Introduction
The Public Company Accounting Oversight Board (PCAOB) is a private, nonprofit organization that was instituted in 2002 as a result of the Sarbanes-Oxley Act (Anandarajan and Kleinman 114). The primary objective of the PCAOB is the protection of investors’ interest through the oversight of audit reports issued by public companies (Anandarajan and Kleinman 114). The organization also conducts standard-setting and enforcement activities. PCAOB is a part of a mechanism that has been put in place in order to ensure the quality of audited financial information. Nowadays, the necessity to have oversight of private auditing companies is especially pressing because the rise of global capital markets increases the importance of investor confidence.
The aim of this paper is to review inspection reports on four American companies produced by the PCAOB. The paper will analyze the organization’s inspection process and deficiencies in the companies’ financial reporting.
Analysis
KPMG LLP
KPMG LLP is a public accounting company that was inspected by the PCAOB in 2015 according to the Sarbanes-Oxley Act of 2002 (PCAOB “KPMG” 1). After examining 49 public company audit client audits performed by the company, an inspection team was able to find a number of deficiencies in KPMG LLP’s reporting (PCAOB “KPMG” 2). The analysis of 20 audits shows that the publicly listed company has failed to gather adequate audit evidence to back its audit opinion (PCAOB “KPMG” 31). It can be argued that this deficiency in the firms’ reporting was due to a lack of proper professional care. Moreover, a failure to exercise due professional skepticism was also evident in the company’s assessment of the effectiveness of internal control over financial reporting (ICFR).
Another deficiency related to ICFR, which was noted by PCAOB, is a failure to test controls over the statements of cash flows. The auditor concentrated on quarterly reviews of these statements and supporting documentation. Specifically, KPMG LLP conducted a comparison of the documentation and financial statements. However, the company failed to assess the level of precision at which the control operates. Even though this particular deficiency was not presented for all issuers, there is a trend for not tying proper controls to risks. This deficiency indicates a significant flaw in a quality control system of KPMG LLP. A firm’s failure to install proper quality control system is confirmed by the report’s findings.
Another audit deficiency detected during the inspection, is the publicly listed company’s failure to properly tests controls for business combinations. Specifically, the company did not evaluate whether control owners were capable of adequately performing control. This deficiency is also related to ICFR. All deficiencies noted in the inspection of KPMG LLP fall into two areas: auditing internal control over financial reporting (AS 5) and assessing and responding to risks of material misstatement (AS 8-15) (Gaap Dynamics). The accounts associated with deficiencies fall into the following categories: liability, asset, reserve, expense, income/revenue, and equity.
It should be noted that the application of AS 5 to the auditing of ICFR was the most common deficiency across all public company audit clients of KPMG LLP. The most common type of disclosures for which testing controls procedures were deficient is the statement of cash flows (PCAOB “KPMG” 30). The inspection also revealed deficiencies in the following standards: audit planning (AS 9), the auditor’s responses to the risks of material misstatement (AS 13), evaluating audit results (AS 14), service organizations (AU 324), and audit sampling among others (PCAOB “KPMG” 33). KPMG LLP’s response to the inspection shows that the company is committed to the execution of high-quality audits and agrees with the findings of PCAOB (PCAOB “KPMG” B-1).
BDO LLP
The inspection of BDO LLP concentrated on 22 issuer audits and one issuer audit, in which the company engaged but did not participate as a principal auditor (PCAOB “BDO” 4). The results of the inspection do not question the company’s judgment about materiality. However, the company did not take sufficient measures to obtain reasonable assurance of the lack of reporting misstatements. The PCAOB inspection of 23 issuer audits revealed deficiencies in testing controls for purposes of the ICFR and financial statements opinion (PCAOB “BDO” 4). The company showed a high reliance on controls which was not substantiated because of the significant deficiencies in substantive testing (PCAOB “BDO” 4).
The most common deficiencies identified in BDO LLP’s audits fall into four categories: failure to properly test the design of controls and their effectiveness, failure to test the accuracy of data produced by the public company audit clients, failure to properly test an account, and failure to test information or assumptions used by clients in order to produce an estimate (PCAOB “BDO” 5). In the case, in which the company was a principal auditor, it found a fraud risk as well as numerous misstatements. However, it failed to recognize a necessity to modify its risk assessment in light of this finding. In other words, BDO LLP identified a revenue-related fraud risk but did not perform additional testing procedures.
It has to be mentioned that similarly to the previous inspection, the application of AS 5 to the auditing of ICFR was the most common deficiency across all public company audit clients of BDO LLP. Issues associated with the application of auditing accounting estimates were recognized as yet another type of deficiencies in the company’s reporting. This type of deficiencies highlights BDO LLP’s failure to challenge data or assumptions that were provided by issuers for making auditing estimates.
Future operating projections, loans, accruals and other reserves, investment securities, balance sheet accounts, and inventory reports among others were associated with numerous deficiencies of all sorts. These accounts fall into the following categories: liability, asset, reserve, expense, income/revenue, and equity. The PCAOB inspection report identified deficiencies in the application of 12 auditing standards: AS 5, AS 11, AS 12, AS 13, AS 14, AU 316, AU 328, AU 329, AU 330, AU 331, AU 342, and AU 350 (PCAOB “BDO” 43). The company’s response shows its agreement with the PCAOB’s findings.
PricewaterhouseCoopers LLP
The inspection of a registered public accounting company, PricewaterhouseCoopers LLP, concentrated on 53 issuer audits and two audit engagements in which the company did not participate as a principal auditor (PCAOB “PricewaterhouseCoopers” 2). Similar to the two previous inspection reports, the inspection team identified the deficiency in testing controls in order to make the ICFR opinion the most common type of problem. Another type of deficiency in the company’s audit process is associated with substantive testing for the financial statements opinion (PCAOB “PricewaterhouseCoopers” 4). Therefore, there are two areas of deficiencies in the company’s audits: audit procedures and account deficiencies. The application of AS 5 to the auditing of ICFR was the most common deficiency across all public company audit clients of KPMG LLP.
The company’s failure to analyze goodwill for one of its audit client’s reporting units is an example of the inappropriateness of audit evidence on which audit opinions were based. Specifically, PricewaterhouseCoopers LLP compared the results of the audit to the client’s cash-flow forecasts for the previous year despite the fact that they differed to a significant degree (PCAOB “PricewaterhouseCoopers” 14).
The inspection of the registered public accounting company revealed the following accounts associated with account deficiencies: business combinations, long-lived assets, fixed assets, goodwill and intangible assets, inventory and other reserves, loans, accounts receivable, allowances, and deferred revenue (PCAOB “PricewaterhouseCoopers” 27). These accounts fall into the following categories: liability, asset, reserve, expense, income/revenue, and equity. It should be noted that two of the deficiencies are associated with PricewaterhouseCoopers LLP’s failure to modify financial statements after they have been resubmitted by issuers (PCAOB “PricewaterhouseCoopers” 2).
The company agreed with the results of the inspection. Moreover, it took steps to minimize the number of deficiencies in its audit process (PCAOB “PricewaterhouseCoopers” C-1).
Deloitte & Touche LLP
The inspection of a registered public accounting company, Deloitte & Touche LLP, reviewed 54 audit engagements and one issuer audit in which the company did not participate as the principal auditor (PCAOB “Deloitte” 2). The inspection team expressed an adverse opinion over the audit of ICFR. Specifically, the majority of the deficiencies are associated with the deficiency in testing controls in order to make the ICFR opinion. This area of deficiencies is followed by another one—deficiency in substantive testing for the financial statements opinion (PCAOB “Deloitte” 4). Out of the total 13 audits outlined in the inspection report, 9 were related to the first area of deficiencies and 4 to the second one (PCAOB “Deloitte” 4).
The types of deficiencies detected by the inspection team can be divided into three categories. The first category is a failure to properly test the effectiveness of controls. The second category of deficiencies is a failure to properly verify information or assumptions used by registered public accounting companies for creating an estimate (PCAOB “Deloitte” 5). The third type is a failure to properly test controls for risks associated with certain accounts or assertions (PCAOB “Deloitte” 5).
The inspection of Deloitte & Touche LLP’s revealed the following accounts associated with account deficiencies: business combinations, long-lived assets, fixed assets, goodwill and intangible assets, inventory and other reserves, loans, accounts receivable, allowances, and deferred revenue (PCAOB “Deloitte” 22). All deficiencies revealed by the inspection are associated with the application of the following auditing standards: AS 5, AS 13, AS 14, AU 316, AU 328, AU 329, AU 342, and AU 350 (PCAOB “Deloitte” 21-22).
Deloitte & Touche LLP’s failure to gather sufficient evidence for substantiating its audit opinions can be exemplified by a case in which, the auditor did not take into account both existing and future POC contracts of an auditee (PCAOB “Deloitte” 11). Moreover, the company did not assess whether the issuer’s financial statements conformed to GAAP (PCAOB “Deloitte” 12).
The company’s response shows its agreement with the results of the inspection. Furthermore, it suggests that Deloitte & Touche LLP took actions to minimize the number of deficiencies in its audit process (PCAOB “Deloitte” B-1).
Conclusion
The analysis of the inspections conducted by the public oversight body, PCAOB, shows that all three registered public accounting companies had numerous deficiencies in their audits. Insufficient testing was recognized as the most common type of audit deficiency. The most common types of accounts associated with this type of deficiency are revenue and asset accounts.
Works Cited
Anandarajan, Asokan, and Gary Kleinman. International Auditing Standards in the United States: Comparing and Understanding Standards for ISA and PCAOB. Business Expert Press, 2015.
Gaap Dynamics. “Learn from PCAOB Inspection Reports and Improve Your Audit Training.” Gaap Dynamics, Web.
PCAOB. “Report on 2014 Inspection of BDO USA, LLP (Headquartered in Chicago, Illinois).” PCAOB, Web.
PCAOB. “Report on 2015 Inspection of Deloitte & Touche LLP (Headquartered in New York, New York).” PCAOB, Web.
PCAOB. “Report on 2015 Inspection of KPMG LLP (Headquartered in New York, New York).” PCAOB, Web.
PCAOB. “Report on 2015 Inspection of PricewaterhouseCoopers LLP (Headquartered in New York, NY).” PCAOB, Web.