So the PCAOB did a thing today. Everyone’s favorite audit regulator released the 2018 inspection reports for the Big 4, Grant Thornton, and BDO USA this morning in a “new user-friendly format.” And they’re actually pretty sleek-looking and informative. A couple years ago, Caleb called PCAOB inspection reports “beach reads” because executive summaries had been added to the reports that described what audit problems occurred and where they occurred within the financial statements. Sorry, bud, but these newly redesigned PCAOB inspection reports are beach reads.
They’ve got a nice cover page, they are more colorful, they’ve got new pie charts and graphs, they don’t have as much legalese, they include inspection results for the three most recent years, and the really significant audit screw-ups are classified under a new section Part 1.A. It’s kinda sad that the best thing that has come out of the PCAOB in almost two years is a new inspection report format.
As I mentioned, the PCAOB debuted its new format today for six firms’ 2018 inspection reports: Deloitte & Touche, PwC, EY, KPMG, GT, and BDO USA. We’ll take a look at each firm’s report individually, starting today with D&T.
When the PCAOB released the 2017 inspection reports for each of the Big 4 firms last year, Deloitte had the lowest percentage of failed audits at 20%. In 2018’s report, Deloitte almost cut 2017’s audit failure rate in half:
So that means only 11.5% of Deloitte audits inspected by the PCAOB in 2017 had significant deficiencies. Folks, if our records are correct, that’s the lowest audit deficiency rate among the Big 4 firms EVER and it was even lower than the 18% Grant Thornton somehow managed to pull off in its 2017 PCAOB inspection report. (Teaser: GT’s 2018 inspection report wasn’t as good.)
Up until this most recent Deloitte inspection report, the lowest audit deficiency rate ever recorded among the Big 4 was 20%, done twice: Deloitte in 2017 and PwC in 2016.
Here’s a historical look at Deloitte audit deficiencies, courtesy of a March 2019 report by Compliance Week with updates by us:
The most common Part I.A Deloitte audit deficiencies in the 2018 report related to testing controls over the accuracy and completeness of data or reports (three audits), testing the design or operating effectiveness of controls selected for testing (two audits), and evaluating significant assumptions or data that the issuer used in developing an estimate (two audits), according to the PCAOB.
Of course the auditing standard that screwed Deloitte auditors up the most, and every other Big 4 and midtier firm that is inspected on a regular basis, was the dreaded AS 2201, An Audit of Internal Control Over Financial Reporting That Is Integrated with An Audit of Financial Statements.
In Part I.B of the new PCAOB inspection report you’ll find areas where the inspected firm was the most non-compliant with PCAOB rules or standards. For example, the two biggest Deloitte Part I.B deficiencies were:
- In 13 of 52 audits reviewed, the firm did not include all relevant work papers in the final set of audit documentation it was required to assemble. In these instances, the firm was non-compliant with AS 1215, Audit Documentation.
- In eight of 26 audits reviewed where one or more other accounting firms participated in the firm’s audit, the firm’s report on Form AP omitted information related to the participation in the audit by certain other accounting firms that was required to be reported. In these instances, the firm was non-compliant with PCAOB Rule 3211, Auditor Reporting of Certain Audit Participants.
In their response to the firm’s latest PCAOB inspection report, Deloitte CEO Joe Ucuzoglu and D&T Chairman and CEO Lara Abrash weren’t very braggadocious.
First, a little PCAOB ass-kissing:
We believe that the PCAOB’s inspection process serves an important role in the achievement of our shared objectives of improving audit quality and serving investors and the public interest. We are committed to continuing to work with the PCAOB to further strengthen trust in the integrity of the independent audit.
Then a bunch of boring stuff:
We have evaluated the matters identified by the Board’s inspection team for each of the issuer audits described in Part I of the Draft Report and have taken actions as appropriate in accordance with PCAOB standards to comply with our professional responsibilities under AS 2901, Consideration of Omitted Procedures After the Report Date, and AS 2905, Subsequent Discovery of Facts Existing at the Date of the Auditor’s Report.
Executing high quality audits is our number one priority. In order to drive continuous improvements in quality, we are transforming the audit to leverage innovative technologies, along with enhancing the skillsets of our talent to prepare them for a digitally driven future. We are confident that our ongoing digital transformation, along with the investments we continue to make in our audit processes, policies, and quality controls, are resulting in significant enhancements to our audit quality.
C’mon, Deloitte, loosen up a little. Go brag. Go take a victory lap. You’ve earned it.