Sit up and pay attention, SOX compliance community. We will soon get our first real glimpse into how much SEC chairman Jay Clayton wants to reshape the corporate audit world.
On deck is final approval of the proposed new format for audit reports: a standard the Public Company Accounting Oversight Board hammered out earlier this summer, after years of negotiating with the external audit community, the investor community, the corporate finance community, and others. The new format is the most dramatic overhaul of audit reports in decades, so lots of communities came out of the woodwork on this one.
The Securities and Exchange Commission must give its final blessing to any new standard the PCAOB has proposed. Typically, that SEC approval has been a pro forma thing—but things have changed quite a bit around Washington since Jan. 20, and the new audit report is quite a big change itself.
If Clayton wants to cast his lot with the critics who say the PCAOB’s demands upon audit firms (and by extension, upon the companies they audit) are out of control, repudiating its new audit report standard would send that message loud and clear. Or Clayton could toe the historical line, and approve that which the PCAOB has recommended. Or he could finesse some third way, approving the standard while adding caveats and clauses a-plenty to keep all constituencies at least quiet, if not content.
Until now, Clayton has kept a relatively low profile: saying just enough to comfort those expecting a rollback of securities regulation, but not enough to give fresh ammunition to governance supporters who see him as an instrument of Wall Street.
That won’t last much longer. Clayton’s action on the new audit report will offer a big glimpse into what’s to come as the SEC weighs other regulatory rollbacks in the future.
The New Audit Report Format
The most significant change in the new audit report format is inclusion of “critical audit matters”—issues that the audit firm has raised with the audit committee, that involve “especially challenging, subjective, or complex auditor judgment.”
The central question is whether an audit firm disclosing “CAMs” undermines the company’s ability to decide what gets disclosed to investors. Corporations worry that auditors disclosing CAMs might spill the beans about some transaction the company has not yet disclosed, or require the audit firm to discuss sensitive information about business processes or internal controls.
Those arguments do have merit, but they ignore another fundamental problem: the current report format offers diddly squat to investors trying to make sense of corporate disclosures. The current format is mostly a few paragraphs explaining what the audit report does or does not address, followed by a few measly lines confirming whether or not the financial statements offer a fair representation of the company’s financial picture. That’s it.
The SEC’s comment period for the new report format closed last Friday, and stark lines were drawn. In one letter, a host of companies (American Tower, Chevron, Nike, UnitedHealth, UPS, and more) warned that allowing auditors to disclose CAMs “is a fundamental reordering of financial reporting responsibilities.” The U.S. Chamber of Commerce, which douses any corporate governance idea it can find with cold water, warned that disclosure of CAMs would lead to strained relations between auditor and audit committee, as well as auditor and company management.
On the other side are investor groups, who want to get more insight from the audit firms and board members who supposedly work for them. My favorite came from Jack Ciescielski, publisher of the Analyst’s Accounting Observer and one of the smartest people alive on financial reporting. Audit firms and audit committees are paid by shareholders, he (correctly) noted, so of course they should tell their employer what concerns them most. Plus, other countries already require CAMs-like disclosure, and none of their capital markets have tumbled into the ocean.
We don’t know when the SEC will schedule a final vote on the audit report standard, although it should be soon. If the agency does approve the new audit report standard, the standard would go into effect for large filers for fiscal years ending after June 30, 2019; and for all other filers one year later.
The Fault Lines
The SEC has a three-part mission: protect investors; facilitate capital formation; and maintain fair, orderly, efficient markets. The philosophical question at hand with the audit report standard—the question that will tell us lots about Clayton’s priorities as SEC chair—is how much weight the SEC gives to each of those first two parts, as it muddles forward to deliver the third.
That is, if Clayton “favors Wall Street,” he’ll side with the idea that companies decide what should be disclosed to investors, rather than audit firms or anyone else. If investors don’t like those disclosures or can’t interpret them, they can always avoid the stock and avoid the risk.
That strikes me as impractical in the modern investment world. Investors need more context, rather than disclosure; we have enough disclosure already. And as the public relies more on equity investments for retirement, college education, or healthcare savings accounts, the public will want that context more and more too.
What’s more, a disclosure regime that rests on the dictum of “if you don’t like it, don’t buy the stock” drives us ever more to short-term perspective. If we want retail investors—the “Mr. and Mrs. 401(k)” that Clayton claims to care about so much—to be long-term partners with corporations, then they need more help understanding which risks matter most, and whether corporate management is forthcoming about them. That’s what they want from auditors.
So what’s more important to Clayton as the SEC steers U.S. capital markets: that we keep compliance burdens low, and let the investor beware? Or that investors get more information while navigating the perils of modern investing, even if that extra effort strains corporations and dents the returns going into those 401(k) plans?
The SEC will confront that question time and again, on everything from Section 404(b) audits, to the CEO Pay Ratio Rule, to clawback policies, and much more. The PCAOB audit report just happens to be the first issue on deck. Let’s see what it tells us.