No Result
View All Result
SUBSCRIBE | NO FEES, NO PAYWALLS
MANAGE MY SUBSCRIPTION
NEWSLETTER
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

Ensuring a High-Quality Audit – Who is Responsible?

by Ron Kral
March 24, 2016
in Featured, Internal Audit
The quality of an audit corresponds directly to its value

The world tends to repeat cycles, and the current attention to deficient audits is reminiscent of the years ushering in the Sarbanes-Oxley Act of 2002. However, this time it is different, as regulators are proactively scrutinizing external auditors and imposing enforcement actions against audit committee chairs.

In a January 25, 2016 speech, Andrew Ceresney, Director of the SEC’s Division of Enforcement, stated: “audit committee members who fail to reasonably carry out their responsibilities, and auditors who unreasonably fail to comply with relevant auditing standards in their audit work, can expect to be in our focus.” Regulators are increasingly holding gatekeepers of the financial reporting process more accountable. According to Mr. Ceresney, the SEC has recently brought cases against three audit committee chairs who either approved public filings they knew were reckless or should have known to be false because of other information available to them. He also mentioned that the SEC settled high-profile cases in recent months against two national audit firms and individual audit partners from those firms pertaining to false and misleading unqualified audit opinions. These are the first cases against national audit firms for audit failures since 2009.

While it is important to understand the regulators’ viewpoints and efforts, the levers for extracting value from the external audit process largely rests with the company. With the audit season concluded for companies with fiscal year-ends synced to the calendar year, now is an ideal time to assess the value of the external audit process. First, let’s visit some recent regulatory developments.

Regulators – What Are The Issues?

In addition to increased SEC enforcement actions, the Public Company Accounting Oversight Board (PCAOB) continues to find relatively high rates of audit deficiencies per their inspections. Earlier this month, the International Forum of Independent Audit Regulators (IFIAR) issued their “Report on 2015 Survey of Inspection Findings“ (Report) from audit regulators’ inspections of the six largest international audit firm networks. The IFIAR comprises independent audit regulators from 50 jurisdictions, including the PCAOB. The Report concluded that 43 percent of inspected audits of listed public interest entities (PIEs) had at least one inspection finding. A PIE is an entity listed on a national securities exchange. This Report uses “finding” and “deficiency” interchangeably. Inspection findings are deficiencies in audit procedures indicating an audit firm did not obtain sufficient appropriate audit evidence to support its opinion. This does not necessarily imply that the audited financial statements were materially misstated.

The Report found the highest number of financial statement audit inspection deficiencies for PIEs in the areas of:

  • Internal control testing (23 percent frequency of findings)
  • Fair value measurement (18 percent frequency of findings)
  • Revenue recognition (15 percent frequency of findings)
  • Risk assessment (14 percent frequency of findings)

The Report also found the highest number of firm-wide quality control deficiencies in the areas of:

  • Engagement performance (59 percent frequency of findings)
  • Independence and ethical requirements (40 percent frequency of findings)
  • Human resources (36 percent frequency of findings)
  • Monitoring (33 percent frequency of findings)

On the same day the Report was issued, the IFIAR issued a press release entitled “International Audit Regulators Say Pace of Audit Quality Improvement Too Slow; Call for Measurable Improvement By 2019.” This press release states: “IFIAR and the six largest network firms have agreed on a new initiative to improve audit quality globally. The goal is to reduce the number of deficient audits reported by our members in the survey. To provide a means to measure progress, for the first time IFIAR’s working group that engages regularly with the largest global audit firms has set a measurable target for the reduction of audits with findings: a reduction of at least 25 percent in the next four years in audits with at least one finding as reported by the members of this working group.”

Accomplishing this goal will likely not settle the audit quality concern, but at least it is a start. The IFIAR plans to support this objective by encouraging root cause analysis, as well as increased monitoring and dialogue with the six largest international audit firm networks.

A powerful PCAOB staff perspective entitled, “The State of Audit Quality” was given at the AICPA Conference on Current SEC and PCAOB Developments last December by Helen A. Munter, PCAOB Director, Division of Registration and Inspections. Ms. Munter emphasizes that the goal of inspections is not to simply identify deficiencies, but rather “to help auditors improve the quality of their audits and the value that they bring to their clients and to investors.”

While clearly the auditor owns the responsibility of complying with applicable auditing standards, companies have a lot of power toward ensuring that value is derived from the external audit process.

Company Considerations to Extract Audit Value

Here are some ideas toward ensuring a healthy external audit process to maximize value:

  1. Obtain a high-level understanding of the external audit world. Acquiring a basic knowledge of audit standards and the regulatory audit environment is helpful in understanding the audit perspective. New auditing standards generally draw more attention from regulators in assuring that the new audit procedures are properly applied. For example, PCAOB’s auditing standard number 18 (AS-18) requires more robust audit considerations in three critical areas, including related party relationships and transactions. The increased expectations triggered by AS-18, combined with the PCAOB’s tendency to focus on recently issued standards in their inspections, has audit firms laser-focused on related party transactions. This indirectly can have a significant impact to their audit clients. Refer to “A Focus on Related Party Transactions” for a previous article on this topic. Preparing for sensitive audit areas well before the auditors arrive for fieldwork can greatly reduce stress levels. In addition to acquiring a general knowledge of regulatory interests, ask your auditors to identify the hot buttons they anticipate for the upcoming audit.
  2. Ask lots of questions. Audit committees need to be comfortable with the auditor’s understanding of risk of material misstatement (RMM) and their audit plan. It is prudent for them to ask plenty of questions to their auditors at audit committee meetings. A red flag should go up if the external auditor simply rolls through their required communications without any discussion. As communicated in PCAOB’s “Audit Committee Dialogue” issued in May 2015, questions to consider include:
    • What are the points within the company’s critical systems processes where material misstatements could occur?
    • How has the audit plan addressed the RMM at those points?
    • What new risks have been identified?
    • How have the areas of significant RMM changed since the prior year?
    • What is the approach for evaluating the company’s controls over financial reporting for significant unusual transactions or events, such as the acquisition of assets and assumption of liabilities in business combinations, divestitures and major litigation claims?
    • What is done to obtain a thorough understanding of the assumptions and methods the company used to develop critical estimates, including fair value measurements?
    • Has the engagement team lost key auditors or specialists to other lines of business?
    • How are you ensuring that the quality of the audit team will remain high over time?

Audit committees may also want to discuss with their auditors the types of audit deficiencies identified in their PCAOB inspections, as well as how they are addressing them in the their audits.

  1. Understand how your internal audit function will be leveraged. While there are no requirements for the external auditor to utilize internal audit efforts, standards do require them to consider it. The company, through their audit committee and CFO management team, should be comfortable that internal audit efforts will be considered by the external auditor with a strong appetite to potentially use some of these efforts in support of their opinions. Of course, use of this effort assumes that the external auditor is comfortable with the internal audit function in accordance with external auditing standards.
  2. Do not treat the audit opinion as a commodity purchase. Not all audit firms and audit teams are the same. Quite the contrary; good and bad audit teams likely exist within all larger and mid-sized firms. Likewise, the size of the audit firm is not always indicative of value. Audit committees need to carefully select and retain firms they feel can best provide value through a robust opinion. In many cases, these audit firms will not be the low-price bidder. The audit firm must be independent, and the audit team must demonstrate plenty of objectivity and professional skepticism.
  3. Develop an audit improvement plan. Consider what went well and what didn’t during the recent audit cycle. Draft an internal improvement plan, with key conclusions eventually shared with your auditor. The plan should contain audit committee and management objectives and an assessment if they were met. Specific recommendations for improvement should be discussed between the company and the auditor, including actions to mitigate stress points and opportunities to glean more value from the external audit process. A good resource for identifying key elements of a quality audit can be retrieved from the Center for Audit Quality’s “CAQ Approach to Audit Quality Indicators,” published in April 2014.

While the above list is not meant to be exhaustive, it should help trigger ideas to extract more value from the external audit process. Maximizing value rests largely on the company’s shoulders, not the regulators. Don’t let another audit year go by without aligning the external audit process objectives to an action plan to maximize value.

This is an article reprint from the Governance Issues™ Newsletter, Volume 2016, Number 2, published on March 14, 2016.


Previous Post

Chief Compliance Officers are at Risk

Next Post

New Legislation Extends Business Tax Credit Opportunities

Ron Kral

Ron Kral

Ron Kral is a partner of Kral Ussery LLC, a public accounting firm delivering advisory services, litigation support and internal audits. Ron is a highly rated speaker, trainer and advisor. He is a member of 4 of the 5 COSO sponsoring organizations; the AICPA, FEI, IIA, and IMA. Contact Ron at Rkral@KralUssery.com or www.linkedin.com/in/ronkral.    

Related Posts

Phaxis 100 dollars

AML & KYC: Addressing Key Challenges for 2023 and Beyond

by Alex Roberto
March 16, 2023

(Sponsored) In today’s world, financial criminals are often a step ahead of regulators and financial institutions who struggle to effectively...

audit

IIA Survey: Technology Issues Widening Risk Landscape

by Staff and Wire Reports
March 15, 2023

The past year has seen internal audit staffing and budgets continue their recovery to pre-pandemic levels as organizations contend with...

Paul Weiss Economic Sanctions and AML Developments 2022_f

Economic Sanctions and AML Developments

by Corporate Compliance Insights
March 15, 2023

Sanctions start high and stay high 2022 Year in Review Economic Sanctions and AML Developments What’s in this report from...

insider fraud threat

As Layoffs Continue, the Potential for Insider Fraud Is Growing. Are You Ready?

by Chris Gerda
March 15, 2023

From startups to big banks, the technology and financial services sector have already seen tens of thousands of layoffs in...

Next Post
Is your company at risk of missing out on tax benefits this year?

New Legislation Extends Business Tax Credit Opportunities

Compliance Job Interview Q&A

Jump to a Topic

AML Anti-Bribery Anti-Corruption Artificial Intelligence (AI) Automation Banking Board of Directors Board Risk Oversight Business Continuity Planning California Consumer Privacy Act (CCPA) Code of Conduct Communications Management Corporate Culture COVID-19 Cryptocurrency Culture of Ethics Cybercrime Cyber Risk Data Analytics Data Breach Data Governance DOJ Download Due Diligence Enterprise Risk Management (ERM) ESG FCPA Enforcement Actions Financial Crime Financial Crimes Enforcement Network (FinCEN) GDPR HIPAA Know Your Customer (KYC) Machine Learning Monitoring RegTech Reputation Risk Risk Assessment SEC Social Media Risk Supply Chain Technology Third Party Risk Management Tone at the Top Training Whistleblowing
No Result
View All Result

Privacy Policy

Founded in 2010, CCI is the web’s premier global independent news source for compliance, ethics, risk and information security. 

Got a news tip? Get in touch. Want a weekly round-up in your inbox? Sign up for free. No subscription fees, no paywalls. 

Follow Us

Browse Topics:

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks Published by CCI
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • On Demand Webinars
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Well-Being
  • Whitepapers

© 2022 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Explore Topics
    • See All Articles
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Well-Being at Work
    • Leadership and Career
    • Opinion
  • Vendor News
  • Career Connection
  • Events
    • Calendar
    • Submit an Event
  • Library
    • Whitepapers & Reports
    • eBooks
    • CCI Press & Compliance Bookshelf
  • Podcasts
  • Videos
  • Subscribe

© 2022 Corporate Compliance Insights

Welcome to CCI. This site uses cookies. Please click OK to accept. Privacy Policy
Cookie settingsACCEPT
Manage consent

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent. You also have the option to opt-out of these cookies. But opting out of some of these cookies may affect your browsing experience.
Necessary
Always Enabled
Necessary cookies are absolutely essential for the website to function properly. These cookies ensure basic functionalities and security features of the website, anonymously.
CookieDurationDescription
cookielawinfo-checbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT