Saturday, March 6, 2021
Corporate Compliance Insights
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
  • Home
  • About
    • About CCI
    • Writing for CCI
    • NEW: CCI Press – Book Publishing
    • Advertise With Us
  • Articles
    • See All Articles
    • NEW: COVID-Related
    • Compliance
    • Ethics
    • Risk
    • FCPA
    • Governance
    • Fraud
    • Internal Audit
    • HR Compliance
    • Cybersecurity
    • Data Privacy
    • Financial Services
    • Leadership and Career
  • Vendor News
  • Jobs
    • Compliance & Risk
    • Information Security
  • Events
    • Webinars & Events
    • Submit an Event
  • Downloads
    • eBooks
    • Whitepapers
  • Podcasts
  • Videos
  • Subscribe
No Result
View All Result
Corporate Compliance Insights
Home Featured

How the PCAOB AS #18 Impacts Audit

by Ron Kral
February 23, 2016
in Featured, Internal Audit
a change in PCAOB standards may pose challenges for auditors

This is an article reprint from the Governance Issues™ Newsletter, Volume 2016, Number 1, published on February 8, 2016.

Conversations on related party relationships and transactions are raging this year within audit firms, audit committees and management groups of public companies, thanks to a relatively new auditing standard. The Public Company Accounting Oversight Board’s (PCAOB or Board) auditing standard number 18 (AS-18) raises the bar for auditors in three critical areas. While this standard has been in effect since 2015, its impact is likely at an all-time high, as external audit firms face another tough round of PCAOB inspections. Whether you are on the audit side or the client side, you are likely to feel the heat from this recent standard. This article addresses the scope, definitions and challenges pertaining to AS-18 for both SEC registrants and their auditors.

Scope

Although AS-18 is largely thought of in terms of related party transactions, the scope covers much more, as it establishes auditing responsibilities for:

  1. Relationships and transactions with related parties
  2. Significant transactions that are outside the normal course of business for the company or that otherwise appear to be unusual due to their timing, size or nature, and
  3. Financial relationships and transactions with executive officers.

Collectively, these three areas are referred to as “the critical areas.” According to the PCAOB’s press release on AS-18, the Board took this action “because these transactions and relationships could pose increased risk of material misstatement in company financial statements.” While these critical areas have long been subject to audit scrutiny, this standard raises the bar for auditors with precise guidance and expectations. The press release quotes PCAOB’s Chief Auditor and Director of Professional Standards, saying “the new performance requirements for auditors are designed to provide a cohesive audit approach to three challenging areas that warrant additional auditor effort and focus.”

The PCAOB views the auditor’s efforts for these three critical areas as complementary, since working in one area can easily relate to one or both of the other areas. The essence of AS-18 is to enable the auditor to conclude whether the company has properly identified, accounted for and disclosed relationships and transactions with related parties and executive officers, as well as significant unusual transactions.

AS-18 requires auditors to obtain an understanding of the company’s process, perform inquiries and communicate with the audit engagement team and other auditors. Moreover, the auditor is expected to perform risk assessment procedures required by AS-12 for the critical areas. Additional procedures also kick-in when related party transactions exist, including testing the accuracy and completeness of the relationships and transactions. The auditor must now go further than making some basic inquiries and obtaining management’s representations. Of course, as with all audit standards, the interpretation of the requirements rests on the auditor’s judgment. Simply put, the greater the risk of material misstatement (RMM), the more work effort is expected of the auditor. The increased expectations posed by AS-18, combined with the PCAOB’s tendency to focus on recently issued standards in their inspections, has audit firms laser-focused on related party transactions.

Perhaps the most insightful guidance per AS-18 is Appendix A to Appendix 1 (pages A1-13 through A1-15). This Appendix contains sources of information and examples that may be gathered by the auditor to indicate that related party relationships or transactions exist. It is well worth the effort for both companies and auditors to read and consider these three pages.

Definitions

Be careful with definitions, as “related parties” as defined in U.S. GAAP is different than “related persons” as defined in Item 404(a) of SEC Regulation S-K. Of course, these definitions have two distinct purposes. The first term is for external financial statement purposes. The second term is for disclosure purposes in complying with Item 13, Part III of the Form 10-K, which is often incorporated by reference from the registrant’s proxy statement. Hence, the definition pertinent to AS-18 is contained in the Financial Accounting Standards Board (FASB) Accounting Standards Codification® (ASC), which is the source of U.S. GAAP. Specifically, ASC 850-10-20 defines “related parties” to include:

  1. Affiliates of the entity
  2. Entities for which investments in their equity securities would be required, absent the election of the fair value option under the Fair Value Option Subsection of ASC 825-10-15, to be accounted for by the equity method by the investing entity
  3. Trusts for the benefit of employees, such as pension and profit-sharing trusts that are managed by or under the trusteeship of management
  4. Principal owners of the entity and members of their immediate families
  5. Management of the entity and members of their immediate families
  6. Other parties with which the entity may deal if one party controls or can significantly influence the management or operating policies of the other to an extent that one of the transacting parties might be prevented from fully pursuing its own separate interests
  7. Other parties that can significantly influence the management or operating policies of the transacting parties or that have an ownership interest in one of the transacting parties and can significantly influence the other to an extent that one or more of the transacting parties might be prevented from fully pursuing its own separate interests

This definition heavily hinges on the following terms as also defined by ASC 850-10-20: affiliate, control, immediate family, management and principal owners. Each of these terms, as well as the entire definition, requires careful understanding and attention. It is not uncommon for companies to call upon legal counsel to help ensure that the definition is appropriately applied. A misstep on this front can be a violation of U.S. GAAP. It can also potentially trigger adverse legal actions in the event an investor or creditor felt they were misled due to either a non-disclosure or an incorrect disclosure.

Challenges from the Company’s Perspective

The company’s objective is to have adequately designed internal controls over financial reporting that are operating effectively to reasonably ensure that errors and fraud are prevented and detected for the critical areas. This means that all relationships and transactions with related parties and executive officers, as well as significant unusual transactions, have been identified, accounted for and adequately disclosed in their financial statements.

  • Do we thoroughly understand and utilize the relevant U.S. GAAP definition of related party?
  • Do we have adequate controls to identify, account for and disclose relationships and transactions with related parties and executive officers, as well as significant unusual transactions?
  • Do we incorporate the risks of related parties and unusual transitions, including fraud considerations, into our risk assessment?
  • Have all relationships and transactions with related parties and executive officers, as well as significant unusual transactions, been identified and adequately disclosed?
  • Have we done enough?

Challenges from the Auditor’s Perspective

The auditor’s objective is to obtain sufficient appropriate audit evidence to conclude if all significant relationships and transactions with related parties and executive officers, as well as unusual transactions, have been properly identified, accounted for and disclosed in the audited financial statements.

  • Do we thoroughly understand AS-18?
  • What constitutes “sufficient appropriate audit evidence” as required by the standard and interpreted by the PCAOB?
  • How much risk (inherent and control) has our client taken on, and what is the impact to RMM?
  • Have all significant relationships and transactions with related parties and executive officers, as well as unusual transactions, been identified and adequately disclosed?
  • Did we conduct adequate audit procedures and are they sufficiently documented?

Obviously there are many more considerations in addressing AS-18. However, if auditors and preparers successfully answer these respective questions, they are well on their way in addressing the critical areas of AS-18.


Tags: internal audit
Previous Post

New DOL Guidance Seeks to Expand FLSA Liability to More “Joint” Employers

Next Post

ADP Mid-Sized Business Owners Study 2015

Ron Kral

Ron Kral (CPA, CMA, CGMA) is a partner of Kral Ussery LLC, a public accounting firm delivering advisory services, litigation support and internal audits. He serves public and private companies to protect and grow shareholder value, as well as nonprofits and governments on internal controls to combat errors and fraud. Ron has worked with hundreds of clients as a public accountant offering robust solutions on accounting, auditing, controls, ethics, anti-fraud programs, governance and SEC regulatory matters. Prior to forming a predecessor firm to KU in 2003, he was a general manager for a large technology company traded on the NYSE. Ron was also a principal consultant with PwC leading operational audits and internal control projects. He began his public accounting career with a California CPA firm as a financial auditor and was responsible for signing audit opinions upon becoming managing director of the firm’s Orange County office. Ron launched his career as a performance auditor with the California State Auditor. Ron is a highly rated speaker and facilitator, including for COSO’s Internal Control Certification Program for the AICPA. He also served on FEI’s working group for the development of COSO’s 2013 control framework and is a member of four of the five COSO-sponsoring organizations: the AICPA, FEI, IIA and IMA. Ron holds an MBA from Arizona State University and a BBA from the University of Wisconsin-Madison. He can be reached at www.linkedin.com/in/ronkral.    

Related Posts

green and red location markers on map

FinCEN’s Registry Will Be a Game-Changer. It Will Also Place an Added Burden on Corporations.

March 5, 2021
illustration of man under giant gavel

BitPay’s $507K OFAC Sanctions Violations Settlement

March 4, 2021
The facade of the SEC in Washington, D.C.

Prepare Now to Comply with SEC’s Updated MD&A and Related Financial Disclosure Requirements

March 3, 2021
Illustration representing a facial recognition technology scan of a face.

Facial Recognition Technology in the Workplace: Employers Use It, Workers Hate It, Regulation Is Coming for It

March 3, 2021
Next Post

ADP Mid-Sized Business Owners Study 2015

OneTrust offers download to demonstrate privacy management leadership
Access realtime data
Top 10 Risk and Compliance Trends

Special Coverage

Special COVID page graphic

Jump to a Topic:

anti-corruption anti-money laundering/AML Artificial Intelligence/A.I. automation banks board of directors board risk oversight bribery CCPA/California Consumer Privacy Act Cloud Compliance communications management Coronavirus/COVID-19 corporate culture crisis management cyber crime cyber risk data analytics data breach data governance decision-making diversity DOJ due diligence ESG fcpa enforcement actions financial crime GDPR GRC HIPAA information security KYC/know your customer machine learning monitoring ransomware regtech reputation risk risk assessment Sanctions SEC social media risk technology third party risk management tone at the top training whistleblowing
No Result
View All Result

Privacy Policy

Follow Us

  • Facebook
  • Twitter
  • LinkedIn
  • RSS Feed

Category

  • CCI Press
  • Compliance
  • Compliance Podcasts
  • Cybersecurity
  • Data Privacy
  • eBooks
  • Ethics
  • FCPA
  • Featured
  • Financial Services
  • Fraud
  • Governance
  • GRC Vendor News
  • HR Compliance
  • Internal Audit
  • Leadership and Career
  • Opinion
  • Resource Library
  • Risk
  • Uncategorized
  • Videos
  • Webinars
  • Whitepapers

© 2019 Corporate Compliance Insights

No Result
View All Result
  • Home
  • About
  • Articles
  • Vendor News
  • Podcasts
  • Videos
  • Whitepapers
  • eBooks
  • Events
  • Jobs
  • Subscribe

© 2019 Corporate Compliance Insights