ability to continue as a going concern.

The alert explains that auditors should look to the applicable financial reporting framework, whether U.S. GAAP or International Financial Reporting Standards (IFRS), to assess management’s going concern evaluation and the related financial statement disclosures. Furthermore, auditors are reminded that the requirements under AS 2415, The Auditor’s Consideration of an Entity’s Ability to Continue as a Going Concern, for the auditor’s evaluation, and reporting when substantial doubt exists, have not changed and continue to be in effect. A determination that no disclosure is required under U.S. GAAP or IFRS, as applicable, is not conclusive as to whether an explanatory paragraph is required under AS 2415. The alert emphasizes that auditors should make a separate evaluation of the need for disclosure in the auditor’s report in accordance with AS 2415.

Staff Audit Practice Alert No. 12, Matters Related to Auditing Revenue in an Audit of Financial Statements

The PCAOB issued Staff Audit Practice Alert No. 12 to highlight certain PCAOB auditing requirements related to aspects of auditing revenue in which significant auditing deficiencies have been frequently observed by the PCAOB’s inspections staff. The matters discussed in this alert are applicable to both planning and performing audit procedures with respect to revenue. Because revenue is often significant to a company’s operating results, it is particularly important for the engagement partner and other senior engagement team members to focus on these matters and for engagement quality reviewers to consider these matters when performing reviews.

The following summarizes the more significant topics discussed in this alert; however, all audit professionals should read the alert in its entirety. The alert contains reminders and considerations that may be applicable in the conduct of any audit, not just those of issuers. Moreover, the matters discussed in the alert are likely to continue to have relevance to auditing revenue under the recently issued accounting standard on revenue recognition.

Testing revenue recognition, presentation, and disclosure

Other aspects of testing revenue

Staff Audit Practice Alert No. 11, Considerations for Audits of Internal Control Over Financial Reporting

In recent years, the PCAOB inspections staff has observed a significant number of audit deficiencies in audits of ICFR. This staff alert addresses such deficiencies, so that auditors can take note of such matters when planning and performing their audits of internal control. Specifically, the alert discusses the topics in the following sections.

Risk assessment and the audit of internal control

Risk assessment is a key element of the top-down approach, and underlies the entire audit process. The PCAOB’s general inspection report cites the improper application of the top-down approach as a potential root cause for the deficiencies noted in audits of internal control. The alert includes a table to illustrate how certain risk assessment procedures required by AS 2110 can be coordinated with procedures that are performed under AS 2201. The alert also points out that performing walkthroughs is an effective way to obtain an understanding of internal control and satisfy the requirements of AS 2110 and AS 2201 concurrently.

The alert also reminds auditors that the components of a potential significant account or disclosure might be subject to significantly different risks. Further, different risks of material misstatement affecting the same assertion of an account or disclosure might arise at different points within the company’s processes. If risks differ among components, the auditor might need to select and test different controls to support a conclusion that the controls adequately address the risks to the account or disclosure.

According to the alert, inspections staff also observed instances in which firms did not sufficiently test controls in multilocation engagements. PCAOB standards require the auditor to assess the risks of material misstatement to the consolidated financial statements associated with the location or business unit and correlate the amount of auditing attention devoted to the location or business unit with the degree of risk. AS 2101 lists factors that are relevant to (1) assessing the risk of material misstatement associated with a location or business unit and (2) determining the necessary audit procedures.

Selecting controls to test

PCAOB inspections staff noted that, in some instances, firms placed undue emphasis on testing management review controls and other detective controls without considering whether they adequately addressed the assessed risks of material misstatement of the significant account or disclosure. In particular, auditors in certain instances failed to identify and sufficiently test controls that addressed the risks of material misstatement for revenue, inventory, financial instruments, and pension plan assets.

The alert further points out that internal control also applies to infrequent processes and nonrecurring transactions outside the normal course of business, and the auditor should directly test the controls over those processes or transactions if they present a risk of material misstatement of the financial statements. Performing substantive audit procedures to determine whether the nonrecurring transaction was recorded properly does not, by itself, provide the auditor with evidence of the effective design and operation of the company’s control over such transactions.

Testing management review controls

Management reviews typically involve comparing recorded financial statement amounts to expected amounts and investigating significant differences from expectations. Many management review controls are entity-level controls, but may also be found within activity level controls. AS 2201 provides that entity- level controls vary in nature and precision, and the alert lists certain factors that can affect the level of precision of an entity-level control.

As with other types of controls, the auditor should obtain evidence about how a management review control is designed and operated to prevent or detect misstatements. The alert also states that testing the operating effectiveness of a management review control typically involves obtaining and evaluating evidence about (1) the steps performed to identify and investigate significant differences; and (2) the conclusions reached in the reviewer’s investigation, including whether potential misstatements were appropriately investigated and whether corrective actions were taken as needed.

To provide further illustration, the alert includes an example of the steps involved in a test of a management review control.

Information technology (IT) considerations, including system-generated data and reports

Inspections staff have observed instances in which firms did not sufficiently test controls over the completeness and accuracy of system-generated data or reports used in the operation of those controls. The alert reminds readers that PCAOB standards require the auditor to obtain an understanding of the manual and automated controls used by the company, including the IT general controls (ITGCs) that are important to the effective operation of the automated controls. The auditor also should obtain an understanding of specific risks to a company’s internal control resulting from IT. Further, when testing an IT-dependent control, the auditor should also test the IT controls on which the selected control relies.

PCAOB standards also require evaluating the severity of identified control deficiencies, including IT control deficiencies. Such an evaluation involves assessing the effect of the deficiency on important IT- dependent controls and, in turn, the likelihood and magnitude of potential misstatements. Deficient IT controls might impair the effectiveness of multiple controls across multiple accounts; in those situations, it may be necessary to assess the combined severity of those impaired controls in conjunction with the original deficient IT control.

Roll-forward of controls tested at an interim date

Inspections staff have identified instances in which firms tested significant controls at an interim date and either did not perform any testing, or used inquiry alone, to update the results of their testing. The alert states that when auditors test controls at an interim date, “roll-forward” procedures are required to update the interim test results to year-end. The amount of evidence needed from the roll-forward procedures depends on the nature of the control tested at the interim date and the results of those tests; the sufficiency of evidence obtained at the interim date; the length of the roll-forward period; and whether there were any significant changes in internal control since the interim date.

AS 2201 provides that inquiry might be a sufficient roll-forward procedure when the aforementioned factors indicate a low risk that the controls are no longer effective during the roll-forward period. When inquiry is not sufficient, the additional evidence to cover the roll-forward period cannot be inferred from the absence of misstatements detected by substantive procedures.

Using the work of others

Inspections staff have identified situations in which firms used the work of others, such as internal audit, who performed tests of controls without establishing a sufficient basis for using that work. PCAOB standards provide that the extent to which the work of others can be used, as well as the extent of the auditor’s evaluation of the others’ work, depends on the risk associated with the control being tested; and the competence and objectivity of the persons whose work the auditor plans to use.

The alert also offers a reminder that when using the work of others that provide direct assistance, the auditor should supervise that work, including reviewing, testing, and evaluating the work.

Evaluating identified control deficiencies

Inspections staff have observed instances in which firms failed to sufficiently evaluate the severity of identified control deficiencies, including failures to do the following:

• Sufficiently evaluate whether audit adjustments and exceptions identified from substantive procedures were indicators of the existence of control deficiencies
• Consider all of the relevant risk factors that should have affected the determination of whether there was a reasonable possibility that a deficiency, or a combination of deficiencies, could result in a material misstatement
• Consider all of the relevant factors that should have affected the determination of the magnitude of potential misstatements
• Sufficiently evaluate compensating controls, including identifying and testing those controls and determining whether they operated at a level of precision that would prevent or detect a material misstatement

Additionally, control deficiencies might be identified during the audit of the financial statements as well as the audit of internal control. PCAOB standards require auditors to evaluate the effect of the findings of the substantive procedures performed in the financial statement audit on the effectiveness of internal control.

The alert points out that evaluating whether a control deficiency, or a combination of control deficiencies, results in a material weakness requires professional skepticism and careful analysis. Auditors who perform a cursory evaluation of deficiencies might reach premature conclusions without appropriately considering critical information, such as considering only the amount of identified misstatements, without evaluating the potential exposure; or assessing deficiencies in isolation, without considering other deficiencies in combination.

Because of the nature and importance of the matters covered in this alert, the engagement partner and senior engagement team members should focus on the aforementioned areas, and engagement quality reviewers should keep these matters in mind when performing their engagement quality reviews. Auditing firms also should consider whether additional training of their auditing personnel is needed.

Staff Audit Practice Alert No. 10, Maintaining and Applying Professional Skepticism in Audits

Staff Audit Practice Alert No. 10 was issued in 2012. Based on its observations from oversight activities, the PCAOB has observed that certain circumstances can impede the application of professional skepticism and allow unconscious biases to occur, including incentives and pressures from inherent conditions in the audit environment, scheduling and workload demands, or an inappropriate level of confidence or trust in management. This staff alert provides guidance on the requirement to appropriately apply professional skepticism throughout the audit.

Professional skepticism and due professional care

Professional skepticism is defined as an attitude that includes a questioning mind and a critical assessment of audit evidence, and is essential to the performance of effective audits under PCAOB standards. The auditor is also required, under PCAOB standards, to exercise due professional care in planning and performing the audit and in preparing the audit report, and due professional care requires the exercising of professional skepticism. Professional skepticism is particularly important in audit areas that involve significant management judgments or transactions outside the normal course of business.

Applying professional skepticism is also important when planning and performing audit procedures to address fraud risks. The auditor should not be satisfied with less than persuasive evidence because of a belief that management is honest. When applying professional skepticism in response to assessed fraud risks, auditors may modify the planned audit procedures to obtain more reliable evidence regarding relevant assertions, or obtain sufficient appropriate evidence to corroborate management’s explanations or representations, such as through third-party confirmation, use of a specialist engaged or employed by the auditor, or examination of documentation from independent sources.

The alert also cites certain specific instances in which PCAOB inspectors and enforcement officials found that auditors did not appropriately apply professional skepticism.

Impediments to the application of professional skepticism

Incentives and pressures to build or maintain a long-term audit engagement, avoid conflicts with management, provide an unqualified audit opinion prior to the filing deadline, achieve high client satisfaction, keep audit costs low, or cross-sell other services can all undermine the application of professional skepticism. Furthermore, over time, auditors may develop an inappropriate level of trust in management. In addition, scheduling and workload demands can put pressure on engagement teams to complete their work too quickly.

Promoting professional skepticism via an appropriate system of quality control

Firms’ quality control systems can help engagement teams improve the application of professional skepticism, including the following:

• Tone-at-the-top messaging. Consistent communication from firm leadership that professional skepticism is critical to performing a high-quality audit, coupled with a firm culture that supports such messaging.
• Performance appraisal, promotion, and compensation processes. For example, if a firm’s promotion process emphasizes selling non-audit services, or if a firm places too much focus on reducing audit costs, or retaining or acquiring audit clients over achieving high audit quality, the firm’s personnel may perceive those goals as being more important than the application of professional skepticism.
• Professional competence and assigning personnel to engagement teams. To perform an audit with professional skepticism, engagement teams need to have the requisite knowledge, skill, and ability, which include appropriate technical training and experience.
• Documentation. A firm’s quality control system needs to establish policies and procedures that cover documenting the auditor’s final conclusions on the engagement. Documentation should support the basis for the auditor’s conclusions regarding every relevant financial statement assertion, but areas that require greater judgment generally need more extensive documentation. Audit documentation must also include information that the auditor has identified relating to significant findings or issues that is inconsistent with or contradicts the auditor’s final conclusions.
• Monitoring. A firm should monitor its quality control policies and procedures to ensure that they are suitably designed and being effectively applied. If the firm identifies deficiencies, the firm should evaluate the reasons for the deficiencies and determine the necessary corrective actions or improvements.

Importance of supervision to the application of professional skepticism

The engagement partner is responsible for setting an appropriate tone that emphasizes the need for the engagement team to maintain a questioning mind throughout the audit and to exercise professional skepticism in gathering and evaluating evidence. It is also important for the engagement partner and other senior engagement team members to be actively involved in planning, directing, and reviewing the work of engagement team members. In directing the work of others, senior engagement team members, including the engagement partner, may possess knowledge and experience that may assist less experienced engagement team members in applying professional skepticism.

Appropriate application of professional skepticism

It is ultimately the responsibility of each individual auditor to appropriately apply professional skepticism, including the following areas:

Identifying and assessing risks of material misstatement

The risk assessment approach set out in the PCAOB standards is intended to focus auditors’ attention on those areas of the financial statements that are higher risk and therefore most susceptible to misstatement. This includes considering events and conditions that create incentives or pressures on management or create opportunities for management to manipulate the financial statements. The evidence obtained from the required risk assessment procedures should provide a reasonable basis for the auditor’s risk assessments, which then should drive the auditor’s tests of accounts and disclosures in the financial statements.

The risk assessment procedures required by PCAOB standards also should provide the auditor with a thorough understanding of the company and its environment, to help identify unusual transactions or matters that warrant further investigation, and to provide a basis for the auditor to evaluate and challenge management’s assertions.

Performing tests of controls and substantive procedures

In higher risk areas, the auditor’s appropriate application of professional skepticism should result in procedures that are focused on obtaining evidence that is more relevant and reliable, such as evidence obtained directly and evidence obtained from independent, knowledgeable sources. If audit evidence obtained from one source is inconsistent with other audit evidence, the auditor should perform the audit procedures necessary to resolve the matter and determine the effect, if any, on other aspects of the audit.

The alert lists the following examples of audit procedures that reflect the need for professional skepticism:

• Resolving inconsistencies in or doubts about the reliability of confirmations
• Examining journal entries and other adjustments for evidence of possible material misstatement due to fraud
• Reviewing accounting estimates for biases that could lead to material misstatement due to fraud
• Evaluating the business rationale for significant unusual transactions
• Evaluating whether there is substantial doubt about an entity’s ability to continue as a going concern

Evaluating audit results to form the opinion to be expressed in the audit report

In determining whether the financial statements are materially misstated, the auditor should take into account all relevant audit evidence, regardless of whether the evidence corroborates or contradicts the assertions in the financial statements. Areas that reflect the need for the auditor to apply professional skepticism include the following:

• Evaluating uncorrected misstatements. This includes evaluating whether the uncorrected misstatements identified during the audit result in material misstatement, individually or in combination, considering both qualitative and quantitative factors.
• Evaluating management bias. This includes evaluating potential bias in accounting estimates, bias in the selection and application of accounting principles, the selective correction of identified misstatements, and identification by management of additional adjusting entries that offset misstatements identified by the auditor.
• Evaluating the presentation of the financial statements. This includes evaluating whether the financial statements contain the information necessary for a fair presentation of the financial statements in conformity with the applicable financial reporting framework.

Staff Audit Practice Alert No. 9, Assessing and Responding to Risk in the Current Economic Environment

Staff Audit Practice Alert No. 9 was issued in 2011 and expands the guidance provided in Staff Audit Practice Alert No. 3, Audit Considerations in the Current Economic Environment. Although many of the risks discussed in Staff Audit Practice Alert No. 3 are still relevant, Practice Alert No. 9 highlights the PCAOB risk standards as they relate to the economic environment.

Considering the effect of economic conditions on the audit

Changing economic conditions may require the auditor to reassess the appropriateness of the planned audit strategy, materiality levels, risk assessments, and planned audit responses.

Audit planning and materiality considerations. The nature and extent of planning activities depend in part on any changes in circumstances that occur during the audit. For example, in an audit with operations in multiple locations, changes in regional economic conditions might affect the associated risks in those locations, which could in turn affect the locations selected for testing or the extent of testing at selected locations. Changing economic conditions may also require the auditor to re-evaluate materiality if materiality was initially established using estimated or preliminary financial information.

Risk assessment. Examples of risk assessment procedures that may provide particularly relevant information in identifying and assessing the risks of material misstatement in the current economic environment include

• reading public information about the effect of the current economic environment on the company, such as analyst reports and press releases;
• obtaining an understanding of the company’s performance measures;
• obtaining an understanding of a company’s current and prospective financing requirements; and
• performing analytical procedures designed to enhance the auditor’s understanding of the client’s business and the significant transactions and events that have occurred since the prior year-end and identify areas that might represent specific risks relevant to the audit.

Further, the auditor should evaluate whether the prior years’ information remains relevant and reliable in a changing economic environment. For example, when performing an analytical procedure in the current economic environment, prior-period financial information may not be appropriate to use in developing an expectation.

Communication among engagement team members about significant matters affecting the risks of material misstatement are to continue throughout the audit, and such communication is particularly important when conditions change. For instance, the results of the brainstorming discussion among the key engagement team members about how and where they believe the company’s financial statements might be susceptible to material misstatement due to fraud may need to be updated to reflect additional fraud risks.

Identifying fraud risks and other significant risks. In identifying and assessing risks of material misstatement, the auditor should determine whether any risks are significant risks. One of the factors that should be evaluated in determining which risks are significant is whether the risk is related to recent significant economic developments. Accordingly, risks of material misstatement that may be particularly susceptible to changes in the economic environment are to be evaluated in this context.

Planned audit response. As the assessed risks of material misstatement change during an audit, corresponding changes to the planned audit response may be necessary. Depending on the circumstances, the changes may be pervasive, as might be the case with respect to the valuation of significant accounts at year-end, because of a high degree of volatility in market conditions. In addition, volatile market conditions could make substantive analytical procedures less effective, because such an environment negatively affects the plausibility and predictability of relationships among financial and nonfinancial data.

Auditing fair value measurements and estimates

When testing management’s process for determining fair value measurements or estimates, the auditor should perform procedures commensurate with the related risk, including considering whether significant assumptions such as the following are supported by the available evidence:

• Significant assumptions that are based on past experience may not reflect current market information or be representative of expected future conditions.
• Reductions in forecasts of macro-economic growth or extended periods of low interest rates may affect important assumptions that underlie certain estimates.
• Uncertainty regarding the value of certain types of collateral or increasing counterparty risk may affect the valuation of financial instruments.
• Additional risks, such as the possibility of a sovereign default or currency volatility, could add increased complexity in determining ultimate collectability of sales or the appropriateness of significant assumptions used in fair value calculations.
• An active market may not exist for certain financial instruments, which may result in complex valuation methods.

Audit evidence consists not only of information that supports management’s assertions, but also information that may contradict such assertions.

Bias in accounting estimates. The auditor should evaluate whether differences between estimates best supported by the audit evidence and estimates included in the financial statements, which are individually reasonable, indicate a possible bias. For example, a lack of consistency in assumptions used to support different assumptions used in the goodwill impairment test that are inconsistent with revenue assumptions used to accrue discretionary compensation might be indicative of management bias.

If the auditor identifies bias in management’s judgments, the auditor should evaluate whether the effect of that bias, together with the effect of uncorrected misstatements, results in material misstatement. The auditor should also evaluate whether the initial risk assessments remain appropriate.

Consideration of changes to accounting standards. Since the issuance of Staff Audit Practice Alert No. 3, certain accounting requirements have been amended. In particular, Practice Alert No. 9 emphasizes FASB Accounting Standards Codification (ASC) 350, Testing Goodwill for Impairment, which allows companies to first assess qualitative factors to determine whether it is more likely than not that the fair value of a reporting unit is less than its carrying value as a basis for determining whether it is necessary to perform the two-step goodwill impairment test. When the auditor reviews and tests a company’s process for assessing such qualitative factors, considerations should include

• identifying the sources of data and factors that the company used in forming the assumptions, and consideration of whether such data and factors are reliable, relevant, and sufficient;
• considering whether there are additional key factors or alternative assumptions about the factors;
• evaluating whether the assumptions are consistent with one another, the supporting data, relevant historical data, and industry data; and
• considering whether changes in the business or industry may cause other factors to become significant to the assumptions.

The auditor’s consideration of a company’s ability to continue as a going concern

If the auditor believes there is substantial doubt about the company’s ability to continue as a going concern for a reasonable period of time, the auditor should (1) obtain information about management’s plans that are intended to mitigate the effect of such conditions or events, and (2) assess the likelihood that such plans can be effectively implemented. For example, if management is relying on a significant shareholder’s pledge of financial support, consideration should be given to the effect of current economic conditions on the shareholder’s ability to provide such funding. Another important consideration in the current economic environment is the willingness of a third party to continue to provide financial support.

When prospective financial information is particularly significant to management’s plans, the auditor should request management to provide that information. In considering the adequacy of support for significant assumptions underlying that information, the auditor should consider whether the assumptions are consistent with current economic conditions.

Auditing financial statement disclosures

The alert explains that to identify and assess the risk of omitted, incomplete, or inaccurate disclosure, the auditor should develop expectations about the disclosures that are necessary for the company’s financial statements to be presented fairly. Further, key engagement team members should discuss (1) the company’s selection and application of accounting principles, including disclosures, (2) the susceptibility of the financial statements to material misstatement due to error or fraud, and (3) how fraud might be perpetrated or concealed by omitting or presenting incomplete or inaccurate disclosures.

When evaluating whether the financial statements are fairly presented, the newly effective risk standards require the auditor to evaluate the disclosures, including, among other things, (1) evaluating whether the financial statements and disclosures are informative of matters that may affect their use, understanding, and interpretation, and (2) considering whether the form, arrangement, and content of the financial statements and disclosures are appropriate, encompassing matters such as the terminology used, the amount of detail given, the classification of items in the statements, and the bases of amounts set forth.

Evaluation of disclosures also involves evaluation of the effect on the financial statements of uncorrected misstatements in disclosures, such as omitted, incomplete, or inaccurate disclosures. In this regard, qualitative considerations are particularly important when evaluating misstatements that are more narrative in nature, such as those relating to risks and uncertainties or loss contingencies where an estimate has not yet been disclosed.

Staff Audit Practice Alert No. 8, Audit Risks in Certain Emerging Markets

Staff Audit Practice Alert No. 8 provides guidance on risks of misstatement due to fraud that auditors may encounter in audits of companies with operations in emerging markets, and the responsibilities of auditors to address those risks.

Identifying and assessing fraud risk factors

Fraud risks may arise from internal or external factors. For this reason, the auditor obtains an understanding of the company and its environment as part of the risk assessment process and determines whether one or more fraud risk factors are present. This understanding includes the following, for example:

• The relevant industry and regulatory factors, including the legal and political environment
• The company’s objectives, strategies, and related business risks; its organizational structure; and sources of funding of the company’s operations
• The company’s significant investments, including equity method investments, joint ventures, and variable interest entities
• The sources of the company’s earnings, including the profitability of key products and services
• The company’s key supplier and customer relationships

In addition to the incentives, pressures, and opportunities usually considered in audits of public companies, the alert reminds the auditor to consider any unique characteristics of the emerging market company or its environment that might result in specific fraud risks. For example, a company in an emerging market might have a dominant presence because it is the single largest employer in a region, or it may exercise control over raw materials on which other companies in the region depend. Further, the company’s management may have strong ties with the local or state government. In such circumstances,

• management might dictate terms or conditions to local suppliers or customers, which might result in non-arm’s length transactions;
• management might pressure personnel of local banks or other third parties to provide fraudulent information; or
• company employees might not be willing to report instances of frauds for cultural reasons or fear of retribution.

Further, a company in an emerging market might be created as a spin-off from a larger private or state- owned entity, such that the operating components of the larger entity may be among the company’s largest suppliers or customers. In certain instances, the same individual or group that controls the company might also control the company’s suppliers and customers. Such situations might provide opportunities for management to enter into undisclosed side agreements with related parties or collude to create false documentation to support fictitious transactions.

Performing audit procedures to respond to fraud risks

Auditors are required to design and implement audit responses to address identified and assessed fraud risks. Further, we are required to perform substantive procedures that are responsive to the assessed fraud risks, including procedures to address the risk of management override of controls.

Other matters that affect fraud risk

PCAOB standards require the auditor to evaluate whether the accumulated results of auditing procedures and other observations affect the assessment of the fraud risks made throughout the audit and whether the audit procedures need to be modified to respond to those risks. Matters indicating a heightened risk of fraud may include

• inconsistent, vague, or implausible responses from management; conflicting or missing evidence; and
• attempts by management to control the audit process by limiting the auditor’s access to sources of
• audit evidence, such as the company’s personnel or third parties.

Restrictions on the scope of the audit imposed by the company’s management or by circumstances, such as the inability to obtain sufficient appropriate audit evidence or an inadequacy in the accounting records, may require the auditor to qualify the audit opinion or to disclaim an opinion.

Other considerations

Staff Audit Practice Alert No. 7, Auditor Considerations of Litigation and Other Contingencies Arising from Mortgage and Other Loan Activities

Staff Audit Practice Alert No. 7 was issued in response to allegations that surfaced in the fall of 2010 that banks may have misrepresented the quality of mortgages sold, and that those banks could be required to repurchase the affected mortgages. The alert advises auditors that the possible risks associated with mortgage and foreclosure-related activities could have audit implications, such as accounting for litigation or other loss contingencies and related disclosures.

Auditing litigation, claims, and assessments

The alert emphasizes certain requirements of AS 2505, Inquiry of a Client’s Lawyer Concerning Litigation, Claims, and Assessments. This standard states that in order to identify litigation, claims, and assessments, and to become satisfied with the accounting and reporting of such matters, the auditor should gather audit evidence relevant to the following factors:

• The existence of a condition, situation, or set of circumstances indicating an uncertainty as to the possible loss to an entity arising from litigation, claims, and assessments
• The period in which the underlying cause for legal action occurred
• The degree of probability of an unfavorable outcome
• The amount or range of potential loss

AS 2505 also explains that audit procedures undertaken for other purposes (such as reading minutes of board meetings, or inspecting contracts or loan agreements) may identify litigation, claims, or assessments. The alert further reminds auditors to obtain a letter from the client’s lawyer to help corroborate the information provided by management regarding litigation, claims, and assessments.

Auditing accounting estimates

Often, companies involved in mortgage and foreclosure-related activities estimate and accrue amounts for other than legal contingencies. This alert reminds auditors that AS 2501, Auditing Accounting Estimates, establishes requirements regarding obtaining and evaluating audit evidence for these other accounting estimates such as those related to various representations and warranties. For example, the auditor should consider the company’s experience in making accounting estimates in past periods, as well as the auditor’s relevant industry experience; however, changes in facts, circumstances, or a company’s procedures may cause factors other than those considered in the past to become significant to the accounting estimate.

According to AS 2501, when evaluating the reasonableness of the company’s accounting estimates, the auditor should consider the subjective and objective factors included in the estimate. When considering the reasonableness of estimates relating to mortgage loan repurchase losses, this alert points out that these factors may include estimated levels of defects based on the company’s review or experience, default expectations, investor repurchase demand, or appeal success rates.

Evaluating financial statement presentation and disclosure

FASB ASC 450-20 requires that when a loss is not both probable and estimable, an accrual is not recorded, but disclosure is required when there is a reasonable possibility that a loss or an additional loss has been incurred. Companies involved in mortgage and foreclosure-related activities may need to include new disclosures or expand existing disclosures regarding litigation and other contingencies or estimates. The alert states that companies that sold or securitized loans, but that may not have complied with representations and warranties, may be forced to repurchase such loans. These companies may need to disclose or enhance their existing disclosures regarding their potential exposures.

In addition, the alert points out that auditors should read the other information accompanying the interim and annual financial statements contained in reports filed with the SEC, including the Management’s Discussion and Analysis of Financial Condition and Results of Operations sections of annual reports and other filings, to assess whether this information or manner of its presentation is materially inconsistent with the financial statements or audit report.

Communication with audit committees

Auditors have a responsibility to communicate with the audit committee regarding management estimates. Other communication with the audit committee includes the clarity and completeness of the company’s financial statements, which include related disclosures and a discussion of items that significantly affect the accounting information included in the financial statements. The alert states that in appropriate circumstances, this discussion would include the auditor’s view on disclosures relating to representations and warranties that were made in connection with securitization activities.

Reviewing interim financial information

AS 4105, Review of Interim Financial Information, requires the auditor to make inquiries regarding unusual or complex situations that may have an effect on the interim information, such as changes in estimated loss contingencies, or trends and developments affecting accounting estimates. If the auditor believes that the interim financial information may not be in conformity with generally accepted accounting principles in all material respects, this alert reminds the auditor to make additional inquiries or perform other procedures to determine whether any material modifications should be made to the interim financial information. AS 4105 provides additional requirements when the auditor believes that a material modification should be made to the interim financial information.

Ongoing audit considerations

If the potential risks associated with mortgage and foreclosure-related activities or exposures change significantly during the audit, auditors should modify the overall audit strategy and the audit plan as needed. As an example, the alert cautions auditors to consider how documentation issues in the loan origination process at a bank may affect the auditors’ initial risk assessment, overall audit strategy, and the audit plan. The alert also warns that an increase in the volume of foreclosures or loan repurchases could affect the risks associated with related controls.

Attestation reports on assessments of compliance with servicing criteria

Section 1122 of the SEC’s Regulation AB requires an attestation report by a registered public accounting firm on a servicer’s assessment of compliance with servicing criteria. These criteria include (1) maintaining collateral or security on pool assets as required by the transaction agreements, and (2) initiating, conducting, and concluding loss mitigation or recovery actions as required by the transaction agreements.

In adopting Regulation AB, the SEC provided that PCAOB AT section 601, Compliance Attestation, applies to the preparation of these attest reports and generally requires that, in assessing whether the servicer has complied with the criteria, an auditor should consider risk factors similar to those of a financial statement audit, as well as factors relevant to the compliance engagement. The alert states that, for example, the auditor should consider whether the servicer or its parent has identified noncompliance as part of an internal investigation, internal audit, or other compliance review.

Staff Audit Practice Alert No. 6, Auditor Considerations Regarding Using the Work of Other Auditors and Engaging Assistants from Outside the Firm

In 2010, the PCAOB issued Staff Audit Practice Alert No. 6. The board’s inspection staff observed certain situations whereby it seemed that U.S. registered public accounting firms had all or most of the audit performed by another firm or by assistants engaged from outside the firm (including firms and assistants located in another country) without complying with PCAOB standards applicable to using the work and reports of another auditor and supervising assistants. Prompted by those observations, Alert No. 6 was issued as a reminder to registered firms concerning a firm’s responsibilities when using the work of other firms or using assistants from outside the firm.

Using the work of other auditors

The alert reminds auditors that AS 1205, Part of Audit Performed by Other Independent Auditors, does not allow an auditor to take responsibility for the work of another auditor that has essentially audited an issuer’s financial statements in their entirety, even if the firm complies with the other requirements in AS 1205. AS 1205 also does not apply to the use of another auditor’s work if that work is anything other than an audit of the financial statements of one or more subsidiaries, divisions, branches, components, or investments of the issuer.

Additionally, a firm can serve as principal auditor only when the firm’s own participation in the audit is sufficient. In determining the sufficiency of its participation in the audit, the firm should consider, among other things, the materiality of the portion of the financial statements the firm audited, the extent of the auditor’s knowledge of the overall financial statements, and the importance of the components that the firm audited. The alert emphasizes that if an issuer has no significant domestically located operations, a registered public accounting firm that does not play a significant part in the audit of the foreign operations is highly unlikely to be able to serve as the issuer’s principal auditor. A lack of sufficient participation cannot be overcome by using the work of the other auditor, even if the firm assumes responsibility for that work.

When AS 1205 applies and the firm can serve as principal auditor, the following requirements of AS 1205 must be performed by the principal auditor:

• The principal auditor must decide whether to express an opinion on the financial statements taken as a whole without making reference to the audit of the other auditor (thereby assuming responsibility for the other auditor’s work) or to make reference to the audit of the other auditor.
• The principal auditor should make inquiries regarding the professional reputation and independence of the other auditor, and properly review matters affecting the consolidating or combining of accounts in the financial statements.
• If the principal auditor assumes responsibility for the work of the other auditor, the principal auditor must obtain and review certain specific information from the other auditor, and should also consider (1) visiting the other auditor and discussing the results of audit procedures performed; (2) reviewing the audit programs of the other auditor and issuing instructions to the other auditor as to the scope of the audit work; and/or (3) reviewing additional audit documentation of the other auditor relating to significant findings or issues in the engagement completion document.

If the principal auditor has substantial doubt about any financial statement assertion of material significance, the principal auditor should perform additional procedures to obtain sufficient competent evidence, including participating in discussions regarding the accounts with management personnel or making supplemental tests of such accounts, or both. If sufficient competent evidence cannot be obtained, the principal auditor must express a qualified opinion or disclaim an opinion.

The alert also points out that the principal auditor cannot omit the procedures outlined in AS 1205 because of language differences, nor satisfy those requirements by simply referencing to documents that the principal auditor does not understand.

Engaging assistants from outside the firm

According to the alert, some key factors to consider in determining the appropriate extent of the firm’s involvement in audit work performed by assistants engaged from outside the firm (including planning, performing, and supervising the audit work) include the following:

• Whether the auditor is able to obtain information about the knowledge, skill, and ability of the assistants engaged from outside the firm (including their knowledge of PCAOB standards and the relevant financial reporting requirements). Ordinarily, a higher-risk engagement requires the assignment of more experienced personnel with specialized skills and knowledge.
• Whether the auditor would be able to evaluate the independence of the assistants engaged from outside the firm.
• Whether the auditor would be able to properly plan, supervise, and review the work of the assistants engaged from outside the firm.
• Whether the procedures performed by such assistants, in combination with the work performed by firm personnel, would provide sufficient competent evidential matter to form a reasonable basis for an audit opinion.
• Whether assistants engaged from outside the firm are located in the same country or speak the same language as the auditor or the auditor’s client.
• Whether the auditor would be able to comply with the requirements of AS 1215, Audit Documentation, with respect to the work performed by the assistants engaged from outside the firm.

The alert also includes a reminder that the engagement quality reviewer should evaluate the significant judgments made by the engagement team and the related conclusions reached in forming the overall conclusion on the engagement. The engagement quality reviewer should fulfill this responsibility by reviewing the engagement completion document and confirming with the engagement partner that there are no significant unresolved matters. The firm may permit the client to use the audit report only after the engagement quality reviewer provides concurring approval of issuance.

Staff Audit Practice Alert No. 5, Auditor Considerations Regarding Significant Unusual Transactions

The PCAOB issued Staff Audit Practice Alert No. 5 in 2010 to highlight certain areas as described in the following sections regarding auditor responsibilities with respect to significant transactions. The alert provides guidance to auditors when assessing and responding to risks of material misstatement associated with significant transactions during reviews of interim financial information and annual audits.

Identifying and assessing risks of material misstatement

The auditor should gain an understanding of the nature of the company’s business, its organization, and its operating characteristics, including the types of products and services the company offers. The auditor should also consider matters affecting the company’s industry, such as the industry’s accounting practices, competitive conditions, and financial trends and ratios. The auditor should then consider whether such information about the company and its industry is indicative of one or more fraud risk factors, including significant unusual transactions.

The alert also emphasizes that one of the objectives in performing preliminary analytical review procedures is to identify significant unusual transactions, and auditors should consider the results of these procedures when identifying the risks of material misstatement due to fraud.

Further, when performing an audit of internal control over financial reporting, auditors should evaluate (1) whether the company’s controls (including controls over significant unusual transactions, particularly those that result in late or unusual journal entries) sufficiently address the risks of material misstatement due to fraud, and (2) whether controls to address the risk of management override of other controls are appropriately designed and implemented and, where controls are tested, operate effectively.

Responding to risks of material misstatement

The alert reminds the auditor that he or she should consider any identified significant risks of material misstatement in determining the nature, timing, and extent of audit procedures; assigning staff; or requiring appropriate levels of supervision. The alert also emphasizes the importance of professional skepticism when considering the risk of material misstatement due to fraud associated with significant unusual transactions.

As part of the overall responses to the risks of material misstatement due to fraud, auditors should consider management’s selection and application of significant accounting principles, including those related to significant unusual transactions. Auditors should also consider whether the collective application of accounting policies indicates a bias on the part of management that could result in a material misstatement. When examining journal entries and other adjustments for evidence of possible material misstatement due to fraud, the auditor should bear in mind that inappropriate entries or adjustments may be applied to accounts that contain significant unusual transactions. The auditor should also evaluate whether analytical procedures performed at the end of the audit reveal a previously unidentified risk of material misstatement resulting from significant unusual transactions.

In evaluating whether significant unusual transactions are the result of fraud or misappropriation of assets, auditors should consider whether the following circumstances exist:

• The transaction is overly complex.
• Management has discussed the transaction with the audit committee or board.
• Management is emphasizing a particular accounting treatment instead of focusing on the underlying economics.
• Transactions with unconsolidated related parties (including special purpose entities) have been approved by the audit committee or board.
• The transactions involve previously unidentified related parties or parties that do not have the financial strength and substance to support the transaction.

If the company has entered into a significant unusual transaction and there is a high combined level of inherent and control risk, the auditor should consider confirming the terms and amounts of the transaction with the other parties.

Further, significant findings or issues, including significant unusual transactions, must be documented in an engagement completion document, which should be reviewed by the engagement quality reviewer. The engagement quality reviewer should also evaluate whether (1) appropriate consultations have taken place on difficult or contentious matters, and review the documentation of such consultations, and (1) appropriate matters have been communicated, or identified for communication, to the audit committee, management, and other parties, such as regulatory bodies.

Consulting others

Alert No. 5 points out that consultation with others may be appropriate when considering significant unusual transactions. Such consultation may be with persons within or outside the firm, assuming they have appropriate levels of knowledge, competence, judgment, and authority.

Evaluating financial statement presentation and disclosure

Auditor judgment concerning the “fairness” of the overall presentation of financial statements are applied within the framework of generally accepted accounting principles, which recognizes the importance of reporting transactions and events in accordance with their substance. As such, auditors should consider whether the substance of significant unusual transactions differ materially from their form.

The presentation of financial statements in conformity with generally accepted accounting principles also includes adequate disclosure of material matters. If management omits from the financial statements, or accompanying notes, information that is required by generally accepted accounting principles, the auditor should determine the effect on the audit report.

In addition, the auditor should read the other information accompanying the interim and annual financial statements contained in reports filed with the SEC, such as the Management’s Discussion and Analysis of Financial Condition and Results of Operations section of annual reports and other filings, which may contain discussion of significant unusual transactions. The auditor should consider whether that information or the manner of its presentation is materially inconsistent with the financial statements. If the auditor concludes that there is a material inconsistency or a material misstatement of fact, the auditor should determine whether the financial statements, the audit report, or both require revision. If the auditor concludes that the financial statements or audit report do not require revision, the auditor should request the company to revise the other information.

Communicating with audit committees

The alert emphasizes that auditors are to communicate with the audit committee regarding the methods used to account for significant unusual transactions. In addition, the alert highlights the need for auditors to discuss with the audit committee judgments about the quality, not just the acceptability, of the company’s accounting principles applied in its financial reporting.

Reviewing interim financial information

During a review of interim financial information, the auditor should make inquiries of members of management who have responsibility for financial and accounting matters about, among other things, significant unusual transactions that may affect the interim financial information, and significant unusual transactions occurring or recognized in the last several days of the interim period. If the auditor becomes aware of information that leads him or her to believe that the interim financial information may not be in conformity with generally accepted accounting principles in all material respects, the auditor should make additional inquiries or perform other procedures to provide a basis for communicating whether he or she is aware of any material modifications that should be made to the interim financial information.

If significant unusual transactions have been identified during a review of interim financial information, the auditor should communicate such matters to the audit committee, or determine that such matters have been communicated to the audit committee by management.

Staff Audit Practice Alert No. 4, Auditor Considerations Regarding Fair Value Measurements, Disclosures, and Other-Than-Temporary Impairments

Staff Audit Practice Alert No. 4, issued in 2009, provides guidance for annual audits and reviews of interim financial information in light of the guidance issued by the FASB regarding Fair Value Measurements.

Audits of financial statements, including integrated audits

In performing procedures under AS 2502, Auditing Fair Value Measurements and Disclosures, the auditor is required to, among other things, obtain an understanding of the company’s process for determining fair value measurements and disclosures and of the controls associated with fair value measurements. Based on the auditor’s assessment of the risk of material misstatement, the auditor should test the entity’s fair value measurements and disclosures. The auditor’s substantive tests of the fair value measurements may involve (a) testing management’s significant assumptions, the valuation model, and the underlying data, (b) developing independent fair value estimates for corroborative purposes, or (c) reviewing subsequent events and transactions.

The auditor is also required to evaluate a company’s conclusions about the need to recognize an impairment loss. When a company has recognized an impairment loss, the auditor should obtain evidence supporting the impairment adjustment recorded and determine whether the impairment adjustment is in accordance with GAAP.

Disclosures

In addition, the auditor should read the other information accompanying the interim and annual financial statements contained in reports filed with the SEC. The auditor should consider whether such information is materially inconsistent with the financial statements. If the auditor concludes that there is a material inconsistency, or becomes aware of information that he or she believes is a material misstatement of fact, the auditor should determine if the financial statements, the audit report, or both should be revised. If the auditor concludes that no revision is necessary in the financial statements or audit report, the auditor should request the company to revise the other information.

Staff Audit Practice Alert No. 3, Audit Considerations in the Current Economic Environment

Staff Audit Practice Alert No. 3 assists auditors in identifying matters related to the economic environment that might affect audit risk and require additional emphasis. The alert highlights certain areas only and is not intended to identify all areas that might affect audit risk in the economic environment or serve as a substitute for the relevant auditing standards. All audits of issuers must be conducted in accordance with the standards of the PCAOB. The practice alert is organized into the following six sections:

• Overall audit considerations
• Auditing fair value measurements
• Auditing accounting estimates
• Auditing the adequacy of disclosures
• Auditor’s consideration of going concern matters
• Additional audit considerations for selected financial reporting areas

Overall audit considerations

This section describes how the economic environment could have an effect on the overall audit considerations related to planning, fraud, internal controls, substantive procedures, and communications with audit committees.

Planning. With respect to planning, the alert reminds auditors that as the audit progresses, planned audit procedures may need to be modified based on a reassessment of audit risks as a result of an updated understanding about how recent economic conditions may affect a company’s financial reporting. Consideration of these matters assists the auditor in the following ways:

• Identifying areas that may need special consideration
• Assessing conditions under which accounting data are produced, processed, reviewed, and accumulated within the company
• Evaluating the reasonableness of estimates, such as valuation of inventories, depreciation, allowances for doubtful accounts, and percentage of completion of long-term contracts
• Evaluating the reasonableness of management representations
• Making judgments about the appropriateness of the accounting principles applied and the adequacy of disclosures

The alert emphasizes that as a result of a higher risk assessment, the auditor may consider altering the nature, timing, or extent of procedures such that the extent of procedures applied is expanded, procedures are performed closer to period end, or the nature of procedures are modified to obtain more persuasive evidence. Similarly, in an audit of ICFR, to address any increased risk that a material weakness could exist, the amount of audit attention to higher risk areas will be necessary.

Fraud. The risk of misstatement due to fraud is another area that may be affected by the economic environment. The auditor’s assessment of this risk and the contributing factors should be ongoing throughout the audit. Examples of risk factors presented in the alert include the following:

• Incentives and pressures
  • Financial stability or profitability is threatened.
  • Excessive pressure exists for management to meet requirements or expectations of third parties.
  • Poor company performance threatens management or board of directors’ personal financial situation.
  • Excessive pressure on management or operating personnel to meet financial targets.
• Opportunities
  • Nature of industry or company operations provides opportunity.
  • Ineffective monitoring of management.
  • Complex or unstable organizational structure.
  • Deficiencies in internal control components.

Additionally, as set out in AS 2401, Consideration of Fraud in a Financial Statement Audit, auditors should ordinarily presume that there is a risk of material misstatement relating to revenue recognition.

To respond to the risks of material misstatement due to fraud, the alert summarizes guidance from AS 2401 and sets out three ways to respond:

• An overall response. This type of response has an overall effect on how an audit is conducted. For example, the knowledge, skill, and ability of personnel assigned to an engagement or portion thereof should be commensurate with the degree of risk of material misstatement due to fraud. Other overall response considerations include the incorporation of an element of unpredictability into the selection of auditing procedures performed from year to year, and an assessment of the appropriateness of management’s selection and application of significant accounting principles, particularly those related to subjective measurements and complex transactions.
• A response to identified risks. This type of response involves altering the nature, timing, and extent of procedures to be performed, which may include both substantive tests and tests of the operating effectiveness of controls.
• Specific response to the risk of management override of controls. To address this risk, the alert summarizes guidance from AS 2401, which directs the auditor to examine journal entries and other adjustments for evidence of possible material misstatement due to fraud. Further, the auditor is directed to review accounting estimates for bias and evaluate the business rationale for significant unusual transactions.

Internal control considerations. Areas where additional attention may be required are presented in the staff alert. These include the company’s entity-level controls (specifically those related to the control environment and the company’s risk assessment process) and those controls related to certain significant accounts, disclosures, and relevant assertions, such as those over the development of inputs and assumptions for valuation matters, asset recoverability or impairment, and the use of external specialists, to name a few of the more significant controls. Further, the loss of employees integral to the operation of controls is another consideration described that should be considered in assessing the risk that deficiencies in internal control may exist. This includes consideration of the adequacy of segregation of duties and monitoring controls.

Controls intended to address the risk of material misstatement due to fraud and management override of controls include the following:

• Controls over significant, unusual transactions, particularly those that result in late or unusual journal entries
• Controls over journal entries and adjustments made in the period-end financial reporting process
• Controls over related party transactions
• Controls related to significant management estimates
• Controls that might mitigate incentives for, and pressures on, management to falsify or inappropriately manage financial results

Effect on substantive procedures. Examples of modifications to planned substantive procedures as a result of deteriorating conditions in the environment are presented in the alert and include the following:

• Changing the nature of substantive tests, such as directing tests toward independent parties outside the company rather than using internally generated documentation
• Changing the timing of procedures so that they are closer to year-end
• Changing the extent of testing by using larger sample sizes

Communications with audit committees. Communications with audit committees will also be affected as a result of changes in the economic environment, such that discussions about accounting estimates and accounting principles will need to be more robust. The alert points out that with respect to estimates, the auditor should determine that the audit committee is informed about the process used by management in formulating particularly sensitive accounting estimates and about the basis for the auditor’s conclusions regarding the reasonableness of those estimates. With respect to the accounting principles used by management in the preparation of the financial statements, the alert reminds the auditor to discuss the quality of those principles and not just the acceptability of such.

Auditing fair value measurements

The alert describes the kinds of investments that may present complexities in valuation because of the difficult conditions in the financial markets. These types of investments include auction rate securities, commercial paper, mortgage-backed or other asset-backed securities, alternative investments (such as hedge funds or private equity investments), collateralized debt obligations, and other such investments.

The following sources of guidance are available with respect to valuing these types of investments:

• FASB ASC 820, Fair Value Measurements (FASB ASC 820), which establishes a framework for measuring fair values for financial reporting purposes and expands the disclosures required for those measurements
• Clarifications on Fair Value Accounting, as issued by the SEC’s Office of the Chief Accountant and the FASB staff

Additional auditing guidance is available from the following sources:

• AS 2502, Auditing Fair Value Measurements and Disclosures
• AS 2503, Auditing Derivative Instruments, Hedging Activities, and Investments in Securities
• AS 1210, Using the Work of a Specialist
• AS 2501, Auditing Accounting Estimates
• PCAOB Staff Audit Practice Alert No. 2, Matters Related to Auditing Fair Value Measurements of Financial Instruments and the Use of Specialists (see the following section for further details regarding this alert)

Auditing accounting estimates

The significance of the recent changes in the economy and financial markets has an effect on the audit of accounting estimates. In the past, the auditor would have considered, among other things, the company’s historical experience in making past estimates, as well as the auditor’s experience in the industry; however, changes in facts, circumstances, or a company’s procedures may cause factors different from those considered in the past to become significant to the accounting estimate in the current year.

The alert provides a reminder to the auditor that they are responsible for evaluating the reasonableness of accounting estimates made by management in accordance with the provisions of AS 2501. In evaluating the reasonableness of accounting estimates, the alert summarizes three approaches that may be used:

• Review and test the process used by management to develop the estimate.
• Develop an independent expectation of the estimate to corroborate the reasonableness of management’s estimate.
• Review subsequent events or transactions occurring prior to the date of the auditor’s report.

When evaluating the reasonableness of an estimate through the use of any of these approaches, an assessment of the assumptions used in developing the estimate needs to be made. This includes consideration of those inputs and whether they are

• significant to the accounting estimate;
• sensitive to variations;
• deviate from historical patterns; or
• subjective and susceptible to misstatement and bias.

The alert emphasizes that when assessing audit differences between estimates best supported by the audit evidence and the estimates included in the financial statements, the auditor should consider whether such differences, even if they are individually reasonable, indicate possible management bias.

Auditing the adequacy of disclosures

FASB ASC 275, Risks and Uncertainties, focuses on disclosures about risks and uncertainties that could affect the amounts reported in the financial statements or the functioning of the reporting company.

When financial statements omit disclosures of material matters or the disclosure is inadequate, the financial statements are not in conformity with GAAP. In this circumstance, the auditor should express a qualified or adverse opinion and should provide the information in his or her report, if practicable, unless its omission from the auditor’s report is recognized as appropriate by a specific PCAOB auditing standard. With respect to other information included in documents containing the financial statements, the auditor should read the other information and consider whether such information, or the manner of its presentation, is materially inconsistent with the financial statements.

Auditor’s consideration of going concern matters

An economic climate presents challenges for many companies with respect to their ability to continue as a going concern. Some companies may have had their sources of liquidity strained as a result of reduced lines of credit or from violations of debt covenants, and others may have found limited access to commercial paper markets, a decrease in the valuation of collateral, and delays in payments from customers all affecting their liquidity. These factors complicate the auditor’s evaluation about whether there is a substantial doubt about the company’s ability to continue as a going concern for a reasonable period of time, not to exceed one year beyond the date of the financial statements being audited. This alert provides a reminder about some of the following conditions or events that, when considered in the aggregate, may indicate a potential going concern issue:

• Negative trends. For example, recurring operating losses, working capital deficiencies, negative cash flows from operating activities, and adverse key financial ratios
• Other indications of possible financial difficulties. For example, default on loan or similar agreements, arrearages in dividends, denial of usual trade credit from suppliers, restructuring of debt, noncompliance with statutory capital requirements, and the need to seek new sources or methods of financing or to dispose of substantial assets
• Internal matters. For example, work stoppages or other labor difficulties, substantial dependence on the success of a particular project, uneconomic long-term commitments, and the need to significantly revise operations
• External matters that have occurred. For example, legal proceedings, legislation, or similar matters that might jeopardize a company’s ability to operate: loss of a key franchise, license, or patent; loss of a principal customer or supplier; uninsured or underinsured catastrophe such as a drought, earthquake, or flood

If the auditor, after giving consideration to these matters, believes there is a substantial doubt about the company’s ability to continue as a going concern for a reasonable period of time, the auditor should obtain information about management’s plans to mitigate such matters and assess the reasonableness of those plans. In those circumstances where the auditor concludes there is substantial doubt, the auditor considers the possible effects on the financial statements and adequacy of disclosure and includes an explanatory paragraph in the audit report to reflect this conclusion. If the auditor concludes that the substantial doubt has been alleviated, the auditor is required to consider the need for disclosure of the principal conditions and events that initially caused the auditor to believe that was substantial doubt. Such disclosure should include the possible effects of such conditions and events, and any mitigating factors, including management’s plans.

Additional audit considerations

The practice alert provides a discussion on selected financial reporting areas that are more likely to be affected by the challenging economic environment, and as a result would require adjusting audit procedures to address elevated risks. The topics presented include the following:

• Consolidation. Some companies have provided financial support or guarantees that may cause them to have a variable interest in an entity or have increased their exposure to the entity, and therefore, cause them to consider or reconsider whether the entity is a variable interest entity, and if so, whether they are its primary beneficiary.
• Contingencies and guarantees. Recent events in the credit markets may expose companies to additional contingencies and guarantees, which could increase the risk of unidentified or undisclosed contingencies.
• Credit derivatives. The downturn in the credit markets can have a significant effect on the fair value of these instruments.
• Debt obligations. It may be more difficult for companies to refinance debt or it may take longer to do so. Compliance with debt covenants may also be a challenge.
• Deferred tax assets. Companies may need to record a valuation allowance for their deferred tax assets if it is more likely than not that some portion or all of the deferred tax asset will not be realized.
• Derivatives (other than credit derivatives). Fair value of these contracts may be affected, and the ability for a company to use hedge accounting, including its ability to use the shortcut method, may be affected because of the company’s or the counterparty’s creditworthiness.
• Goodwill, intangible assets, and other long-lived assets. Goodwill and indefinite-lived intangible assets should be tested annually for impairment, or more frequently if impairment indicators exist. Long- lived assets should be tested for impairment in accordance with FASB ASC 360, Accounting for the Impairment or Disposal of Long-Lived Assets (FASB ASC 360).
• Inventory. Consideration should be given as to whether there is excess or obsolete inventory or inventory with carrying amounts in excess of market values as a result of current market conditions, including reduced consumer spending.
• Other-than-temporary impairment. Declines in fair value should be evaluated for held-to-maturity and available-for-sale securities to determine if the decline is other than temporary and, if so, should be recognized in earnings as an impairment loss.
• Pension and other post-retirement benefits. Increased credit risk and reduced liquidity can have a significant effect on the fair value of plan assets, as well as assumptions used to value pension and other post-retirement obligations.
• Receivables. Companies may face an increased risk of non-collection of receivables, which may increase the risk of material misstatement in the valuation of the receivables.
• Restructuring. Whenever a company exits or disposes of an activity, any associated costs must be accounted for and reported in accordance with FASB ASC 420, Exit or Disposal Cost Obligations.
• Revenue recognition. In the difficult economic environment, companies may be faced with increased pressure to meet revenue targets and analysts’ expectations, resulting in additional audit risks.
• Share-based payments. Volatile stock prices may result in some companies modifying share-based payment awards, resulting in incremental compensation costs. Additionally, the changing economic environment may affect the assumptions used in the valuation process.

Staff Audit Practice Alert No. 2, Matters Related to Auditing Fair Value Measurements of Financial Instruments and the Use of Specialists

Staff Audit Practice Alert No. 2 was issued in 2007 to remind auditors of their responsibilities when auditing fair value instruments and using the work of specialists. The practice alert describes the applicable accounting requirements in these areas and provides direction. This alert is organized into four sections, as follows:

1. Auditing fair value measurements
2. Classification within the fair value hierarchy in accordance with FASB ASC 820
3. Using the work of specialists
4. Use of a pricing service

Auditing fair value measurements

AS 2502, Auditing Fair Value Measurements, states that the auditor should evaluate whether the fair value measurements and disclosures in the financial statements are in conformity with GAAP.

In addition, FASB ASC 275 requires certain disclosures, in addition to those required by other accounting standards, about estimates when certain information is known prior to the issuance of financial statements. FASB ASC 820 defines fair value as the price that would be received to sell an asset or paid to transfer a liability in an orderly transaction between market participants at the measurement date.

It also introduces concepts such as the principal and most advantageous markets and the fair value hierarchy of inputs.

In planning and performing procedures in response to the risk associated with fair value measurements, the auditor should obtain an understanding of the company’s process for determining fair value measurements and disclosures, including relevant controls. In addition, the auditor should, among other things, evaluate the following:

• Whether management’s assumptions are reasonable and reflect, or are not inconsistent with, market information. For example, the fact that transaction volume in a particular market is lower than in previous periods may not necessarily support an assumption that transactions in that market constituted forced or distressed sales. If management relies on historical financial information in the development of an assumption, consider the extent to which such reliance is justified; historical information might not be representative of future conditions or events. For example, an auditor should evaluate whether a company’s use of historical default rates, in an environment in which default rates are increasing, is justified.
• Whether the company’s method for determining fair value measurements is applied consistently and if so, whether the consistency is appropriate considering possible changes in the environment or circumstances affecting the company. For example, the relative weightings in a company’s model may not be reasonable in situations where there has been a change in market conditions. In such cases, auditors should consider whether compliance with applicable accounting standards might require a change in the model. Inputs based on a company’s own data may be more susceptible to preparer bias because they may not be based on observable market inputs. In such cases, the auditor should be aware of the increased risk of management bias and address the related risk of material misstatement.

Classification within the fair value hierarchy under FASB ASC 820

Under FASB ASC 820, a company must determine the appropriate level in the fair value hierarchy for each fair value measurement. The fair value hierarchy in FASB ASC 820 prioritizes the inputs — which refer broadly to assumptions market participants would use in pricing an asset or liability — into three levels. It gives the highest priority to quoted prices (unadjusted) in active markets for identical assets or liabilities and the lowest priority to unobservable inputs. The level in the fair value hierarchy within which a fair value measurement in its entirety falls is determined based on the lowest level input that is significant to the fair value measurement in its entirety.

• Level 1 inputs are quoted prices (unadjusted) in active markets for identical assets or liabilities that the reporting entity has the ability to access at the measurement date.
• Level 2 inputs are inputs other than quoted prices within Level 1 that are observable for the asset or liability, either directly or indirectly. A significant adjustment to a Level 2 input could result in the Level 2 measurement becoming a Level 3 measurement.
• Level 3 inputs are unobservable inputs for the asset or liability.

Because there are different consequences associated with each of the three levels of the hierarchy, the auditor should be alert for circumstances in which the company may have an incentive to inappropriately classify fair value measurements within the hierarchy. For example, an asset or liability with Level 1 inputs generally must be measured using unadjusted quoted prices in an active market, but an asset or liability with Level 2 inputs is measured using observable market inputs other than quoted prices included in Level 1. Accordingly, a Level 2 measurement might allow for more discretion or judgment on the part of management than a Level 1 measurement. As another example, the required disclosures associated with Level 3 measurements are more extensive than those associated with Level 1 and Level 2 measurements.

The auditor’s opinion is based on, among other things, his or her judgment as to whether the financial statements and related notes are informative of matters that may affect their use, understanding, and interpretation. In evaluating whether a company’s disclosures are complete, accurate, and in conformity with FASB ASC 820, the auditor should be aware that a financial statement disclosure that is not in accordance with GAAP could be a misstatement of the financial statements.

Using the work of specialists

Management and auditors frequently use the work of a specialist in preparing and auditing financial statements containing complex fair value measurements.

AS 2502 states that the auditor should consider whether to engage a specialist and use the work of that specialist as evidential matter in performing substantive tests to evaluate material financial statement assertions. As part of the consideration, the auditor should evaluate whether he or she has the necessary skill and knowledge to plan and perform audit procedures related to the fair value measurement. Factors to consider include

• significant use of unobservable inputs;
• complexity of the valuation technique; and
• materiality of the fair value measurement.

Auditing standards require that when using the work of a specialist the auditor should (a) obtain an understanding of the methods and assumptions used by the specialist, (b) make appropriate tests of data provided to the specialist, and (c) evaluate whether the specialist’s findings support the related assertions in the financial statements. In obtaining an understanding of the specialist’s methods, the auditor should consider whether the method will result in a measurement that is in conformity with the applicable accounting standards. In addition, the auditor should evaluate the assumptions developed by a specialist engaged or employed by management.

The auditor also should evaluate the specialist’s qualifications, including the specialist’s experience in the type of work under consideration, and obtain an understanding of the work performed by the specialist to ensure the appropriateness of using the specialist’s work for use in financial statements.

Use of a pricing service

If a company uses a pricing service for its fair value measurements, the auditor should determine the nature of the information provided by the pricing service. For example, the auditor should understand whether the fair value measurement was determined using quoted prices from an active market, observable inputs (such as prices for similar assets), or fair value measurements based on a model, and adjust his or her audit procedures based on the nature of the information provided by the pricing service. In addition, if the price is not based on quoted prices from an active market or observable inputs (such as prices for similar assets), the auditor should obtain an understanding of the model and evaluate whether the assumptions are reasonable.

There are additional factors for the auditor to consider under FASB ASC 820. For example, under FASB ASC 820, a fair value measurement assumes that the transaction occurs in the principal market for the asset or liability or, in the absence of a principal market, the most advantageous market. The principal market is one in which the reporting entity would sell the asset or transfer the liability with the greatest volume and level of activity. If there is a principal market, under FASB ASC 820, the fair value measurement represents the price in that market even if the price in a different market is potentially more advantageous.

Under FASB ASC 820, when a company uses a pricing service, the auditor should evaluate whether the assumptions used by the pricing service reflect the price to sell the asset or paid to transfer the liability in the principal market (or most advantageous market if the company has no principal market) of the company. If the pricing service valuation is based on actual trades or quotes, the auditor should evaluate whether those traded or quoted prices would be available to the company in the company’s principal market (or most advantageous market, if the company has no principal market). For example, a pricing service might provide an amount for which a large financial institution could sell the financial instrument; however, a company that owns that financial instrument might not be able to transact in the same market as a large financial institution. If the price available to a large financial institution would not be available to the company, then that price may not be an appropriate measure of fair value under FASB ASC 820.

Staff Audit Practice Alert No. 1, Matters Related to Timing and Accounting for Option Grants

In 2006, the PCAOB published Staff Audit Practice Alert No. 1. The alert directs auditors to consider the risk that the company may have improperly accounted for stock option grants, and thus the financial statements may be materially misstated or there may be ICFR deficiencies. Accordingly, for audits formerly underway or to be performed in the future, auditors should acquire sufficient information to allow an assessment of the nature and potential magnitude of these risks.

Staff Q&A—Auditing Standard No. 7, Engagement Quality Review

This question and answer provides implementation guidance on the documentation requirements of AS 1220. The question asks whether AS 1220 requires documentation of all of the interactions between the engagement quality reviewer and the engagement team, including all of the interactions before a matter is identified as a significant engagement deficiency.

The answer to this question clarifies that the documentation requirements of AS 1220 should be applied once a reviewer concludes that a significant deficiency exists. Additionally, in its response, the board cited guidance from paragraph 19 of the standard, which establishes a requirement that “documentation of an engagement quality review should contain sufficient information to enable an experienced auditor, having no previous connection with the engagement, to understand the procedures performed by the engagement quality reviewer, and others who assisted the reviewer, to comply with the provisions of this standard.”

Staff Q&A—References to authoritative accounting guidance in PCAOB standards

These questions and answers (four in all) established FASB ASC as the source of authoritative non-SEC accounting principles recognized by FASB to be applied by nongovernmental entities in the preparation of financial statements in conformity with U.S. GAAP.

Staff Q&A—Guidance on auditing the fair value of share options granted to employees

This Staff Question and Answers document (Q&A) provides guidance for auditing the fair value of share options granted to employees. The guidance applies to the audit of share-based payments accounted for under FASB ASC 718 and the SEC’s Staff Accounting Bulletin No. 107. The PCAOB issued the Q&A to help auditors appropriately and consistently apply existing auditing standards to this area.

Valuations of option grants are generally estimated using option-pricing models. As such, these valuations are accounting estimates and AS 2501, Auditing Accounting Estimates, and AS 2502, Auditing Fair Value Measurements and Disclosures, most directly apply. In addition, because estimates can potentially be manipulated for the purposes of intentional misstatement of financial results, AS 2401, Consideration of Fraud in a Financial Statement Audit, also applies.

An auditor should perform the following steps in auditing the fair value of employee options:

Obtain an understanding of the company’s process for estimating the fair value of employee share option grants. Paragraph .23 of AS 2502 identifies three ways in which the auditor may test a company’s fair value measurements:

• Testing management’s significant assumptions, the valuation model, and the underlying data
• Developing independent fair value estimates for corroborative purposes
• Reviewing subsequent events and transactions

The Q&A communicates that the first approach will likely be the most effective in auditing option fair value estimates.

In applying the provisions of AS 2502 to the evaluation of the company’s process for estimating the fair value of employee share option grants, the auditor should review the procedures used by the company to make the estimates. These procedures include the following:

• Evaluating how the terms of the share option awards affect the determination of the grant date, selection of model, and the assumptions used
• Selecting the option-pricing model
• Developing the assumptions used in the valuation, including implementation of the guidance in FASB ASC 718 and SAB 107, that could affect the assumptions
• Ensuring that the data upon which the fair value measurements are based (including employee exercises and post-vesting cancellations and lapses) are accurate and complete
• Generating the estimated fair value of the employee share options, including executing the calculations required in the option-pricing model

The auditor also should evaluate whether the process is complete, including whether the company considers the relevant factors identified in the accounting literature that affect the assumptions and whether the company applies the process consistently from period to period.

Assess the risk of misstatement related to the fair value of employee share options. The Q&A provides the following examples of circumstances and conditions that indicate increased risk and might indicate a risk of fraud that would require a specific response from the auditor:

• When an assumption that a company uses has the effect of reducing the fair value below what it would have been had the company based the assumption on unadjusted historical information
• Exclusion of a historical period of time from the inputs to the valuation model, especially when the effect of that exclusion is to lower expected term or expected volatility
• Adjustments to historical exercise behavior or historical share price volatility, for example,
  • the expected term estimate for the current grant of share options is five years when the company has averaged seven years in previous grants of share options;
  • the expected term or expected volatility estimate selected as the most likely was the lowest in a range of possible expected terms or expected volatilities; or
  • the expected term and expected volatility estimates are both lower than the historical averages
• Adjustments to historical exercise behavior or historical share price volatility are not applied consistently to each option grant in circumstances in which they should have been consistently applied

Staff Q&A—Guidance on auditing adjustments to prior-period financial statements audited by a predecessor auditor

This staff questions and answers section sets forth the staff’s opinions related to adjustments to prior- period financial statements audited by a predecessor auditor. The questions and answers are summarized as follows.

Question 1 communicates that when prior-period financial statements that require adjustments were audited by a predecessor auditor, it is acceptable for either the successor or predecessor auditor to audit those adjustments, as long as the auditor is independent and registered with the PCAOB. This is true whether the adjustments are the result of discontinued operations, retrospective application of a change in accounting principle, or correction of an error.

Question 2 notes that when the predecessor auditor audits the adjustments to the prior-period financial statements, the predecessor auditor should dual-date his or her reissued report in connection with the audit of the adjustments.

Question 3 discusses the successor’s responsibilities with regard to prior-period adjustments that have been audited by the predecessor auditor. The successor auditor should obtain

• an understanding of the adjustments and their effects, if any, on the current year financial statements; and
• assurance that the accounting principles employed are consistent between the current and the preceding year.

Question 4 discusses the factors that are relevant to a successor auditor’s determination as to whether he or she is able to audit only the prior-period adjustments or whether a re-audit of the entire financial statements is necessary. Factors the auditor should consider include the following:

• The extent of the adjustments. Extensive and pervasive adjustments make it more likely that a re- audit is necessary.
• The reason for the adjustments. When the adjustments are necessary to correct an error, the auditor should consider the risk that there may be other undetected misstatements in the prior-period financial statements. In particular, if the adjustments correct an intentional misstatement, it is more likely that a re-audit is necessary.
• Cooperation of predecessor auditor. A successor auditor may determine that he or she is able to audit adjustments to prior-period financial statements if he or she has access to the audit documentation relating to the prior periods and if the predecessor auditor is responsive to questions relating to those periods.

Question 5 provides an example of the format of a successor auditor’s report when he or she has audited adjustments to the prior-period financial statements audited by a predecessor auditor. The successor auditor’s report should contain a separate paragraph that describes the nature of the prior-period adjustments (that is, whether the adjustments are due to correction of an error or retrospective application of a change in accounting) and states the auditor’s conclusions with respect to the adjustments. The paragraph should also emphasize that the auditor was not engaged to audit, review, or apply any procedures to the prior-period financial statements other than with respect to the adjustments.

Question 6 communicates that a company’s predecessor auditor may reissue his or her report on the prior-period financial statements when the successor auditor has audited and reported on adjustments made to the prior period due to the correction of an error, as long has he or she has determined that the report on those financial statements is still appropriate. When determining whether the report is still appropriate, the predecessor auditor should consider factors such as the following:

• The nature and extent of the adjustments pertaining to the error correction
• Whether management has withdrawn the prior-period financial statements
• Whether the errors were intentional

Question 7 notes that if the predecessor auditor does not reissue his or her report on the prior-period financial statements, the successor auditor or other independent auditor may re-audit and report on prior- period financial statements as adjusted.

Question 8 provides guidance on the procedures that a predecessor auditor should perform prior to reissuing his or her report when a successor auditor has audited and reports on adjustments made to the prior-period financial statements. Suggested procedures include the following:

• Reading the current period financial statements
• Comparing the prior-period financial statements that he or she reported on with the current period financial statements for comparative purposes
• Obtain representation letters from management of the former client and from the successor auditor

Question 9 provides an example of the modifications that should be made to a predecessor auditor’s reissued report on the prior-period financial statements when the successor auditor audits and reports on the adjustments to those financial statements. The reissued report should be modified to state the nature of the adjustments and to indicate that (a) the reissued opinion relates to the prior-period financial statements before the effects of the adjustment, and (b) he or she was not engaged to audit, review, or apply any procedures to the adjustments.

Question 10 communicates that when a successor auditor has audited and reported on adjustments made to the prior-period financial statements and predecessor auditor is reissuing his or her report on those financial statements, the predecessor’s auditor should use the date of the originally issued report to avoid any implication that he or she has examined any records, transactions, or events after that date.

Question 11 communicates that a successor auditor may not audit and report on the adjustments made to the prior-period financial statements if he or she has not yet completed an audit of the current period financial statements.

Inspection observations

In approximately 70% of the audits that were identified during 2007 to 2010 as having significant audit performance deficiencies, such deficiencies related to at least one of the following audit areas:

• Auditing revenue recognition. Inspections staff identified deficiencies relating to firms’ failures to: (a) sufficiently test sales transactions to determine whether revenue recognition was appropriate; (b) sufficiently test the occurrence, accuracy, and completeness of revenue; (c) read contracts or other supporting documentation and appropriately evaluate the terms and provisions included in contractual arrangements; (d) test whether revenue was recorded in the correct period; (e) assess whether the issuers’ revenue recognition policies were consistent with GAAP; (f) appropriately apply sampling procedures to select revenue transactions to test; and (g) perform sufficient tests to support the level of controls reliance in determining the nature, timing, and extent of substantive procedures.
• Auditing share-based payments and equity financing instruments. Deficiencies in this area included firms’ failures to (a) obtain an understanding of the terms of the agreements relating to the issuance of the instruments, in order to determine the appropriate accounting for those transactions, and (b) sufficiently test estimates of fair value for equity instruments, including the inputs, assumptions, and methodologies used in determining their fair value.
• Auditing convertible debt instruments. Such deficiencies included failures to sufficiently evaluate (a) the issuer’s determination of fair value of the instruments, or components thereof; (b) the allocation of proceeds to the components of the instruments; and (c) the adequacy of the presentation and disclosure of the transactions in an issuer’s financial statements.
• Auditing fair value measurements. In circumstances where the firm’s approach to auditing fair value estimates involved testing the issuer’s process for estimating fair value, inspections staff observed instances in which firms did not sufficiently evaluate the appropriateness of the valuation methods used and/or the reasonableness of the issuer’s significant assumptions. In circumstances where firms developed an independent expectation of fair value for corroborative purposes, the inspection staff emphasized that for each significant assumption used in developing an expectation, the auditor must have a reasonable basis, supported by audit evidence.
• Auditing business combinations and impairment of intangible and long-lived assets. Examples of identified deficiencies regarding auditing business combinations included failures to (a) test the value of the purchase price or consideration given in the business combination; (b) evaluate whether all of the tangible and intangible assets acquired and all of the liabilities assumed have been identified and allocated an appropriate portion of the purchase price; (c) evaluate the reasonableness of estimated useful lives and appropriateness of the amortization methods; and (d) evaluate the issuer’s accounting for reverse mergers. Examples of identified deficiencies regarding impairment of intangible and long-lived assets included firms’ failures to adequately perform an independent impairment analysis or test the process the issuer used to conclude that the intangible assets and/or long-lived assets were not impaired.
• Auditing accounting estimates. Inspections staff observed that firms often chose to evaluate accounting estimates by reviewing and testing management’s process for developing the estimate. In such instances, deficiencies identified included firms’ failures to: (a) sufficiently evaluate the reasonableness of management’s significant assumptions, and (b) sufficiently test the data underlying management’s calculation of the accounting estimate. Some of the more common estimates for which inspections staff identified deficiencies included allowances for loan losses, allowances for doubtful accounts receivable, and inventory reserves.
• Auditing related party transactions. Inspections staff noted deficiencies related to firms’ failures to test for undisclosed related parties or transactions with undisclosed related parties. Some firms also did not identify and address the lack of disclosure regarding related party transactions in the financial statements. Inspections staff also identified deficiencies regarding firms’ failures to obtain an understanding of the nature and business purpose of related party transactions and evaluate whether the accounting for those transactions reflected their economic substance.
• Analytical procedures as substantive tests. Examples of identified deficiencies in this area included failures to: (a) develop appropriate expectations, including disaggregating data in order to obtain the appropriate level of precision for the expectation; (b) investigate significant unexpected differences; (c) obtain evidence to corroborate management’s explanations regarding significant unexpected differences; and (d) test the underlying data used in the analytical procedures.
• Audit procedures to respond to the risk of material misstatement due to fraud. Inspections staff observed deficiencies related to firms’ failures to: (a) sufficiently test journal entries and other adjustments for evidence of possible material misstatement due to fraud, including testing the listing of journal entries and other adjustments for completeness; (b) consider the risk of material misstatement due to fraud relating to revenue recognition or indicate why revenue recognition would not be a fraud risk; (c) inquire of the audit committee, management, and others regarding their views about the risk of fraud; (d) conduct a brainstorming session with the engagement team to discuss fraud risks; (e) obtain an understanding of the issuer’s controls over journal entries and other adjustments; and (f) assess the risk of management override of controls.

Potential root causes contributing to audit deficiencies

The board encourages firms to identify and address the root causes of identified deficiencies. Such root causes identified include

• A lack of technical competence in a particular audit area. In some cases, engagement teams may not have the level of technical knowledge necessary for the audit, or may fail to consult with others who have the appropriate level of technical knowledge.
• A lack of due professional care, including professional skepticism. Inspections staff continue to observe instances that suggest that auditors did not appropriately apply professional skepticism. In some instances, auditors may have allowed their confidence or trust in management to cause them to accept assertions rather than sufficiently test them. In other cases, heavy partner and professional staff workloads may have contributed to time pressures that led to an apparent lack of professional skepticism.
• Ineffective or insufficient supervision, which may be due to heavy partner or staff workloads. Inspections staff have identified instances in which heavy workloads may have contributed to poor audit quality. Excessive workloads, particularly for partners or other supervisory staff, may negatively affect the ability to properly supervise the work of junior members of the engagement team. It may also contribute to insufficient professional skepticism and due professional care.
• Ineffective client acceptance and continuance practices that fail to consider technical knowledge required in particular audits. Some firms’ client acceptance and continuance processes may not include careful consideration of whether the firm possesses the necessary technical knowledge to perform the audit, particularly when complex accounting or industry specialization is required.
• Ineffective engagement quality reviews. In some cases where firms did not obtain sufficient appropriate audit evidence to support the firm’s audit opinion, the firms did not ensure that their concurring partner reviews and engagement quality reviews were effective. In some instances observed by inspections staff, the reviewing partner did not have the appropriate level of expertise and experience. In other instances, the timing of the review (for example, after the issuance of the audit report) limited or negated its effectiveness.

Firms’ efforts to address audit quality issues identified in inspections

The PCAOB takes a number of steps to encourage firms to address audit deficiencies. In each inspection, the staff discusses the findings with the firm to ensure that all facts are considered and to help the inspections staff and firm understand the identified deficiency. Based on this understanding, firms’ quality control procedures are revised as necessary. The PCAOB encourages firms to communicate with the inspections staff regarding how the firm intends to address quality control criticisms, so that the firm can receive timely feedback from the inspections staff. Furthermore, the board has held forums in the past for auditors of small companies to share inspection results, remediation observations, and information about recently issued auditing standards.

In approximately 90% of the cases in which the board concluded on a firm’s efforts to address quality control criticisms identified during inspections in the 2007–2010 period, the board determined that the firm addressed each of the quality control criticisms to the board’s satisfaction. Although such a determination does not necessarily mean that the firm completely cured any particular quality control defect, it does mean that the firm made good faith progress toward achieving the relevant quality control objectives. Such remediation activities included enhancing quality control policies and procedures, developing technical guidance targeted to specific issues, developing and requiring training targeted to specific issues, developing new audit tools, and requiring additional audit procedures.

The complete PCAOB report can be viewed at http://pcaobus.org/Inspections/Documents/02252013_Release_2013_001.pdf.

Other reports issued by the PCAOB

The PCAOB issued the following additional reports:

• Executive Highligths of the Annual Report on the Progress of the Interim Inspection Program Related to Audits of Broker-Dealers. For details, https://pcaobus.org/Inspections/Documents/PCAOB-Executive-Highlights-Broker-Dealer-Auditors-2017-Inspections.pdf
• Annual Report on the Progress of the Interim Inspection Program Related to Audits of Broker-Dealers. For details, https://pcaobus.org/Inspections/Documents/Broker-Dealer-Auditor-Inspection-Annual-Report-2018.pdf
• Annual Report on the Progress of the Interim Inspection Program Related to Audits of Broker-Dealers. For details, see https://pcaobus.org/Inspections/Documents/BDA-Interim-Inspection-Program-2017.pdf
• Staff Inspection Brief—Information About 2016 Inspections of Auditors of Issuers. For details, see https://pcaobus.org/Inspections/Documents/inspection-brief-2017-4-issuer-results.pdf
• Staff Inspection Brief—Information About 2017 Inspections. For details, see https://pcaobus.org/Inspections/Documents/inspection-brief-2017-3-issuer-scope.pdf
• Staff Inspection Brief—Information About 2017 Inspections of Auditors of Broker-Dealers. For details, see https://pcaobus.org/Inspections/Documents/inspection-brief-2017-2-broker-dealer-scope.pdf
• Staff Inspection Brief —Preview of Observations From 2016 Inspections of Auditors of Issuers. For details, see https://pcaobus.org/Inspections/Documents/inspection-brief-2017-1-broker-dealer-results.pdf
• Annual Report on the Progress of the Interim Inspection Program Related to Audits of Broker-Dealers. For details, see https://pcaobus.org/Inspections/Documents/BD-Interim-Inspection-Program-2016.pdf.
• Staff Inspection Brief—Information About 2016 Inspections of Auditors of Public Companies. For details, see https://pcaobus.org/Inspections/Documents/Inspection-Brief-2016-3-Issuers.pdf.
• Staff Inspection Brief—Information About 2016 Inspections of Auditors of Broker-Dealers. For details, see https://pcaobus.org/Inspections/Documents/Inspection-Brief-2016-4-Broker-Dealers.pdf.
• Staff Inspection Brief —Preview of Observations From 2015 Inspections of Auditors of Issuers. For details, see https://pcaobus.org/Inspections/Documents/Inspection-Brief-2016-1-Auditors-Issuers.pdf.
• Staff Inspection Brief—Preview of Observations From 2015 Inspections of Auditors of Brokers and Dealers. For details, see https://pcaobus.org/Inspections/Documents/Inspection-Brief-2016-4-Broker-Dealers.pdf.
• Staff Inspection Brief—Information About 2015 Inspections of Registered Auditors. For details, see https://pcaobus.org/Inspections/Documents/Inspection-Brief-2015-2-2015-Inspections.pdf.
• Staff Inspection Brief—Information About 2015 Inspections of Brokers and Dealers. For details, see https://pcaobus.org/Inspections/Documents/Inspection_Brief_2015_1.pdf Annual Report on the Progress of the Interim Inspection Program Related to Audits of Brokers and Dealers. For details, see https://pcaobus.org/Inspections/Documents/BD_Interim_Inspection_Program_2015.pdf.
• Observations from PCAOB Inspections Covering Five Audits of Brokers and Dealers Required to be Conducted in Accordance with PCAOB Standards. For details, see https://pcaobus.org/Inspections/Documents/BD_Interim_Inspection_Program_2015.pdf.
• Third Report on the Progress of the Interim Inspection Program Related to Audits of Brokers and Dealers. For details, https://pcaobus.org/Inspections/Documents/BD_Interim_Inspection_Program_2014.pdf.
• Second Report on the Progress of the Interim Inspection Program Related to Audits of Brokers and Dealers. For details, see https://pcaobus.org//Inspections/Documents/BD_Interim_Inspection_Program_2013.pdf.
• Observations Related to the Implementation of the Auditing Standard on Engagement Quality Review. For details, see https://pcaobus.org/Inspections/Documents/120613_EQR.pdf.
• Observations on the Initial Implementation of the Process for Addressing Quality Control Criticisms within 12 Months after an Inspection Report. For details, https://pcaobus.org/Inspections/Documents/2006_03-21_Release_104-2006-078.pdf
• Observations on Auditor’s Implementation of PCAOB Standards Relating to Auditors’ Responsibilities with Respect to Fraud. For details, see https://pcaobus.org//Inspections/Documents/2007_01-22_Release_2007-001.pdf.
• Report on the PCAOB’s 2004, 2005, and 2006 Inspections of Domestic Triennially Inspected Firms. For details, see https://pcaobus.org//Inspections/Documents/2007_10-22_4010_Report.pdf.
• Report on the PCAOB’s 2004, 2005, 2006, and 2007 Inspections of Domestic Annually Inspected Firms. For the full report, see https://pcaobus.org/Inspections/Documents/2008_12-05_Release_2008-008.pdf.
• Report on the First-Year Implementation of Auditing Standard No. 5, An Audit of Internal Control Over Financial Reporting that is Integrated with An Audit of Financial Statements. For details, see http://pcaobus.org/Inspections/Documents/09-24_AS5_4010_Report.pdf.
• Staff Views—An Audit of Internal Control Over Financial Reporting That Is Integrated with An Audit of Financial Statements: Guidance for Auditors of Smaller Public Companies. For details, see http://pcaobus.org/Standards/Auditing/Documents/AS5/Guidance.pdf.
• Report on Observations of PCAOB Inspectors Related to Audit Risk Areas Affected by the Economic Crisis. For details of this report, see http://pcaobus.org/Inspections/Documents/4010_Report_Economic_Crisis.pdf.
• Information for Audit Committees About the PCAOB Inspection Process. For details, see http://pcaobus.org/Inspections/Documents/Inspection_Information_for_Audit_Committees.pdf.
• Report on the Progress of the Interim Inspection Program Related to Audits of Brokers and Dealers. For details, see http://pcaobus.org/Inspections/Documents/BD_Interim_Inspection_Program.pdf.

Registration and reporting

Rule 2100 requires all U.S. accounting firms to be registered with the board if they wish to prepare or issue audit reports on U.S. public companies, or to play a substantial role in the preparation or issuance of such reports. Non-U.S. public accounting firms that wish to prepare or issue audit reports on U.S. public companies, or to play a substantial role in the preparation or issuance of such reports, must also be registered. Additionally, both domestic and foreign companies, which previously did not need to register, may need to register if circumstances change, and they determine they are playing a substantial role in the preparation or issuance of audit reports. The registration system consists of nine rules (PCAOB Rules 2100 through 2107, and 2300), plus definitions that appear in Rule 1001, and a form (PCAOB Form 1). Rule 2107 sets forth the requirements and procedures for withdrawal from registration.

The definition of the term public accounting firm includes proprietorships. An individual accountant who wishes to prepare or issue, in his or her own name, an audit report on an issuer would be viewed as a sole proprietor and required to register; however, individual accountants who are associated with public accounting firms are not required to register. A firm must list on the firm’s registration application certain individual accountants who are associated with the firm and who participate in or contribute to the preparation of audit reports.

An accounting firm plays a substantial role if it meets either part of a two-pronged test:

1. The firm performs the majority of the audit procedures with respect to a subsidiary or component of any issuer client of the principal auditor, the assets or revenues of which constitute 20% or more of the consolidated assets or revenues of such issuer (for purposes of determining “20% or more of the consolidated assets or revenues,” the determination should be made at the beginning of the issuer’s fiscal year using prior year information and should be made only once during the issuer’s fiscal year).
2. The firm performs material services that are used by the principal auditor or relied on in issuing all or part of the audit report. Material services is defined as services for which the engagement hours or fees constitute 20% or more of the total engagement hours or fees, respectively, provided by the principal auditor.

The second test must be applied at the end of the audit engagement. If, at the end of the engagement, the fees or hours of the other accounting firm exceed 20% of the principal auditor’s fees or hours, that other accounting firm will need to be registered with the PCAOB prior to the issuance of the auditor’s report. It should be noted that the denominator for this test is the principal auditor’s hours and fees — not the aggregate hours and fees. For example, if the principal auditor’s fees are $100 and the other auditor’s fees are $21, the threshold would be met, even though the other auditor’s fees are only 17% of the aggregate fees. It also should be noted that the amounts used in the fees test should include only fees for services related to the audit, not necessarily all fees that are classified as audit fees in the 10-K and proxy (for example, it would be inappropriate to include fees billed by the principal auditor for comfort letters).

The rules only require public accounting firms that prepare or issue an audit report on an issuer, or play a substantial role in preparing or issuing an audit report, to register with the PCAOB, but the rules allow any other public accounting firm to register. Accordingly, firms that want to register in order to be able to prepare or issue, or play a substantial role in preparing or issuing, an audit report for an issuer may register with the PCAOB.

Public accounting firms that wish to apply for registration must do so by completing and submitting to the PCAOB Form 1. The form is available only in electronic form on the PCAOB’s website, and must be completed and submitted to the PCAOB electronically.

Form 1 consists of nine parts, subdivided into various items requiring the disclosure of particular information concerning the applicant and its associated accountants and the applicant’s issuer clients. The information these items call for is, in general, required by Section 102(b) of the act. If the submission of the information called for by Form 1 would cause an applicant to violate non-U.S. laws, Form 1 allows the applicant to disclose in its application the non-U.S. legal impediments that prevent it from furnishing information otherwise required by the application.

Section 102(e) of the act provides that applications for registration “or such portions of such applications … as may be designated under the rules of the Board” must be available for public inspection. Accordingly, applications for registration will be made public as soon as practicable after the PCAOB approves or disapproves an application. In order to prevent the disclosure of confidential information contained in the application, Rule 2300 provides for the confidentiality, upon request by the applicant, of portions of registration applications.

Application fee

Section 102(f) of the act requires that the PCAOB set the application fee at a level sufficient to recover the costs of processing and reviewing applications. The PCAOB set the fee schedule tiered according to the number of issuer clients for which an accounting firm performed audits in the preceding fiscal year, as represented in the firm’s application. The PCAOB has set the following current registration application fee schedule for accounting firms that file registration applications:

The PCAOB will periodically review the costs associated with the processing of registration applications and will from time to time revise these fees as necessary.

After reviewing an application for registration, and any additional information obtained by the PCAOB, the PCAOB determines whether to approve the application. An application is approved if the PCAOB determines that registration is consistent with the PCAOB’s responsibilities under the act to protect the interests of investors and to further the public interest in the preparation of informative, accurate, and independent audit reports for companies the securities of which are sold to, and held by and for, public investors. If the PCAOB is unable to make this determination, or if the PCAOB concludes that the application is inaccurate or incomplete, it will either request additional information from the applicant or issue a written notice of a hearing. A written notice of a hearing will specify the proposed grounds for disapproval. A notice of disapproval may be appealed to the SEC.

The PCAOB generally approves an application for registration no later than 45 days after the date of receipt of the application. Applications are not deemed to be received until the required registration fee has been paid. If the PCAOB requests additional information, a new 45-day review period will begin when the requested information is received. The PCAOB may request additional information when an applicant has failed to complete fully Form 1, or when the information is otherwise necessary in order to make a determination on the application.

Withdrawal from registration

Rule 2107 permits a firm to request withdrawal of its registration. Under the rule, a registered firm may seek to withdraw its registration by filing a request with the PCAOB on the appropriate PCAOB form, Form 1-WD. A firm that files a Form 1-WD may not, unless it first withdraws its Form 1-WD filing, engage in the preparation or issuance of, or play a substantial role in the preparation or furnishing of, an audit report for a U.S. public company. This restriction is necessary to avoid the risk that the PCAOB would grant a pending withdrawal request at a time when the firm is in fact engaged in conduct for which registration is required.

Withdrawal is not automatic upon request. The PCAOB is permitted to delay withdrawal while it carries out a relevant inspection, investigation, or disciplinary proceeding. In certain circumstances, the PCAOB has the flexibility to delay withdrawal for up to two years.

If the PCAOB does delay a firm’s withdrawal, the rule eases certain registration-related burdens on the firm during the delay. Specifically, the annual reporting requirements and annual fee obligations are reduced to essentially nothing. In addition, the PCAOB may waive any regular inspection of the firm that would otherwise commence, according to the PCAOB’s inspection schedule, during the delay.

The rule also allows the PCAOB to void a firm’s withdrawal, and reinstate the firm’s registration, if the PCAOB discovers information indicating that the firm may have reported a material inaccuracy or omission in its withdrawal filing.

The PCAOB has issued Staff Questions and Answers concerning registration of auditors of nonpublic broker-dealers. For a summary of the guidance, refer to the section on Staff Questions and Answers Related to Rules.

Succession to a predecessor’s registration status

PCAOB rules 2108 and 2109 govern the filing of an optional Form 4 that allows, in certain circumstances, a firm to succeed to the registration status of a predecessor firm without a break in that registration status and without the filing of a new registration application on Form 1.

Rules for annual and special reporting

Rules 2200 through 2207 require registered public accounting firms to file certain forms for reportable events and annual reporting.

Special reports—Form 3: Under the rules, certain events that occur on or after the December 31 effective date must be reported by a registered firm in a special report on PCAOB Form 3 within 30 days after the event. If certain events occurred between the time of a firm’s registration application and the December 31 effective date, a firm must report those events in Form 3 within 30 days after December 31. Reportable events range from matters such as a change in the firm’s name or contact information to the institution of certain types of legal, administrative, or disciplinary proceedings against a firm or certain categories of individuals within the firm.

Annual reports—Form 2: The rules also require all firms that are registered with the board as of March 31 of a given year to file an annual report on Form 2 by June 30 of that year, covering the 12-month period ending March 31. Annual reporting includes matters such as information about audit reports issued during the year, disciplinary information about persons who have joined the firm, and information about fees billed to issuer audit clients by category of service and as a percentage of total fees billed.

Also, under the rules, all firms registered as of March 31 of a given year must pay an annual fee by July 31 of that year. The current annual fee schedule is as follows:

The board will make each firm’s filings on Forms 2, 3, and 4 available to the public on the board’s website. Certain information on those forms will not be made public, if it qualifies for confidential treatment.

The PCAOB has issued Staff Questions and Answers regarding filing Form 3 and Form 4. For a summary of the guidance, refer to the next section on Staff Questions and Answers Related to Rules.

Frequently asked questions (FAQs) regarding registration with the board

The PCAOB issued FAQ regarding registration with the board. This guidance was last updated in December 2017. The FAQ covers such topics as the mechanics of registration, registration requirements, registration approval, and information required by Form 1. The FAQ can be accessed at http://pcaobus.org/Registration/Information/Documents/Registration_FAQ.pdf.

Rule 3522—Tax transactions

Question 1 deals with conditions of confidentiality by tax advisers who are not employed by or affiliated with the registered public accounting firm. The PCAOB staff noted that a registered public accounting firm is not independent if the firm, or any affiliate of the firm, during the audit and professional engagement period, provides any non-audit service to the client related to marketing, planning, or opining in favor of the tax treatment of a confidential transaction. A confidential transaction is a transaction that is offered to a taxpayer under conditions of confidentiality and for which the taxpayer has paid an adviser a fee. Rule 3501(c) defines confidential transactions in terms of confidentiality restrictions imposed by tax advisers generally, not specifically auditors. Therefore, Rule 3522(a) applies not only when conditions of confidentiality have been imposed by a tax adviser that is employed by or affiliated with the registered public accounting firm, but also when conditions of confidentiality have been imposed by any tax adviser, including one that has no relationship with the registered public accounting firm.

In question 2, the PCAOB staff deals with the question of whether a registered public accounting firm can, when marketing, planning, or opining in favor of the tax treatment of a transaction, rely on representations from its audit client that another tax adviser did not impose conditions of confidentiality in connection with the specific tax transaction. The staff states: Yes. In determining if any tax-adviser- imposed conditions of confidentiality, the registered public accounting firm may rely on representations from its audit client, provided that the firm does not know, or have reason to know, that those representations are incorrect or incomplete.

Question 3 deals with the question, if in planning a tax transaction, a registered public accounting firm can advise an audit client on the tax consequences of alternative ways of structuring the transaction. The answer is yes, as long as the auditor does not recommend an alternative tax transaction structure: (1) that is not more likely than not to be allowable under applicable tax laws, and (2) a significant purpose of which is tax avoidance. Rule 3522 provides that a registered public accounting firm is not independent of the audit client if the firm, or any affiliates, provides an audit client any non-audit service related to marketing, planning, or opining in favor of the tax treatment of a transaction that was initially recommended by the firm and a significant purpose of which is tax avoidance. In planning a tax transaction for an audit client that is permitted under Rule 3522, the firm may need or want to inform the client about the tax consequences of alternative tax transaction structures, some of which may not be more likely than not to be allowable and have a significant purpose of tax avoidance. As long as the firm does not recommend that the audit client engage in such a transaction, the firm will not violate Rule 3522.

In question 4, the PCAOB staff addresses how a registered public accounting firm’s independence is affected by the IRS’ subsequent listing of a transaction that the firm marketed, planned, or opined in favor of as Aggressive Tax Position Transactions. The PCAOB staff noted that the listing by the IRS of a transaction as Aggressive Tax Position Transactions after the firm marketed, planned, or opined in favor of the tax treatment of the transaction would not retroactively affect the firm’s independence. Whether the firm was independent would depend on the facts available at that time. An analysis would consider whether the tax treatment of the transaction was, at the relevant time, at least more likely than not to be allowable under applicable tax laws, including whether the transaction was itself or substantially similar to a listed transaction.

Rule 3523—Tax services for persons in financial reporting oversight roles

Question 5 deals with tax services to a person in a financial reporting oversight role (FROR) or an immediate family member. The question is whether the auditor should evaluate whether persons are in a FROR at any entities other than the one being audited. The PCAOB staff stated that auditors must evaluate whether a person is in a FROR at an “audit client.” Because Rule 3501 defines “audit client” to include “any affiliates of the audit client,” a person in a financial reporting oversight role at an affiliate of the audit client is covered by Rule 3523, subject to two important exceptions. First, a firm’s independence is not impaired if it provides tax services to a person who is in a FROR at the audit client only because of the person’s relationship to an affiliate whose financial statements are not material to the consolidated financial statements of the entity being audited. Second, a firm’s independence is not impaired if it provides tax services to a person who is in a FROR at the audit client only because of the person’s relationship to an affiliate whose financial statements are audited by an auditor other than the firm.

Question 6 deals with what types of situations the term “other change in employment event” in Rule 3523(c) encompass. Rule 3523(c) provides a time-limited exception to Rule 3523’s restrictions on the provision of tax services to persons in FROR at an audit client and certain of its affiliates. The exception applies when a person becomes subject to the rule through a hiring, promotion, or “other change in employment event.” The PCAOB staff states that a change experienced by a company, such as a change in auditor or a change from a private company to a public one, is not, by itself, an “other change in employment event.”

A business combination could also result in a change in employer or change in responsibilities. For example, if Company A acquires Company B, a person who was in a FROR at Company B would experience an “other change in employment event” if he or she became an employee of Company A in a FROR as a result of the acquisition. If such a person had been receiving tax services from Company A’s registered public accounting firm pursuant to an engagement in process before the acquisition, the time- limited exception in Rule 3523(c) would apply.

The Q&A is available on the PCAOB website at https://pcaobus.org/Standards/QandA/Tax_Services.pdf.