The Auditing Standards Board is putting the finishing touches on a completely overhauled set of Generally Accepted Auditing Standards, effective for audits of the financial statements of non-issuers dated after December 15, 2010; in other words, this coming year’s audits for companies with year-end fiscal years. It may surprise some people to know that auditors are not the only ones who should care about this development. Particularly for those affiliated with an issuer, where audit standards are controlled by the Public Company Accounting Oversight Board (PCAOB), these new standards could have a major impact.
There is a good likelihood that the PCAOB will replicate its prior behavior and adopt (or approve something similar to) the new audit standards, making them applicable to public company audits. Further, major thrusts of the new audit standards are (i) to highlight the role and responsibility of management in the preparation of an entity’s financial statement and (ii) to encourage communication between the auditors of an entity and those charged with corporate governance. It is inevitable that there will be extended, and more meaningful, discussions on myriad topics that are closely related to the entity’s financial statements. Given this inevitability, it behooves directors to familiarize themselves with the more-interactive environment they are likely to encounter in the near-term future, since it will be interwoven with the question of whether the directors have successfully discharged their fiduciary responsibilities.
The Genesis of Current Accounting Standards
The primary responsibility for generating auditing standards has fallen upon the American Institute of Certified Public Accountants (AICPA), since its predecessor American Institute of Accountants was appointed to that task by the Federal Reserve Board in 1917. Since 1978, that task has been the province of the Auditing Standards Board (ASB), which is the senior technical committee of the AICPA. Over the years, the ASB and its predecessors have generated 120 Statements on Auditing Standards, which are included in the Codification of Statements on Auditing Standards and have come to be known as Generally Accepted Auditing Standards (GAAS).
By virtue of the Sarbanes-Oxley Act of 2002, the PCAOB assumed the responsibility for promulgating auditing standards relating to the financial statements of public companies. With some exceptions, the PCAOB has adopted the pre-existing GAAS as its own.
The Need to Change Auditing Standards
An event that caused the ASB to decide to overhaul its auditing standards was globalization. As entities become more multi-national, their various components became subject to the accounting and auditing rules of different jurisdictions. In an attempt to address this hodge-podge, the International Auditing and Attestations Standards Board (IAASB) began to develop standards that it hoped would be applicable worldwide. The AICPA, however, did not think it appropriate to blindly adopt auditing standards promulgated by an entity that lacked the background to fully understand the development of American audit standards. Thus, the ASB was asked to converge U.S. GAAS with the international standards being developed to the extent possible so the two standards would be more consistent while allowing for divergence where appropriate.
Since a rewrite was necessary, the ASB decided that it should also include the concept of clarity. As 120 standards had been developed over the years by different sets of people, it was felt that an overhaul, including the use of simpler language, would provide a more unified structure that was easier for an auditor to understand.
Also bearing directly on the clarity aspect of the project was the fact that the language used in the standards sometimes obscured the difference between mandatory requirements and applicable guidance. Thus, the new standards were written in such a way as to clearly distinguish between the two.
By way of example, a comparison of the related parties standard is instructive. The current standard, promulgated in 1983, is 12 paragraphs in length and accompanied by several auditing interpretations generated since. The PCAOB standards are a virtually verbatim adoption. By contrast, the proposed new standard is twenty-seven paragraphs in length, accompanied by 52 more paragraphs of applicable guidance. As one might imagine, it is both more comprehensive and more specific.
The Roles of Those Charged With Governance
It has always been the auditor’s mantra that an entity’s financial statements are the primary responsibility of corporate management. This makes perfect sense since the management chooses the accounting, develops applicable policies, hires the personnel to implement those policies, establishes and maintains internal controls and then supervises compliance. While management responsibility is the basic premise on which an audit is conducted, mention was only sporadically made in GAAS since the focus was primarily on the auditor. This has now changed.
The 10 bedrock auditing standards, which have been in existence for more than half-a-century, and which made no mention of management responsibility, will soon be extinct. They are replaced by a Preface to the new Codification which in its second-numbered paragraph has a detailed explanation of why management responsibility is a basic audit premise. Previously, the auditor was encouraged to discuss management responsibility before taking on an audit; now, the management’s acknowledgment of its responsibilities is a mandatory part of an engagement without which an audit cannot be undertaken. The standard auditor’s report, which formerly made a generalized reference to management responsibility, will soon have a detailed explanation for the benefit of recipients.
In addition to this intensification of focus on management responsibilities, the new standards are rife with provisions encouraging a dialogue (and sometimes providing a script) between the auditors and those charged with corporate governance, whenever certain issues arise. Again illustrative is the proposed related party standard. The basic premise is weaved into one of the application paragraphs, with an explanation as to why the premise is particularly important in the related party context.
How Changes Will Affect Outside Directors
The outside director will approve an audit engagement that acknowledges the role of management in the preparation of financial statements, and will receive an audit report that describes that role at length. It will be impossible for that director to say, with any degree of plausibility, that he/she has no understanding of what that role might be.
Instead, that director would be best served by asking both management and auditor their respective understandings of that role, what policies, procedures, and internal controls are designed to assist in that role, and how well management is meeting those responsibilities. Any unsatisfactory or inconsistent answer should be followed up on, and a concise record should be made of the inquiries and responses to minimize future questions as to whether the directors had fulfilled their fiduciary responsibilities.
Similarly, the increased emphasis on communication between the auditors and those charged with corporate governance will undoubtedly result in more such communications. As the ultimate stewards of the business entity, the directors can only discharge their fiduciary responsibilities by paying close attention to these discussions, resolving any issues that arise, and keeping a careful record of what has transpired.
Of course, one might say that a careful director would do all these things under the present standards, and one would be right. The difference under the new standards is that these circumstances will arise more often. The director should anticipate this development and decide what types of issues should be addressed, after consulting with counsel and consultants as appropriate. The minefield of compliance with fiduciary responsibilities will be tricky and it is best to negotiate it with experienced assistance.
And properly addressing the issues that will be raised is important. Obviously, it is important from a litigation possibility perspective and from the perspective of discharging fiduciary obligations; but it is also important from the perspective of fostering better management performance and more reliable financial statements.
Anthony Costantini is a New York-based partner in the law firm of Duane Morris LLP,.recently completed a three-year term as a public member of the Auditing Standards Board.
It behooves directors to familiarize themselves with the more-interactive environment they are likely to encounter in the near-term future, since it will be interwoven with the question of whether they have successfully discharged their fiduciary responsibilities.