Ernst & Young Latest Big 4 Firm to Have Part II of PCAOB Inspection Report Released

By | 4 years ago

Okay, remind me — there's a saying about "three" and "trend" or "pattern" or something? Forget it, not important. What is important — at least we've made the argument that it is — is that the PCAOB released Part II of Ernst & Young's 2009 inspection report. That makes three out of four Big 4 firms, Deloitte and PwC being the other two, to have Part II released and something tells me KPMG will be getting its own in the very near future.

You can read the report in full on the next page, but since this is the third go round, you guys probably know the drill. This morning Dow Jones report keeps things succinct:

[The Board] said it had "cause for concern" about whether the firm's auditors were skeptical enough of their clients' assertions. The board also questioned whether some of E&Y's audits had been thorough enough, and whether it did enough testing in some areas where there was a risk of fraud. The board's move to unseal the material doesn't carry any fines or sanctions for Ernst & Young. But it amounts to an official public rebuke of the firm, and indicates the board feels E&Y didn't do enough, and was slow, to address those criticisms.
I guess that skepticism one could be interesting, couldn't it? Here's what the report says:
The inspection results provide cause for concern that the Firm's system of quality control may not do enough to assure that accounting and auditing issues are evaluated with the degree of professional skepticism that is contemplated in the auditing standards. 
In numerous instances, the inspection team observed that the Firm's support for significant areas of an audit consisted of uncorroborated management's views or the results of inquiries of management. The Firm's apparent failure to appropriately challenge management occurred in several areas, including when the Firm evaluated * * * * management estimates and assumptions related to accruals and reserves; * * * *. The Firm did not appropriately test these representations by, for example, reviewing appropriate source documentation or comparing the representations to relevant industry or other public information, including in certain cases when such assumptions were contrary to historical results
Alright, so maybe I spoke too soon — everyone knows that auditors are too willing to trust management! It's been noted before, it's being noted here. It will be noted again. Frankly, the fraud one doesn't blow up many skirts either:
The inspection team's observations provide cause for concern regarding the nature, timing, and extent of audit testing performed in areas where the risk of material misstatement due to fraud ("fraud risk") has been identified. In nine engagements with deficiencies that are discussed in this report, including two engagements discussed in Part I.A, the Firm had identified a particular fraud risk in the audit area in which the inspection team noted a deficiency, and the Firm's procedures did not sufficiently address the identified risk. For example, in one engagement, the Firm identified a particular fraud risk relating to management manipulation of the work in progress inventory file to affect gross margin, but the Firm limited its tests of controls over inventory costing to verifying management's review and approval.
Maybe I've mailed it in for the week or maybe I'm souring on the PCAOB's process but as far as an "official public rebuke" goes, this is pretty weak. Deloitte's was a big surprise because it was the first one. PwC had two Part IIs released. Ernst & Young's just falls flat for me and it's mostly because of the reasons lots of people think Part IIs aren't all they're cracked up to be. Here's a rundown of those again:   
  • The issuers are not named.
  • The partners in charge of the engagements with deficiencies are not named.
  • There are no civil penalties or other measurable form of punishment for audit firms that don't comply.
  • The process is too long. "Oh, the faceless partner on an unnamed audit client from four years ago didn't properly supervise the engagement? That's dynamite, guys."
  • The PCAOB doesn't analyze the year-to-year improvements (or lack thereof) for each firm nor does it put the inspection reports in context by comparing them to peer firms. All it does is report findings.  

I'll stand by previous contention that the Part II is important because it is a Scarlett Letter for audit firms, but if all of them have it, then is it all that meaningful? Public companies will be like, "Oh, you all have a case of crabs? Well, I guess we'll just live with it."

The Part IIs need to tell us more. At the very least they need to: 1) Name names — issuers and partners; 2) They have to speed up the process so it's relevant and 3) They have to analyze the performance from year to year in order to give the results some context.    

Until then, I'll be sitting here twirling my finger in the air.