James R Doty interview: Top regulator talks audit in the USA
Top US regulator James R Doty talks to Robert Outram about restoring investors' confidence in audit and the role of the Public Company Accounting Oversight Board (PCAOB).
Who watches the watchers? If the audit profession is tasked with providing assurance in corporate financial reporting, who ensures that the auditors themselves are doing a good job?
In the US, that role is undertaken by the PCAOB, based in Washington DC and chaired by James ("Jim") R Doty, a Texan lawyer with long experience of dealing with corporate reporting issues.
James, who has been chairman of the PCAOB since 2011, is a former partner with US law firm Baker Botts. Does it make it easier or more difficult to oversee the quality and set the standards for the US audit profession, if you are not an auditor yourself?
He says: "The legal and audit professions are branches of the same tree, even though there are differences. Lawyers understand issues like agency, fiduciary duty. We have to evaluate conflicts of interest, and after a career in the law you get to learn about some of the difficult issues around corporate disclosure."
The role of the PCAOB
The PCAOB registers and inspects public accounting firms, sets auditing standards for the audits of public companies and broker-dealers, and carries out investigations and disciplinary proceedings.
Like the Financial Reporting Council in the UK, the PCAOB replaced what was essentially a system of self-regulation for the audit profession.
In contrast to the UK, however, standard setting in financial reporting and auditing come under different bodies, with the Financial Accounting Standards Board taking on the former responsibility in the US. In the UK, the FRC oversees standard setters in both audit and financial reporting.
The PCAOB has been created and shaped by two crises that shook the public's faith in the integrity of corporate reporting and auditing. First there was the series of accounting scandals around the turn of the century – names like Enron, WorldCom and Adelphia – and then more recently, the global financial crisis. After each, the cry has been "where were the auditors?"
The Main Street and financial institution scandals share a common feature: risk, and the need for the auditor to have a heightened awareness of risk
James draws a distinction between the two crises, however. As he points out: "Enron and the others around that time were 'Main Street' scandals [involving accounting malpractice at mainstream businesses]… while the financial crisis was a crisis of risk management, and the execution of risk management, in the financial industry."
At the time of the first wave of scandals, the audit profession largely regulated itself and although there was a system of peer review, firms were not subject to regular, external inspection.
The establishment of the PCAOB, which started its operations in 2003, was part of the reforms instituted
by Congress to restore public confidence in the audit of public companies and financial institutions. Since
2010, under the Dodd-Frank Wall Street Reform and Consumer Protection Act, the PCAOB also oversees
the auditors of brokers and dealers.
The PCAOB was not universally welcomed, however, and in 2006, its constitutionality was challenged – unsuccessfully – in the federal courts. The Board was represented, by the way, by one James R Doty.
Changing US audit standards
As chairman, James is clear about the PCAOB's mission: "Our mandate is to further the public interest in independent and credible, reliable financial reporting of the highest quality, and to protect investors."
As such, the PCAOB has already introduced changes to US auditing standards. One example, addressing one of the issues arising from the Enron scandal, has been a new standard on the auditor's approach to related party transactions. The PCAOB has also stressed the need for better communications between the auditor and audit committee, and is planning to make it mandatory to have an engagement partner named in the audit report.
James says that a key theme for the Board so far has been risk – has management perceived and understood the risks and are they audited? He says: "The Main Street and financial institution scandals share a common feature: risk, and the need for the auditor to have a heightened awareness of risk."
Current issues the PCAOB is looking at include "going concern" – following the FASB's issue of a standard on going concern last year – and best practice for overseeing multi-jurisdiction audits. Quality control and auditor independence are also ongoing themes.
The PCAOB is also looking at how auditors use information provided by specialists. In many cases this is necessary for assessing the value of an asset when there is no readily discernible market value. Problems for the auditor arise when the relationship between the specialist and the company being audited means there may be reason to doubt the specialist's objectivity.
The PCAOB is careful to keep dialogue open with auditors, companies and investors to ensure that the Board gets feedback on the impact of its policies. Also, the PCAOB's Centre for Economic Analysis – which includes independent economists as well as PCAOB staffers – advises the Board on how economic theory, analysis and tools can be better used to enhance the effectiveness of its programmes.
James argues that the PCAOB's inspection regime should be seen as a benefit for the firms it monitors. He says: "We have to be aware of the unintended consequences and costs of inspections. We inspect audits around the world, under IFRS [International Financial Reporting Standards] as well as US GAAP [Generally Accepted Accounting Practice]. The increasingly global nature of audit is creating a common fund of experience."
He adds: "Inspection reports should be there to inspire firms and to show them where they need to improve what they do. We are confident we are seen as rigorous and tough in our inspections, and we have the firms' attention!"
Assurance role in non-financial areas
The PCAOB's focus is on the audit of financial statements, but audit firms are increasingly looking at expanding their assurance role into other areas, such as corporate social responsibility.
James comments: "The need for assurance is not going to disappear. We now see auditors making the case that they can provide attestation on non-financial information, and non-GAAP financial metrics.
"Audit firms will have to look at their own appetite for taking on risk and balance that against their need to market their services. Different firms have differing views about that. We need to remain informed about this, but we are not regulating these issues."
The PCAOB is also monitoring developments across the Atlantic, with the European Union's adoption of a new regime that is set to introduce mandatory firm rotation and to bar the firms from providing many non-audit services to their audit clients.
'Audit quality' remit
James comments: "Our core remit is audit quality. The market [for listed company audits] is very different in the US compared with Europe, but we will be looking to see what the effect of the EU reforms is on audit quality."
He does not see, however, that significant convergence in terms of auditing standards is on the cards. James comments: "There is a desire for more harmonisation of financial reporting standards, but auditing standards tend to reflect more local differences, legal and otherwise. So auditing standards are very dependent on where they are being applied. We are involved with inspections, however, and with communication with regulators, in every part of the world."
There is clearly plenty still to do, and part of the PCAOB's work programme is the review of the interim standards brought in after 2003. Doty feels that significant progress has been made, however: "The self-regulation model failed the profession. We have reduced the risks, and independent research shows that greater oversight has improved audit quality. It's been better for audit quality and better investors.
"Risk is part of audit, however. The only way to eliminate all risk would be to eliminate the audit altogether."