Public Company Audit Inspections Are Coming. Will Your Company Be Affected by New Focus Areas?

The Public Company Accounting Oversight Board (PCAOB) in June released its planned focus areas for 2022 inspections of public company audits. While most of its targeted areas aren’t of special interest to those outside of accounting firms, a few of them will have indirect ramifications for public companies themselves — fraud and other risks, IPOs and M&A activity and independence. 

Fraud and other risks

The fraud risk landscape for companies is constantly evolving due to changing operating environments, new accounting complexities and relating judgments. PCAOB mentions these contributing factors:

• An IPO or significant M&A activities, including transactions with SPACs.
• Negative effects due to supply chain disruption and/or the Covid-19 pandemic.
• Volatility in the financial market due to fluctuations in interest rates and inflationary trends.

Of course, these are only a couple of dynamic environments out of countless circumstances that can introduce new risks and accounting complexities. PCAOB makes it clear that they have and will select inspection audits in industries with greater inherent risks of financial statement accounts. 

Specifically, PCAOB inspectors will focus on the following accounting risks:

• Unreasonable assumptions affecting the timing and amount of revenue recognition.
• Unreasonable projection assumptions to account for business combinations (M&A) or impairment of goodwill and intangible assets due to changing economic conditions.
• Earnings manipulation as a reaction to margin pressures driven by rising costs.
• Complexities regarding the existence and valuation of inventory, including challenges with observing in-transit inventory and its valuation triggered by supply chain disruptions or rising costs. 
• Financial, economic, and business uncertainty impacting the periodic assessment of uncertainties of a public company’s ability to continue as a going concern.

Public companies can expect their auditors to spend more time assessing internal controls over complex accounting judgements and the completeness of financial statement disclosures. Consider designing controls requiring the drafting and review of technical accounting memos to address new and evolving accounting risks including unusual and complex transactions. 

Also, revisit the sufficiency of your controls to prevent and detect fraud risks, including the risk of management override. Chances are your auditors will be looking at fraud more than ever due to the PCAOB audit standards and the topical emphasis through this spotlight.

IPOs and M&A activity

While IPOs and M&A transactions have recently slowed, the blistering pace of growth in 2020 and 2021 continues to leave its mark with the PCAOB and the SEC. And rightfully so, considering the challenges of a company’s ability to comply with the financial statement reporting and internal control requirements for publicly held companies, including applicable sections of SEC Regulation S-X and S-K. 

PCAOB has pointed out that valuation risk is high, as new public companies may use acquisitions to mask underperforming revenues from legacy businesses. They may also apply aggressive valuation assumptions to support high purchase prices or overvalue acquired intangible assets.

Regulatory scrutiny for special acquisition purpose company (SPAC) and de-SPAC transactions remains high. PCAOB plans to select and review audit work for:

• Valuation of financial instruments using complex valuation models.
• The determination of whether a business combination should be accounted for as a reverse merger.
• Internal control over financial reporting.
• Financial statement presentation and disclosures.
• Restatements related to warrants or other issues.

The message for public companies is simple — if you have IPO or M&A activities it is wise to double-down on your audit readiness efforts as audit scrutiny will likely be high.

Independence

Auditor independence continues to be a prevalent theme for the PCAOB, and while this topic is largely on auditors’ shoulders, companies must do their part to help ensure that their audit firm is not put in a position that could impair independence. 

In fact, compliance with auditor independence rules is a shared responsibility of the audit firm, the issuer and its audit committee. The audit committee plays a critical role in auditors’ compliance with the auditor independence rules. For example, audit committees are deemed to be directly responsible for the oversight of the engagement of the company’s independent auditor, which generally is understood to include obtaining reasonable assurance primarily through required auditor communications that they are independent. 

Rule 2-01 of SEC Regulation S-X tackles the important topic of auditor independence. The four guiding principles that the SEC specifies in the opening paragraph to Rule 2-01 are the basis for a framework in considering whether an auditor is independent with respect to an audit client. The four guiding principles indicating a lack of independence are:

1. Create a mutual or conflicting interest between the accountant and the audit client.
2. Place the accountant in the position of auditing their own work.
3. Result in the accountant acting as management or an employee of the audit client.
4. Place the accountant in a position of being an advocate for the audit client.

While there are many aspects to Rule 2-01, one is section (c)(4) that states that “An accountant is not independent if, at any point during the audit and professional engagement period, the accountant provides the following non-audit services to an audit client” unless these services will not be subject to audit procedures during an audit of the audit client’s financial statements:

• Bookkeeping or other services related to the accounting records or financial statements.
• Financial information systems design and implementation.
• Appraisal or valuation services, fairness opinions, or contribution-in-kind reports.
• Actuarial services.
• Internal audit outsourcing services.

In addition, audit firms performing management functions, human resource activities, and legal services are within the prohibited “non-audit services” definition. It is important for audit committees to understand what constitutes prohibited non-audit services and explicitly preapprove audit firm services that do not impair audit firm independence per Rule 2-01 of SEC Regulation S-X.

Acting SEC Chief Accountant Paul Munter issued a statement on auditor independence in June 2022. This is a great read for all public companies providing deep insights into this topic. He states “we caution that accountants, audit firms, registrants, and their audit committees should never make the mistake of assuming that just because a particular circumstance is not expressly prohibited in, or captured by, Rule 2-01(c), their independence analysis is over. Instead, accountants, audit firms, registrants, and their audit committees must always assess and approach auditor independence for purposes of considering, beginning, or continuing an audit engagement under Rule 2‑01(b).”

Rule 2-01(b) is a critical SEC definition to understand; it reads: The Commission will not recognize an accountant as independent, with respect to an audit client, if the accountant is not, or a reasonable investor with knowledge of all relevant facts and circumstances would conclude that the accountant is not, capable of exercising objective and impartial judgment on all issues encompassed within the accountant’s engagement. In determining whether an accountant is independent, the Commission will consider all relevant circumstances, including all relationships between the accountant and the audit client, and not just those relating to reports filed with the Commission.

Conclusions

While PCAOB highlights focus areas that directly impact registered public accounting firms who audit U.S. public companies, the related audit pressures and tasks can often trickle down to public companies themselves. Greater awareness on PCAOB inspection focus points can shed light on what public companies can do proactively to better prepare for their annual audit and interim reviews. Having strong internal controls in place for relevant focus areas should greatly mitigate accounting and financial reporting risks while also paving the way for a more efficient and effective independent audit process. 

This article was first published in the Governance Issues newsletter; it’s republished here with permission.