The SEC replaced the entire board of the Public Company Accounting Oversight Commission today—an expected, but still sweeping, shakeup that portends significant changes in how auditing is done.
The new chairman is William Duhnke, whose name has been predicted for awhile now. Duhnke is a lawyer by trade and spent most of his recent career on Capitol Hill. Most recently he was staff director of the Senate Rules Committee, and prior to that staff director to the Senate Banking Committee.
So, in other words—no, the chief regulator of the public accounting industry has no direct accounting experience and is not a CPA. Then again, departing chairman James Doty was also a lawyer rather than a CPA; it’s not a requirement for the job.
Also named as board members were:
- Robert Brown, law professor at the University of Denver, where he heads the corporate and commercial Law program. He was also on the SEC staff in the 1980s as counsel to then-commissioner, now governance guru Joe Grundfest.
- Kathleen Hamm, who works at Promontory Financial Group as global leader of securities and fintech solutions, and also as senior adviser on cybersecurity issues. Promontory, now a division of IBM, is also the hangout of ex-SEC officials such as former SEC chairs Mary Schapiro (Obama Administration) and Arthur Levitt (Clinton Administration).
- James Kaiser, partner at PwC and leader of the global assurance methodology & transformation practice. He has been with PwC for 38 years and has held numerous leadership roles with the firm.
- Duane DesParte, soon to retire as corporate controller of Exelon Corp., where he has worked for the past 14 years. He previously was an audit partner at Deloitte & Touche and, prior to that, Arthur Andersen.
Duhnke & Co. will be the first new crop of board members since 2011. That’s when the PCAOB survived a near-death experience in federal court; right-wing activists had challenged the board’s constitutionality, and the Supreme Court shut them down. Doty arrived soon thereafter as chairman, along with board members Jeanette Franzel, Lew Ferguson, and, and Jay Hanson. They, along with long-timer Steven Harris (on the board since 2008!) took the PCAOB to where it is today.
The new board will also have several major issues on its plate— issues that would be major at any time, let alone in today’s politically toxic environment, and one where it’s quite possible we’ll a different party in charge of Congress in one year’s time. A few big ones will be…
- Revenue recognition standard. The new standard for recognizing revenue goes into effect on Friday. It will be an enormous shift in how companies recognize revenue and report revenue to investors. Audit firms will conduct their first audits according to that new standard next spring. The PCAOB will inspect their work under the new standard next year.
- Audit report format. One of Doty’s parting acts was to push through an overhaul of the auditor report. It won’t go into effect for two years, but the new report will require audit firms to disclose “critical audit matters.” CAMs will be any issue in that involves “especially challenging, subjective, or complex auditor judgment.” That, in turn, will lead to some pointed conversations with clients about what is or is not a CAM, and who discloses what to investors. The SEC is watching closely to see how this format will roll out.
- SOX compliance and ICFR audits. Duhnke’s new boss, SEC chairman Jay Clayton, has made perfectly clear that he wants to ease the compliance requirements around Section 404(b) of the Sarbanes-Oxley Act; the requirement for an annual audit of internal control over financial reporting. Congress might not ever get around to amending SOX 404(b), so it’s quite possible that Clayton and Duhnke will team up to reduce the pressure administratively, via new guidance on how ICFR audits are conducted and which firms are subject to them.
- Cybersecurity. Honestly, I added this one because every regulator is now worried about cybersecurity— but none really know how to worry effectively about the issue. The PCAOB says that it will make cybersecurity a priority as it inspects audit firms in the coming year, and sure, auditors should assess a client’s cybersecurity posture. But, really, how does a cybersecurity failure lead to a financial restatement? We’ll see how this one plays out.
The PCAOB chairman’s salary, by the way, is $670,000 annually. Duhnke will now be one of the highest paid public servants in Washington.