To make sure you receive future emails,
please add {[EM-EMAIL ADDRESS]} to your address book or safe list.

Audit & Accounting Alert Newsletter

Issue 1 | February 2012


Gerry Herter

With the ongoing global financial turmoil, a number of governmental and industry bodies have been weighing in with proposals and actions intended to strengthen the quality of accounting and auditing. In this issue, we look at four of them. COSO, the American based author of the industry standard for designing and assessing internal controls, has an update in the works for its 20 year old framework, while the international accountancy body, IFAC, is producing a guide focused on evaluating and improving organizational controls. Meanwhile, the European Commission has issued controversial proposals directed at auditors, and the PCAOB continues to find audit failures in Big 4 inspections, while it considers responses to its Concept Release on Auditor Independence and Audit Firm Rotation.

For a summary of other accounting highlights from 2011, see’s Best of 2011: Accounting

Editor Gerald E. Herter, CPA

In This Issue 

Welcome to the initial edition of the Integra International Audit & Accounting Alert. This new newsletter will highlight emerging issues in the profession. The goal is to give Integra members an awareness of developments impacting the practice of Audit & Accounting, enabling them to stay on the forefront of industry trends. We encourage your suggestions and comments as we proceed. Let us know how to make this communication as useful as possible.

COSO Internal Control Update

Twenty Year Old Benchmark Modernized

The Committee on Sponsoring Organizations of the Treadway Commission (COSO) is an American private sector group providing leadership and guidance to help organizations reduce fraud and operate more efficiently through the issuance of formal frameworks for internal control and risk management. The five members are the AICPA, AAA, FEI, IMA and IIA. The original internal control framework was issued in 1992. Since then, there have been monumental changes in organizational, technological and global complexities. The aim of the Exposure Draft, Internal Control – Integrated Framework, is to clarify concepts and facilitate the development of internal controls in light of the current environment, while retaining the still pertinent core definition and five overall components of internal control: control environment, risk assessment, control activities, information and communication, and monitoring activities. The more generalized components are codified into specific principles and attributes to make them more accessible, both for design and development purposes, as well as for assessing effectiveness.

Organizational objectives are presented in the three categories of operational, reporting and compliance to offer further focus for applying the seventeen principles underlying the components. The principles are fleshed out in the more than eighty attributes that detail explicitly what is needed. For example, the first principle under Control Environment is: The organization demonstrates a commitment to integrity and ethical values. The four attributes called for under this principle in the internal control design are:

  1. Sets the tone at the top;
  2. Establishes standards of conduct;
  3. Evaluates adherence to standards of conduct; and
  4. Addresses deviations in a timely manner.

The first attribute “Sets the tone at the top” is delineated with several paragraphs elaborating on leading by example, expectations, behavior, guidance and direction, as well as listing types of documents, such as mission statements and codes of conduct, where the attribute can be addressed. Judgment is still of prime importance in the establishment and evaluation of the internal control system, as is the heightened expectation in recent times of knowledgeable and attentive governance oversight and formalized management accountability. While current developments, such as technological advances are addressed in detail, the framework strives to avoid getting overly tied to current applications that may soon become outdated. Comments on the Exposure Draft are encouraged for submission by March 31, 2012.

IFAC Good Practice Guidance

Evaluating and Improving Internal Control in Organizations

The International Federation of Accountants (IFAC) is the global organization for the accountancy profession, whose membership consists of the national accounting bodies from countries throughout the world, and which established the independent International Auditing and Assurance Standards Board (IAASB). IFAC promotes the furtherance of high quality standards, as well as the leadership role and value of the accountancy profession.

The aim of the Exposure Draft, Evaluating and Improving Internal Control in Organizations, “is to establish a benchmark for good practice in maintaining effective internal control” and for “continuous improvement.” It is geared to “good practice principles” rather than “specific internal controls.” IFAC recognized the need for such guidance as a result of recent financial failures that pointed out flawed practices, misplaced emphasis, and too narrow a scope. Risk management and internal control need to be better integrated and applied on a broader perspective to an organization’s overall governance process.

The Guide sets out nine principles, and then recasts them in the form of questions, followed by two to sixteen examples under each one, describing where shortcomings are often found. These are not meant for designing and implementing an internal control system, but for evaluating and improving existing internal control systems. These are the principles and the related questions:

  1. Supporting the Organization’s Objectives. What should the scope of internal control be?
  2. Determining Roles and Responsibilities. Who should be responsible for internal control?
  3. Linking to Individual Performance. How could management’s genuine attention to internal control objectives be obtained?
  4. Ensuring Sufficient Competency. How should those in the internal control system live up to their responsibilities?
  5. Supporting Organizational Culture. What else, beyond their formal responsibilities, should be expected from the governing body and management with respect to internal control?
  6. Responding to Risk. How should internal controls be selected, implemented, and operated?
  7. Communicating Regularly. How can internal control be better ingrained into the DNA of the organization?
  8. Monitoring and Evaluating Controls. How should internal control be monitored and evaluated?
  9. Providing for Accountability and Transparency. How should the organization report on internal control performance?

The Guide provides numerous sources and definitions, and encourages comments for submission by February 29, 2012. For more recent IFAC guidance, see IFAC Offers Alerts on Tough Audit Issues

European Commission Audit Reforms

Far-Reaching Proposals Fuel Debate

Stating that the financial crisis of 2008 revealed serious failings in audits, the European Commission recently proposed major changes in the laws governing auditors and audit performance in Europe. Already reflecting significant changes since the original ideas were floated a year earlier in a green paper, the current proposals may take years to gain approval, if the already withering criticism is any indicator.

The goals of the legislation are to improve audit quality by strengthening independence between auditor and client, fostering competition among auditors, and promoting better regulatory oversight of audit firms. The latter two goals have found a more receptive audience. Provisions in these areas include liberalizing ownership restrictions on audit firms, prohibiting “Big 4 only” clauses in third party contracts, requiring an open bidding process including smaller firms, coordinating EU and international supervision of audits, and allowing auditors with a license in one member country to perform audits in all European Union countries. This last proposal, creating a “Single Market,” would be similar to the practice mobility movement in the United States. According to the AICPA, all states except for California and Hawaii now have laws enacted permitting CPA practice reciprocity.

The more problematic proposals focus on mandatory rotation of audit firms and a ban on audit firms from providing non-audit services. The maximum engagement period would be six years, with a four year break before being rehired. If the audit is carried out by two firms jointly, a nine year engagement period is allowed. Criticisms of mandatory rotation range from too short an engagement period, to increased cost for the client and lessened impetus for developing industry expertise. Also, firms feel that the ability to provide non-audit services enhances the effectiveness of audits, since the audit firm becomes more familiar with client operations from the other areas of involvement. Some critics go so far as to say the proposals would be worse than no changes at all, and Steve Haddrill, CEO of the UK “watchdog,” Financial Reporting Council, stated “Many of the proposals are extremely damaging and threatening to the quality of audit and would do no more than add cost.”

For alternative measures, more attention to and strengthening of the audit committee role is seen as a better approach. Also, the Competition Commission of the UK is currently conducting an inquiry of the audit market to assess issues of competition.

For parallels to similar concerns in the United States, see the related article on audit failures and PCAOB proposals.

Audit Failures Prompt PCAOB Appeal

Increases Seen in Big 4 Shortcomings

Responding to unsatisfactory results in ongoing 2010 inspections of Big 4 audit practices, and similar concerns expressed by regulators around the world, the PCAOB issued a Concept Release on Auditor Independence and Audit Firm Rotation in August 2011 (PCAOB Release No. 2011-006). Reporting to Congress earlier in the year, PCAOB Chairman, James R. Doty, stated that “…inspectors have continued to identify significant deficiencies related to the valuation of complex financial instruments, inappropriate use of substantive analytical procedures, reliance on entity level controls without adequate evaluation of whether those processes actually function as effective controls, and several other issues. PCAOB inspectors have also identified more issues than in prior years.”

The inspection results, released in November and December 2011, found failure rates of 20% to 45% of the audits selected for examination by the PCAOB. Those results contrasted with rates ranging from 9% to 22% in the prior year. Regarding financial instruments, examples of the shortcomings included failing to gain sufficient understanding of valuation methods and assumptions, failing to update and evaluate interim to year end results, and failing to test or otherwise validate external sources that were relied upon. In various areas, there appeared to be too much reliance on management representations and an inadequate level of skepticism. This concern was so prevalent with respect to one firm that its overall audit process and culture were called into question. Consequently, the PCAOB made public portions of the prior year’s inspection report that were previously non-public, where satisfactory resolution of issues had still not been made. In some cases, audit documentation was insufficient to determine if a claimed procedure had been performed.

The Concept Release requests input on the desirability of mandatory audit firm rotation, as a means of improving audit quality. The PCAOB theorizes that audit firms may be less likely to succumb to management pressure, if there tenure as auditors is limited to just a few years. Also, possibly a fresh look every few years by a new auditor would produce better results.

The AICPA and numerous other sources strongly oppose the idea of mandatory audit firm rotation. Similar to responses to the European Commission proposals (see separate article), the AICPA notes the expectation of increased costs and the reduction of client and industry expertise that could actually increase audit risk. The PCAOB Release is more of a collaboration seeking effort, as opposed to the EC proposal which is a legislative directive.

The comment period for the PCAOB Release has now closed, but a public roundtable is scheduled for March 2012.

See also PCAOB Seeks More Feedback on Communication With Audit Committees

Additional A&A News

The following links provide a selection of current articles devoted to highlighting other A&A topics currently making news.

  1. What’s the Future of IFRS in the U.S.?
  2. Time to Test-Drive the Revenue Recognition Proposal
  3. FASB Seeks Comment on Revenue-Related Amendments
  4. IAASB: Going Concern Assumption Must Remain in Auditor Focus
  5. IAASB Issues Standard on Pro Forma Financial Info for Prospectuses
  6. FASB, IASB Find Common Ground on Impairments

Audit & Accounting Alert is a publication of Integra International intended to highlight emerging issues in the profession. The goal is to give Integra members an awareness of developments impacting the practice of Audit & Accounting, enabling them to stay on the forefront of industry trends.

Editor Gerald E. Herter  •  HMWC CPAs & Business Advisors, 17501 E. 17th Street, Suite 100, Tustin, CA 92780-7924
 •  Tel: 1 714 505-9000  •  Fax: 1 714 505-7543  •  Email: [email protected]