In late December, the Public Company Accounting Oversight Board (PCAOB) voted unanimously to propose for public comment a new standard on auditing internal control over financial reporting and other related proposals. The proposed standard would replace the Board’s existing internal control standard, Auditing Standard No. 2.
Two annual financial reporting cycles have been completed since public company auditors began applying AS No. 2 to audits of the largest public companies. During this time, the PCAOB has closely monitored implementation of the standard and the progress auditors have made in complying with its requirements.
The proposed new standard on internal control is a principles-based standard designed to focus the auditor on the most important matters, increasing the likelihood that material weaknesses will be found before they cause material misstatement of the financial statements. The proposed standard also eliminates audit requirements that are unnecessary to achieve the intended benefits, provides direction on how to scale the audit for a smaller and less complex company, and simplifies and significantly shortens the text of the standard.
“(The) proposal is the result of the PCAOB’s experience with the first two years of auditors’ implementation of the internal control provisions of the Sarbanes-Oxley Act,” said PCAOB Chairman Mark Olson. “The Board’s goal has been to apply the feedback we’ve received and our observations of implementation to create an auditing standard that preserves the intended benefits without resulting in unnecessary effort and costs. We believe the new standard will result in audits that are more efficient, risk-based and scaled to the size and complexity of each company. We look forward to comments on the proposal.”
The PCAOB says the audit of internal control over financial reporting has produced significant benefits. Issuers and auditors have described a focus on corporate governance that had not existed in the past, as well as improvements in the quality and efficiency of important corporate processes and controls. Corporate board members have noted an improvement in audit committee oversight, while investors have found public company financial reporting to be of higher quality and enhanced transparency.
However, these benefits have come with significant cost. Over the last two years, the Board has heard a consistent message that compliance with the internal control provisions of the Act has required greater effort and resulted in higher costs than expected.
Additional Proposal on Work of Others
In addition to the proposed internal control standard, the Board also proposed for public comment a new auditing standard on considering and using the work performed by internal auditors, management and others in an integrated audit of financial statements and internal control, or in an audit of financial statements only. This proposed standard is intended to further clarify how and to what extent an independent auditor may use that work to reduce the work the auditor otherwise would have to perform. In addition, the Board proposed to revise the independence requirement that currently is embedded in the text of AS No. 2, which requires the auditor to seek specific pre-approval by the audit committee of any internal control related service. Finally, the Board also proposed certain changes to its other standards to conform to the changes being brought about by this rulemaking.
The proposed standard and related documents are available on the Board’s web site under Rulemaking Docket 21. The Board is seeking comments until February 26, 2007. Any final standard adopted will be submitted to the Securities and Exchange Commission for approval.
In the meantime, the SEC provided further relief from the Section 404 requirements for smaller companies by adopting extensions to compliance dates. Read more in the SEC’s press release, which includes a table outlining compliance deadlines.