June 23, 2018

Guest Post: The PCAOB Is Our Parents Now

Ed. note: The following was written exclusively for Going Concern by a Big 4 auditor who wished to remain anonymous. 

The PCAOB is turning into our parents. Or at least they are using the same tactics in handing out punishment. “We know you were up to no good last night, so if you just tell us what you did we’ll take that into consideration when deciding how long to ground you.”

Ed. note: The following was written exclusively for Going Concern by a Big 4 auditor who wished to remain anonymous. 

The PCAOB is turning into our parents. Or at least they are using the same tactics in handing out punishment. “We know you were up to no good last night, so if you just tell us what you did we’ll take that into consideration when deciding how long to ground you.”

I can understand where they are coming from. They want to make their jobs easier and they want to form a more cordial relationship with audit firms by cutting them some slack when the firms volunteer issues or resolutions. The problem is the PCAOB is a bit like Lucy holding the football — we want to kick it but we’re afraid we’re going to end up like Charlie Brown on our backs.

The best chance the PCAOB has of making this work is with the “voluntary and timely remedial or corrective actions.” At that point the PCAOB has already decided you’ve done something wrong so you might as well be cooperative when it comes to fixing the problems. However there are several problems with the voluntary reporting piece that I don’t see partners being able (or wanting) to overcome in the near term.
The first is that engagement teams, partners and firms themselves don’t always agree with the PCAOB on what the issues are (act surprised). I had a job reviewed by the PCAOB in middle of the financial crisis. By all accounts everyone in the room was an intelligent person but none of us could agree on what issue they had with some of our fair value testing.
Most of us in the profession still aren’t on the same page as the PCAOB when it comes to what does or does not constitute proper auditing of financial instruments. In addition, the PCAOB rarely tells you what’s right, only what’s wrong (like porn, they know it when they see it). This results in an interesting situation. It’s likely that if we do self-report we’re not going to bring up the issues they expect. This means we will bring to their attention something that might not have been on their radar. Doesn’t seem to be a good play. This isn’t to say we won’t admit when we’re wrong or offer to clean up the mess (see above) but it’s hard to lead the way in admitting what’s wrong when you don’t know what “wrong” is.
A corollary to the above is that in a review the perception is that everything is negotiable. Every issue that the PCAOB finds turns into hours of review, meetings, document digging, expert gathering, whatever it takes to talk your way out of the issue. Most of us would rather take our chances with that process than lay it all out and beg forgiveness. Forget pleading guilty, we want the jury trial.
There is also the question of “timeliness” when it comes to self-reporting. I’m not sure there would be many folks willing to report a potential violation unless they already knew they were picked for PCAOB review that year. Given that these reviews generally happen soon after the audit finishes, I’m not sure how much a team would be willing to discuss anything earlier. You're in a position of saying, “Yeah, we just did the audit but here’s what we screwed up.”
Overshadowing everything is that the stakes are simply too high. This “extraordinary cooperation” “may” influence the PCAOB depending on facts and circumstances. I’m not  the first auditor to say that I don’t exactly trust the PCAOB. I wouldn’t want to be the first team to test these waters. They aren’t looking for us to report the little things that went wrong in an audit; they want the big ticket items. You won't be sent to bed without dinner if you bring up an issue that could potentially lead to an audit failure. The PCAOB seems to like making examples out of firms when they screw up and I’m not sure firms playing nice in the sandbox will change that.
It may be that I’m too cynical. PCAOB reviews come after an already exhausting busy season and lump on additional hours of prep and meetings on top of our other client responsibilities. It’s hard to look at them in a favorable light after having gone through a review. I also know I’m not the only one that feels that way in the firms. I’m sure folks higher up the food chain may feel a little different since it’s their jobs to make nice with our regulators. I just know those of us in the trenches aren’t going to be too willing to stick our necks out until we know the real consequences of “voluntary reporting."
We’re told to exercise professional skepticism; I think we are when it comes to leniency of the PCAOB.

Related articles

SHOCKER: Doesn’t Appear that Stanford Auditors were Doing Any Auditing

allen-stanford_1018295c.jpgLast week’s indictment of Allen Stanford has brought up the always popular question when fraud, occurs: “Who are the auditors that were asleep at the wheel of this disaster?”
Well, in this case, the auditors were a local UK two-person shop, CAS Hewlett, which must be Queen’s English for Friehling & Horowitz.
It doesn’t appear that CAS Hewlett has a website, but they’ve been doing the Stanford “audits” for at least 10 years, so obv they’re legit. PwC and KPMG both have offices on Antigua but Stanford preferred to stay with its “trusted firm”. Totally understandable.
And the best part? The founder of the firm, Charlesworth “Shelly” Hewlett died in January, approximately a month before the story broke on the Ponz de Stanford.
This all adds up to who-the-fuck-knows if audits were even occurring and for us to speculate if Shelly needed to get got because Stan knew that the poo and fan were coming together. Just sayin’.

PCAOB: The Rodney Dangerfield of Bureaucracies

pcaob.gif It’s tough being part of a bureaucracy, especially if you’re doing something as glamarous as babysitting auditors. The CIA, FBI, NSA have got it easy. You get to catch bad guys, use guns, and Hollywood makes movies about you. Aside from the warrantless wiretaps and otherwise general big brotherishness, it’s cool.
The PCAOB doesn’t get that luxury. They get to poke around auditors’ work and then tell them how much they suck at it. Not so fun for anybody. They also get to write auditing standards. Take the watchdog aspect, multiply it times infinity, and that’s about the amount fun we’re talking about for writing rules on auditing.
But now people are saying they’re too slow in writing these I-already-want-to-kill-myself boring rules? Yep:

“Given how little they’ve accomplished in the standards-setting area, they don’t get a passing grade,” says Lynn Turner, a former chief accountant for the SEC.
Turner says he and a group of investor advocates wrote to the PCAOB in 2004, asking it to improve fraud standards. But the work remains undone, he says.
Bill Gradison, the board member whose term expires in October, calls the criticism fair. “We’ve been much slower than other standards writers,” he says.
By comparison, the International Auditing and Assurance Standards Board, which sets international auditing standards, among other duties, finished revising its own standards in March. The process, which included 37 standards, took about five years

Man, now comparisons to the Europeans. They’re looking for some new blood at the PCAOB though, since Mark Olson is retiring as Chairman and another board member’s term is expiring.
But don’t you go calling them lazy! “the PCAOB is taken seriously by the auditing community and deserves credit for trying. ‘Anyone who says it isn’t is off the wall,'”
What a ringing endorsement.

COMPLIANCE WATCH: Oversight Board Sets Sluggish Pace