The PCAOB’s new auditor’s reporting model provides auditors with a new opportunity
to communicate information.
But deciding what to say and how to say it while complying with the new standard is a challenge that practitioners and firm leaders are working carefully to meet.
Auditing Standard (AS) 3101, The Auditor’s Report on an Audit of Financial Statements When the Auditor Expresses an Unqualified Opinion, was issued in June 2017 and requires auditors to communicate in the auditor’s report the “critical audit matters” they encounter during an engagement.
In the nearly three years since the standard was published, audit firms have been working with senior engagement partners and their professional practice groups to develop guidance for auditors to comply with the requirements.
Some senior audit partners have also taken the time to share publicly at professional events what they’ve learned about the new reporting model, its critical audit matters requirements, and the steps that have helped their firms implement the standard with a minimum of trouble. Their advice is included below.
Start thinking about the critical audit matters at the engagement’s outset. EY LLP, like other major firms, used the time before the standard’s effective date to perform pilot testing and dry runs of the new reporting model and its critical audit matters requirements to smooth its adoption.
The testing taught the firm how important it was for engagement teams to start thinking about potential critical audit matters as part of the audit planning process. This allows auditors to begin thinking about how they will describe the matter, why it is a critical audit matter, and the audit procedures that are important to addressing the matter. This process also can enhance the auditor’s communications with management and the audit committee about the matters by providing them with additional perspective about challenging accounting and auditing risks related to the matter and key aspects of the audit that are designed to address them, Josh Jones, CPA, a partner with EY LLP in Washington, said at the AICPA’s Conference on Current SEC and PCAOB Developments in December 2019.
“We learned more and more as we got into the dry run how important that was,” Jones said, adding that by incorporating the consideration of each critical audit matter at the earliest possible stage of the audit, the firm’s auditors had more productive conversations with audit committee members. Each side of the conversation gained a better understanding of the challenges associated with each critical audit matter.
An early consideration of the critical audit matters also gives the engagement team an opportunity to conduct a more informed review of management’s disclosures in the regulatory filing, said Lisa Smith, CPA, a managing director in Deloitte & Touche LLP’s national office. When the situation calls for it, the engagement team can discuss with management the need to enhance the regulatory disclosures and avoid the prospect of letting the critical audit matter discussion in the auditor’s report be the sole mention of an important issue.
“We don’t want to be the provider of the original information,” Smith said at Baruch College’s Annual Audit Conference during December in New York.
Have clear guidelines for identifying critical audit matters. Jones said EY used its dry runs to understand the difficulty engagement teams would have identifying critical audit matters, and the firm’s national office provided guidance to help engagement teams describe critical audit matters in a manner that was specific to the client and avoided boilerplate language.
“We didn’t want every [critical audit matter] to look the same since they are intended to reflect the facts and circumstances of every audit,” Jones said. At the same time, EY wanted some consistency with the level of detail and the language used in its audit reports to avoid the potential that investors would perceive differences in audit reports when that was never the intent. Overall, EY leaders believed the dry runs helped the firm engage with its clients on the changes the new reporting model has introduced to the reports and the audit process.
“Companies had a lot of interest in understanding what the topics were and what we were going to say about them,” Jones said.
Recognize that not all critical audit matters are created equal. “Some things might jump off the page right away, and that’s easy,” Smith said. “There might be other things where it’s a little bit more gray, and you need to go through a framework of deciding whether or not it meets the definition.”
Investors tend to want to see more accounts identified as critical audit matters, and Smith said it’s a misperception to view the critical audit matter designation as an indication that something’s wrong.
“They show the value to the marketplace of the audit,” she said.
Deloitte found during its dry runs that audit committees have generally been supportive of the introduction of critical audit matters into the audit engagement and welcomed the extra information this reporting process has given them about the auditor’s work on the audit of the financial statements.
Know when a critical accounting estimate is different from a critical audit matter. Neither the SEC nor the PCAOB expects each critical accounting estimate recorded in the audit report to be a critical audit matter.
Jones said engagement teams are looking at the level of judgment used by the client in determining the critical audit matter, the complexity of the method and model used to make the estimate, and the client’s track record relative to making the estimate over time, among other considerations. Each observation is factored into the determination of whether something should be a critical audit matter.
Understand the difference between management’s judgment and auditor judgment. AS 3101 requires auditors to use a significant amount of judgment, and their evaluation of each critical audit matter has to include the ability to recognize how the auditor’s judgment differs from management’s judgment. It also requires auditors to understand how the judgment they employ will determine when something is a critical audit matter.
“We really try to get people to think about what’s unique to my audit, why would I call something a [critical audit matter], and really think about the standard,” Smith said. “The standard provides a good framework for that; I don’t think you can legislate auditor judgment.”
An account that is the basis for a critical audit matter for one client engagement may not require the critical audit matter designation with another client, Smith said.
To determine whether something is a critical audit matter, an auditor will draw upon all of her or his training, experience, grasp of AS 3101, and knowledge of accounting and auditing standards, Smith said.
Use the PCAOB’s interpretive guidance. Since the PCAOB published the current version of AS 3101, the board has issued several pieces of interpretive guidance and held webinars to help auditors implement the standard. Barbara Vanich, the PCAOB’s deputy chief auditor, said the board also issued guidance targeted to audit committee members and investors.
“Because [critical audit matters] are not performance standards, but rather disclosure standards that touch more directly audit committees and also investors, we thought it was important to develop tools specifically targeted to those audiences and what might be important to them,” Vanich said. She added that the audit regulator expects that some auditors will use its interpretive guidance to help guide their discussions with audit committee members.
Recognize that the standard doesn’t require a minimum number of critical audit matters for each audit report. Vanich said an audit engagement isn’t required to find a critical audit matter to be legitimate. But auditors still have to disclose what they find — or don’t find.
“If the auditor identifies no [critical audit matters], he or she would make a statement to that effect in the auditor’s report,” Vanich said.
For questions about this article please contact its editor, Ken Tysiac, at Kenneth.Tysiac@aicpa-cima.com.