October 16, 2024
 

Audit Insider | September/October 2024

Audit Insider with Dennis McGowan

Welcome back, Audit Insiders. Fall was off to a rainy start here in Washington, D.C., though luckily, I was able to escape most of it as I spent the first half of the month in Greece on my honeymoon.

Sadly, our regulators and standard setters did not get the memo while I was away, passing several new standards and issuing new resources. At the CAQ, my colleagues have been equally busy, from conducting investor surveys to discussing the role of auditors in the deployment of generative AI. We also collaborated with the Anti-Fraud Collaboration on a new publication to strengthen the profession’s response to fraud.

Lastly, I connected with Dante D’Egidio, Americas Vice Chair of Assurance at EY, for this month’s Audit Insider. We discussed the importance of diversity and representation within the profession and how firms can attract the next generation of talent.

Read on for the latest issues I’m tracking and resources from the profession to assist audit practitioners.

Please note that these perspectives are my own. If this email was forwarded to you, subscribe here so that you never miss a public company auditing update.


What's new in public company audit

We’re closely monitoring these proposals and others from audit regulators and standard setters:

SEC​​​

SEC Votes to Approve New and Updated PCAOB Auditing Standards and an Amendment to the PCAOB’s Contributory Liability Rule

In August, the SEC voted to approve two PCAOB proposals updating auditing standards regarding the general responsibilities of the auditor and the use of technology-assisted analysis in conducting an audit. The SEC also approved a proposal amending a PCAOB ethics rule governing the liability of an associated person when they directly and substantially contribute to audit firm violations. SEC Chair Gary Gensler and Commissioners Caroline Crenshaw and Jaime Lizárraga supported all 3 PCAOB proposals. While Commissioners Hester Peirce and Mark Uyeda supported updates to the general responsibilities of the auditors and use of technology-assisted analysis in conducting an audit, they did not support amending PCAOB rules regarding contributory liability.

  • CAQ take: The amendments to Rule 3502, Responsibility Not to Knowingly or Recklessly Contribute to Violations, will become effective in 60 days. PCAOB Auditing Standard (AS) 1000, General Responsibilities of the Auditor in Conducting an Audit, along with related amendments to other PCAOB standards, will take effect for audits of financial statements for fiscal years beginning on or after December 15, 2024, except that, for registered public accounting firms that provide audit opinions for 100 or fewer issuers during the calendar year ending December 31, 2024, the amendment relating to the documentation completion date will take effect for audits of financial statements for fiscal years beginning on or after December 15, 2025. The technology-assisted analysis amendments to AS 1105, Audit Evidence, and AS 2301, The Auditor’s Response to the Risks of Material Misstatement, and other conforming amendments, will take effect for audits of financial statements for fiscal years beginning on or after December 15, 2025.

In September, the SEC approved the PCAOB’s QC 1000, A Firm’s System of Quality Control. The adopted standard will establish an integrated, risk-based quality control standard that will require all registered public accounting firms to identify specific risks to their practice and design a quality control system that includes appropriate responses to guard against those risks. Chair Gary Gensler of the SEC Commissioners and Commissioners Jaime Lizárraga and Caroline Crenshaw voted in support of the adoption, highlighting how the adoption of QC 1000 will help audit firms design and implement more effective QC systems. Other Commissioners, including Hester Peirce and Mark Uyeda, did not support adoption, both expressing concerns that more feedback and engagement were needed prior to adopting a final QC standard.

  • CAQ take: In our July comment letter, the CAQ expressed support for the PCAOB’s effort to strengthen audit practices but expressed concerns and questions about the final standard. The PCAOB submitted a letter in response to comments received by the SEC on QC 1000. QC 1000 and the related amendments to other PCAOB standards, rules, and forms will take effect on Dec. 15, 2025.

Chief Accountant Paul Munter’s Statement on Selective Disclosure of Information Regarding Cybersecurity Incidents

At the 2024 AICPA & CIMA Conference on Banks & Savings Institutions, Paul Munter, Chief Accountant at the SEC, shared his view on Staff Accounting Bulletin No. 121 (SAB 121). In his remarks, Munter highlighted how an entity should record a liability on its balance sheet to reflect its obligation to safeguard crypto assets held for others. The Chief Accountant also reiterated the importance of why this financial reporting provides relevant, timely information that investors need to assess the unique risks and uncertainties related to safeguarding crypto assets. Read Munter’s statement here.

PCAOB

PCAOB Releases Results of 2023 Audit Inspections 

The PCAOB released the results of inspections of all 2023 annually inspected firms, including the six U.S. global network firms. Chair Erica Wiliams said the results “point to some small signs of movement in the right direction.” Some of these signs include stabilization in deficiency rates among larger firms. Moreover, actual restatements remain incredibly low year over year (just three of 405 audits (0.74%) inspected in 2023 resulted in a restatement compared with two of 386 audits (0.52%) inspected in 2022).

  • CAQ take: Audit quality is a continuous journey, and firms continue to learn from inspections. However, the results of these inspections and other indicators suggest that audit quality remains high. Our CEO, Julie Bell Lindsay, recently shared her views on the current state of audit quality with Forbes. In a previous blog, I shared what inspection results mean and how the profession can chart a path forward.

CAQ Comments on the PCAOB Substantive Analytical Procedures Proposal

In August, the CAQ submitted our comment letter in response to the PCAOB’s Substantive Analytical Procedures Proposal. The CAQ is supportive of modernizing AS 2305, Designing and Performing Substantive Analytical Procedures, with principles-based requirements. In addition to other feedback, the CAQ also reiterated the importance of risk assessment and professional judgment in designing and performing substantive analytical procedures. Read our letter here.

PCAOB Publishes Spotlights Reports on 2023 Inspections, Banking Audits, and Auditor Independence

Following the official 2023 inspection results, the PCAOB also published a new staff Spotlight publication, which provides an overview of staff observations from the 2023 inspections. The PCAOB also shared the September Spotlight publication for Bank Financial Reporting Audits. The PCAOB posted a Spotlight on Auditor Independence that highlights recent staff observations on independence, including common deficiencies that resulted in the issuance of comment forms, good practices, and other reminders, which can help audit firms and audit firm personnel comply with PCAOB and SEC independence standards and rules. These Spotlight publications aim to help auditors, audit committees, investors, and preparers understand the PCAOB’s activities and observations.

IAASB

In September, the IAASB approved International Standard on Sustainability Assurance 5000, General Requirements for Sustainability Assurance Engagements. The standard will replace ISAE 3000 (Revised), currently used by 99% of the world’s largest audit firms, as the global framework for providing assurance of sustainability standards.

The standard-setting body expects to “share final language before the end of the month and formally publish by the end of the year”.

IASB

This summer, the IASB published a consultation document, proposing eight examples to illustrate how companies apply IFRS Accounting Standards when reporting the effects of climate-related and other uncertainties in their financial statements. The IASB’s proposed examples aim to:

  • improve transparency of information in financial statements; and
  • strengthen the connection between financial statements and other parts of a company’s reporting, such as sustainability disclosures.

The eight illustrative examples focus on areas such as materiality judgments, disclosures about assumptions and estimation uncertainties, and disaggregation of information. The IASB invites all stakeholders to provide feedback on the proposed illustrative examples. The comment period is open until November 28, 2024.

 

From the CAQ

Audit Quality

Audit quality in the U.S. remains high, but in light of economic uncertainty, emerging developments, and demands on talent, audit practitioners should remain up to speed on the latest developments impacting audit quality. Read on for recent news, tools, and resources.

Latest CAQ Survey Shows Investors’ Support for Critical Audit Matters (CAMs)

In 2019, the PCAOB started to require the auditor’s report to include critical audit matters (CAMs). CAMs are those matters communicated or required to be communicated to the audit committee and that: (1) relate to accounts or disclosures that are material to the financial statements and (2) involve especially challenging, subjective, or complex auditor judgment. By expanding the audit report to include CAMs, the PCAOB hoped to increase the auditor’s report relevance to financial statement users.

A recent CAQ survey of investors finds that the PCAOB accomplished its objective. According to the survey, 92% of investors say they rely on CAMs when making investment decisions. Additionally, 93% say that CAMs play an important role in their analysis of a potential investment.

The research demonstrates that investors value the addition of CAMs to the audit report. Take a look at the full report to learn more. The PCAOB’s investor advisory group (IAG) also presented on CAMs during their most recent meeting. View the recap here.

The Evolving Role of the Auditor

As investor demand evolves, so does the role of public company auditors. The CAQ is dedicated to providing resources to keep you up-to-date on trending topics in corporate reporting.

Julie Bell Lindsay Discusses Generative AI and SEC’s Final Climate Rule in New Capital Markets Pulse Episodes

In an insightful episode of the Capital Markets Pulse Podcast, our CEO, Julie Bell Lindsay, sat down with Richard Jackson, EY’s Global Artificial Intelligence Assurance Leader. In their conversation, Julie and Richard discussed the promise of generative AI and what the implementation of this technology by public companies means for governance, as well as risks for accountants. Here at the CAQ, we have produced resources for auditors and audit committees to better elevate their understanding of Generative AI and what it means for the profession.

In a separate episode, Julie met with SEC Chief Accountant Paul Munter to discuss the making of the SEC’s final climate rule and break down the key elements of the rule and implications for auditors and investors.

Deterring and Detecting Fraud

To elevate the profession’s understanding of fraud and the vital role that auditors play in this landscape, the CAQ collaborates with the Anti-Fraud Collaboration (AFC) to produce insights and actionable recommendations to strengthen the profession against fraud risk.

The Role of the Auditor in the Fight Against Fraud

This month, the AFC published a new resource designed to support audit practitioners in assessing and responding to fraud risk. The publication includes key considerations for auditors as they plan and perform their fraud risk assessment and design procedures to address identified fraud risks, including:

  • Management’s fraud risk assessment: Understanding management’s fraud risk assessment, including their anti-fraud processes and controls and the operation and results of their monitoring activities, can be helpful to the auditor in considering where and how fraud could occur.
  • Fraud brainstorming: Effective fraud brainstorming involves active participation from audit team members of all levels of experience. Audit teams should have the mindset that fraud can occur at any organization and can be perpetrated by individuals across the organization.
  • The fraud triangle: Auditors may find the fraud triangle helpful to consider throughout the audit. When assessing and responding to fraud risks, auditors can leverage the fraud triangle in considering specific risks of material misstatement from fraud and in designing audit responses tailored to those risks.
  • Fraud expertise: To the extent fraud expertise and capabilities exist in an auditor’s firm, in certain circumstances it may be beneficial to leverage such expertise to assist with fraud risk assessment procedures, including in identifying potential fraud schemes and fraud risk factors and ultimately identifying and assessing risks of material misstatement due to fraud.
  • Training: It is important that all auditors, including less experienced auditors, be trained in the auditor’s role in assessing and responding to fraud risks and evaluating audit evidence, as well as in how to maintain a “fraud lens” throughout the audit. Creating an environment that is conducive to asking questions related to fraud can elevate less experienced auditors’ fraud awareness during an audit and empower auditors to raise concerns.

Read the full report: The Role of the Auditor: Assessing and Responding to Fraud Risk. ​​​​​​

Talent Spotlight

Accounting+ Releases IMPACT Report

Since the fall of 2022, Accounting+ has partnered with EVERFI, the nation’s leading social impact education innovator, on a first-of-its-kind digital education program, Accounting Careers: Limitless Opportunities. This program is designed to help high school students discover how accounting skills can help them achieve their career goals and to attract greater diversity and representation into the accounting profession.

Recently, Accounting+ and EVERFI released their 2023 – 2024 school year report. In the second year of the campaign, the results include:

  • During the 2023-2024 school year, Accounting Careers: Limitless Opportunities reached over 80,000 learners from all 50 states.
  • After the course, 70% of students said accounting skills are very or extremely valuable compared to 57% of students before the course.
  • Widespread adoption of the program by educators, with 5,600 educators incorporating program materials into their instruction.

Read the full report here.

CAQ Observes Hispanic Heritage Month

In a new Audit in Action blog, KPMG US’s Audit Talent and Culture Officer, Becky Sproul, shares how her background as a Cuban American has shaped who she is personally and professionally. She reflects on Hispanic Heritage Month as a time to celebrate the achievements and contributions of Hispanic and Latino Americans.

Read the blog: Celebrating Hispanic Heritage Month: Embracing Diversity, Leadership and Community.

In each edition, we feature leaders in the audit profession. This month we are spotlighting Dante D’Egidio, Americas Vice Chair of Assurance at EY.

Q: What do you think the role of AI will be in enhancing audit quality? 
A: Technology is disrupting how companies prepare financial reporting and how we audit them. While the auditor’s professional judgment will always sit at the center of the audit, at EY, we embrace our role in understanding and effectively utilizing emerging technologies, such as artificial intelligence (AI) to drive audit quality and improve the audit experience.

AI comes in a variety of forms, some of which are already used on an audit. AI-enabled tools have the power to aggregate and summarize millions of lines of data. Everything — from the initial risk assessment to the financial statement tie out — can be enhanced by the insights and analyses delivered through AI, augmenting the human judgment that is fundamental to our role as independent auditors.   Here are two examples:

  • EY Canvas, our global audit platform hosted in the cloud, contains new levels of intelligence to support EY audit professionals, helping them to identify risks and procedures to address them.
  • AI is streamlining the financial tie-out process, enabling teams to quickly zero in on anomalies, reducing the need for resource-intensive recalculations and identifying inconsistencies within the financial statements. This benefits audit quality because auditors can automate routine tasks and intensify their focus on the more significant risks.

Q: When you think about attracting the next generation of talent, what role does new technology like AI play?
A: In addition to enhancing quality, another benefit of AI innovation is the energy it brings to our teams. We are seeing strong interest in working with our digital technology to apply our newest tools and capabilities on our audits. We’re also seeing strong interest on campus and among our interns. We want recruits to see the career potential that comes with the smart adoption of AI and other next generation technologies. We are showcasing for them how technology, particularly AI, can transform the way we work, contributing to the value that auditors bring.

In a recent EY survey of 500 accounting and science, technology, engineering and math (STEM) students, only 19% said they believed AI would enable professionals to better focus their efforts on judgment and higher-level thinking. These findings underscore the need to provide education on campuses about the benefit from technologies like generative AI. We can continue to work together as a profession to help students understand the positive impact they can have as an auditor using AI. AI was a major focus area at the recent American Accounting Association (AAA) Leadership Summit, and accounting faculty are adapting how they teach to incorporate AI.

At EY, we are already upskilling our audit workforce through bespoke AI learning programs to help develop knowledge in topics like data and analytics and responsible AI. We are also equipping our audit teams with tools, such as AI-powered assistants like EY.ai, a large language model (LLM) that unifies AI capabilities across the EY technology ecosystem. As we equip audit teams with AI tools, we are evolving our training so that we reinforce the need to appropriately evaluate outputs from AI applications and be vigilant in avoiding technology bias and remain professionally skeptical.

Q: Have you heard any concerns about the integration of AI? How are you communicating about this with EY’s workforce?
A: Boards want to understand what they can do to guide their organizations responsibly as they move AI solutions from idea to production. This is a top agenda item for audit committees and C-suite, and as the use of AI grows, it is important that users of data be able to trust the technology.

As a profession, we have a responsibility to navigate this transformation thoughtfully, finding the right balance between implementing robust governance and leveraging cutting-edge technology. This balance will help us adapt to the evolving landscape and shape it, positioning audit at the forefront of technology advancement.

The global EY organization is committed to implementing the guardrails necessary to using AI responsibly. For example, the EY Artificial Intelligence Assurance Framework serves as a guide for our audit teams to help them consider the impact of AI used by the companies we audit, and it includes processes and controls to strengthen risk management.

Q: With EY’s recent major investments in talent and technology, where do you see the firm in ten years?
A: We are proud of the $1 billion investment that EY US is making over three years to  support our people and advance assurance technology. Putting starting salaries for accounting graduates on par with other business degree holders has never been more important. This investment not only positions the firm as the most preferred place to launch an audit or tax career, but it also helps revolutionize the experience of early career accounting professionals. We do this by providing a significant increase in early career compensation; AI-enabled audit and tax platforms; an innovative new “360 Careers” experience that includes exposure to multiple CPA-track roles, including dedicated time to sit and pass the CPA exam; outreach and support for college students; and enhanced wellbeing benefits.

Looking ahead, we are continuing to empower our teams with learning and career opportunities that expand their skills and help elevate the work they do for our clients. We are committed to building well-rounded business professionals who can grow as EY leaders and bring vital insights to the companies we audit or go on to thrive as finance executives, entrepreneurs and even future C-suite leaders. The CAQ’s Accounting+ initiative also provides an excellent platform for that as we promote the attractiveness of the profession.

There is no question, the audit of the future is dynamic. Stakeholders are looking to audit firms for assurance of nonfinancial reporting in areas such as ESG, cybersecurity, AI and more, creating the demand for auditors with specialized knowledge in those fields. Technology is evolving at pace, and that means that professionals who can integrate audit knowledge and technology skills are highly valuable. At the same time, the foundational skills we have as auditors — independence, objectivity, professional skepticism and analytic capabilities— remain at the center of the work we do today and become even more important moving forward.

At EY, we are excited about the opportunities we have to both strengthen trust and confidence in the capital markets and develop and engage the next generation of audit professionals.

Ask an Auditor

My snap poll question this month: How often are clients in your industry sector reporting cryptocurrency risk in the financial statements?

  1. Very often
  2. Often
  3. Sometimes
  4. Never

Take the survey

I’ll include the answer to this question in next month’s Audit Insider. In the meantime, please continue to let me know what you would like to hear about next month.

  • Audit quality
  • Technology (AI, cybersecurity)
  • ESG
  • Talent
  • Other

Take the survey

Ask an Auditor

The CAQ will host a handful of CPE eligible events this summer. Read on for more information.

CPE Eligible: CAQ Hosts Audit Insider Event on PCAOB Inspection Findings and Firm Practices

The CAQ will host an hour-long webcast as part of its Audit Insider series focused on issues facing public companies and their auditors. It will feature Christine Gunia, Director of the PCAOB’s Division of Registration and Inspections, and representatives from the public company auditing profession. Panelists will discuss PCAOB inspection findings and areas of focus as well as audit firm best practices.

This event is eligible for 1 CPE credit. 

Register now

ICYMI: The CAQ also hosted an Audit Insider webinar in July focused on regulatory and practice developments of interest to public companies and their auditors. Panelists included staff from the SEC’s Division of Corporation Finance and the SEC’s Office of the Advocate for Small Business Capital Formation. Watch the recorded event:

CPE Eligible: Artificial Intelligence (AI) 101 For Audit Committees – Part II

In our initial AI 101 for Audit Committees webinar, we tackled how recent advancements, powered by the likes of OpenAI’s ChatGPT and Google’s Gemini, has captured the attention of corporate leaders around the world. Corporate boards are focusing on better understanding the technology and establishing guardrails to ensure risks of information security, data quality, hallucinations, and other areas are appropriately managed.

Now, in the second of a 2-part series, speakers Richard Jackson (Global Artificial Intelligence Assurance Leader, EY) and Cory Hrncirik (Modern Finance Lead, Microsoft) join us again with Tom Petro (Managing Partner, Capital Partners & Audit Committee Member) to discuss how things have evolved in just the past 8 months.

We’ll discuss the evolving role of the audit committee, including oversight of both management and the external auditor. We’ll dive into such questions as:

  • Does the company have the requisite expertise to select, develop, deploy, and monitor genAI technologies?
  • Who (individual or group) in the company is responsible for oversight of the use of genAI?
  • Does the company have a process to track and monitor the use of genAI throughout the company, including use by third-party service providers?
  • What is the auditor’s understanding of the financial reporting implications of the company’s use of genAI technologies?
  • Does the company’s use of genAI technologies have a significant impact on the planned audit scope?
  • Has the auditor identified any fraud risks related to the company’s use of genAI technologies? How has the auditor addressed such risks in the audit?

This event is eligible for one CPE credit.

Register now


See you next month Audit Insider.

Dennis McGowan

Vice President, Professional Practice and Anti-Fraud Initiatives