As expected (see my earlier blog), the SEC issued a concept release last week on audit committee disclosure, fairly concurrently with the PCAOB’s release of its Supplemental Request for Comment on disclosure of the audit engagement partner.
The SEC’s concept release, which focuses on independent auditor oversight, acknowledges that some companies already exceed the minimum audit committee-related disclosure requirements. In fact, presumably prompted in part by the Audit Committee Collaboration’s 2013 Call to Action, as discussed in my previous blog and the CAQ’s Transparency Barometer, many companies already disclose more than the minimum across a broad spectrum of potential disclosures.
The SEC’s concept release seeks comment on whether disclosure of the audit engagement partner and additional members of the engagement team should be made by the audit committee and included in the proxy statement. In contrast, the PCAOB’s proposal would require that audit firms publicly disclose the name of the audit engagement partner and information about certain other audit participants in a new form filed with the PCAOB. The PCAOB’s proposal purportedly seeks to be responsive to concerns raised by auditors and others specifically regarding the risks of liability and litigation associated with disclosure of such information in the auditor’s report, as had been previously proposed; however, concerns expressed about the implications of identifying the engagement partner were not limited to risks of liability/litigation.
Here is an excerpt from Ning Chiu’s blog on the areas of potential additional disclosure included in the SEC’s release:
Audit committee’s oversight of the auditor:
1. Additional information regarding communications between the audit committee and the auditor, which could include all communications required under the PCAOB rules, the nature of the committee’s communication with the auditor related to the auditor’s overall audit strategy, timing, significant risks, nature and extent of specialized skill used in the audit, planned use of other firms or persons, planned use of internal audit, the basis for determining that the auditor can serve as principal auditor, the results of the audit, and how the audit committee considered these items in its oversight of the auditor
2. How often the audit committee met with the auditor
3. The audit committee review of and discussion about the auditor’s internal quality review and most recent PCAOB inspection report
4. Whether and how the audit committee assesses, promotes and reinforces the auditor’s objectivity and professional skepticism. It is unclear what the SEC is expecting in this regard and in fact, the SEC itself questions what type of disclosures would satisfy this possible requirement.
The audit committee’s process for appointing or retaining the auditor:
1. Whether and how it assesses the auditor and its rationale for retaining the auditor
2. The process for selecting the auditor through any requests for proposals (RFPs)
3. The board’s policy, if any, for a shareholder vote on auditor ratification and the consideration of the vote in selecting the auditor
Qualifications of the audit firm and members of the engagement team:
1. Disclosure of the name of the engagement partner and key members of the engagement team and their experience
2. The audit committee’s input in selecting the engagement partner
3. The number of years that the auditor has audited the company
4. Other firms involved in the audit
Both the SEC & PCAOB releases are tagged with 60-day comment periods.
See also Dorsey’s memo, and Cydney Posner’s and Bob Lamm’s blogs. We’re posting memos about the SEC’s release in our “Audit Committees” Practice Area, which includes, among other things, helpful resources specifically pertaining to audit committee disclosure.
SEC Charges Deloitte with Auditor Independence Violations
Coincidentally (presumably), on the same date that the SEC issued the audit committee concept release, it charged Deloitte with violating auditor independence rules when its consulting affiliate maintained a business relationship with a trustee serving on the boards and audit committees of three funds it audited. Deloitte agreed to pay more than $1 million to settle the charges. The SEC also charged the trustee with causing related reporting violations by the funds, and charged the funds’ administrator with causing related compliance violations. SEC Division of Enforcement Associate Director Stephen Cohen noted:
“The investing public depends on independent auditors like Deloitte to test the reliability of publicly-reported financial statements, and they have front-line responsibility for ensuring their own independence. But they are not alone in safeguarding the audit process, and the other fiduciaries charged in this case failed to fulfill their roles and preserve investor confidence.”
Access heaps of helpful resources in our “Auditor Independence” Practice Area.
More on “The Mentor Blog”
We continue to post new items daily on our blog – “The Mentor Blog” – for TheCorporateCounsel.net members. Members can sign up to get that blog pushed out to them via email whenever there is a new entry by simply inputting their email address on the left side of that blog. Here are some of the latest entries:
– Audit Committee Survey: Workload at Tipping Point?
– 2015 Cyber Risk Agenda
– Navigating Corporate Governance Hot Topics
– Study: Data Breach Preparedness
– Survey: Current (& Future) State of Compliance
– by Randi Val Morrison