This year, the Public Company Accounting Oversight Board (PCAOB) will have an entirely new set of directors for the first time since its inception. On December 12, 2017, the Securities and Exchange Commission (SEC) announced the appointment of William D. Duhnke III as chairman of the PCAOB and J. Robert Brown, Kathleen M. Hamm, James G. Kaiser, and Duane M. DesParte as board members.
The directors have varied backgrounds. Duhnke has spent much of his career on Capitol Hill, serving as staff director and general counsel to the U.S. Senate Committee on Banking, Housing, and Urban Affairs and the Committee on Appropriations. Brown has been a law professor at the University of Denver for the last two decades. While Hamm also has a legal background, she is joining the PCAOB from Promontory Financial Group, where she has been the global leader of Securities and FinTech Solutions and senior strategic adviser on Cyber Solutions. The remaining directors satisfy the statutory requirement, pursuant to Sarbanes-Oxley Act section 101(e)(2), that two of the board members have accounting backgrounds as certified public accountants. Kaiser is joining the PCAOB from PricewaterhouseCoopers (PwC), where he has worked for the last 38 years. DesParte has previously worked for Exelon Corporation, Deloitte & Touche, and Arthur Andersen.
The directors have been formally stepping into their new roles since the start of the new year, beginning with Duhnke and Hamm, who were sworn in on January 2, 2018. Only one of the appointed directors, DesParte, has not been sworn in; he is expected to join the board shortly.
It is too early to tell what impact a new set of directors may have on the PCAOB; what changes, if any, this new board will implement; or how the focus of the PCAOB may shift over the coming years. It is possible that, under Duhnke—who has a long career in Republican politics and is said to favor deregulation—the PCAOB may shift toward a more probusiness stance and away from rules that have been criticized by Republicans.
Yet, it is most likely that, for now, the board will busy itself with addressing the lingering issues of the previous board. These include implementing rules passed during the tenure of its last chairman, James Doty, and seeking solutions for ongoing challenges, including the PCAOB’s work in China.
Chairman Doty established two significant rules that will be implemented by the new board.
First, on December 15, 2015, the PCAOB adopted a new Form AP, which required auditors to disclose the name of the engagement partner involved in an audit, as well as information regarding other accounting firms involved. The new requirements went into effect in late 2016 after the SEC approved them. The passage and implementation of this rule was important to Doty, who argued that, as auditing is “a business about reputation,” the transparency required by Form AP “should further incentivize auditors to organize audit teams conscientiously to give investors comfort that it is reliable.”
Second, on June 1, 2017, the PCAOB adopted a new auditing standard, AS 3101, which required auditors’ reports to include “a discussion of the critical audit matters” (CAMs) that were communicated to the company’s audit company and that “involved especially challenging, subjective, or complex auditor judgment.” Under AS 3101, the PCAOB retained the ability to issue a “pass/fail opinion” but sought much more detail from auditors. The new reporting format, “the first major change to the standard form auditor’s report in 70 years,” went into effect in December of last year. Yet, as CAMs will not need to be reported until 2019 or 2020, depending on the size of the company being audited, it will be up to the new board to monitor the implementation of AS 3101 in the coming years.
The board will also have to do its best to overcome obstacles that have recently proven difficult for the PCAOB.
Chief among these is the ongoing dispute with Chinese regulators. Although the PCAOB and China’s Ministry of Finance (MOF) signed a memorandum of understanding on enforcement cooperation in 2013, tensions have escalated in recent years. In 2015, the MOF issued a statement that foreign auditors working in mainland China are subject to Chinese law, implying that such auditors need not produce documentation as part of their audits. In 2016, the PCAOB issued a set of FAQs clarifying that, in fact, U.S. auditors were required to comply with U.S. regulations. Despite what the MOF stated, audit documentation would be required. In July 2017, the PCAOB revoked the registration of a Hong Kong–based audit firm “for refusing to cooperate with a Board investigation of the firm’s audits of a China-based issuer,” specifically by “refusing to produce documents in response to a formal demand for documents, including audit work papers.”
Domestically, the PCAOB continues to focus on audit deficiencies. The PCAOB has trained its focus on improving audit results, which led some parties to take drastic steps. Just last month, the Department of Justice charged three “former top executives” at KPMG for working with PCAOB employees to provide confidential information in an effort to assist KPMG in its audit reviews. A representative of the SEC’s Enforcement Division described the activity as “literally stealing the exam” in an attempt to assist KPMG avoid a finding of audit deficiencies. In response to these events, Duhnke stated that the PCAOB had “‘reviewed and reinforced’ the PCAOB’s safeguards against the improper disclosure of confidential information.”
Finally, one issue that will only increase in importance in the coming years is ensuring that firms are accurately evaluating and reporting their cybersecurity risks. As the PCAOB noted in a 2016 report: “Risks remain . . . that future cyber-attacks may affect issuer financial statement reporting, and as a result, Inspections staff views this as an evolving risk area that requires ongoing focus.” With major cybersecurity breaches likely to increase in frequency and severity in coming years, it will be up to the new board to ensure that accounting standards evolve so that incidents are reported properly and risks of material misstatements in financial statements regarding such breaches are minimized.
Copyright © 2018, American Bar Association. All rights reserved. This information or any portion thereof may not be copied or disseminated in any form or by any means or downloaded or stored in an electronic database or retrieval system without the express written consent of the American Bar Association. The views expressed in this article are those of the author(s) and do not necessarily reflect the positions or policies of the American Bar Association, the Section of Litigation, this committee, or the employer(s) of the author(s).