Show The Accounting Profession: Major Issues: Progress and Concerns (Chapter Report, 09/24/96, GAO/AIMD-96-98,AIMD-96-98A). Public confidence in the fairness of financial reporting is critical to the effective functioning of the securities markets. Federal securities laws require public companies to disclose information that accurately describes the financial condition of a company. These laws also require that financial statements filed with the Securities and Exchange Commission (SEC) by public companies be audited by independent public accountants. During the past 20 years, costly, well-publicized, and unexpected business failures--such as the savings and loan crisis and the resulting government bailouts--have raised questions about what the public expects from an independent audit of public companies and how well the audit function meets those expectations. More recently, the globalization of business, the increasing complexities of business transactions, and advances in information technology have challenged the relevance and usefulness of traditional financial reporting and the auditor's role in serving the public interest. These issues, along with major litigation involving independent auditors, prompted many studies of financial reporting and auditing during the past two decades, resulting in hundreds of recommendations to the accounting profession. This report (1) identifies recommendations made from 1972 through 1995, and actions taken, to strengthen accounting and auditing standards and the performance of independent audits of publicly owned companies required by federal securities laws and (2) identifies unresolved issues and determines their impact on the performance of independent auditors, the setting of effective accounting and auditing standards, and the scope of business reporting and audit services. GAO found that although the accounting profession has made changes to improve financial reporting and auditing of public companies, several major issues remain unresolved. These issues include auditor independence, auditor responsibility for detecting fraud and reporting on internal controls, public participation in standard setting, the timeliness and relevance of accounting standards, and maintaining the independence of the Financial Accounting Standards Board. --------------------------- Indexing Terms ----------------------------- REPORTNUM: AIMD-96-98 AIMD-96-98A TITLE: The Accounting Profession: Major Issues: Progress and Concerns DATE: 09/24/96 SUBJECT: Financial statements Auditing standards Accountants Audit reports Financial records Accounting procedures Standards evaluation Quality control Securities regulation Reporting requirements ****************************************************************** ** This file contains an ASCII representation of the text of a ** ** GAO report. Delineations within the text indicating chapter ** ** titles, headings, and bullets are preserved. Major ** ** divisions and subdivisions of the text, such as Chapters, ** ** Sections, and Appendixes, are identified by double and ** ** single lines. The numbers on the right end of these lines ** ** indicate the position of each of the subsections in the ** ** document outline. These numbers do NOT correspond with the ** ** page numbers of the printed product. ** ** ** ** No attempt has been made to display graphic images, although ** ** figure captions are reproduced. Tables are included, but ** ** may not resemble those in the printed version. ** ** ** ** Please see the PDF (Portable Document Format) file, when ** ** available, for a complete electronic file of the printed ** ** document's contents. ** ** ** ** A printed copy of this report may be obtained from the GAO ** ** Document Distribution Center. For further details, please ** ** send an e-mail message to: ** ** ** ** ** ** ** ** with the message 'info' in the body. ** ****************************************************************** Cover ================================================================ COVER Report to the Ranking Minority Member, Committee on Commerce, House of Representatives September 1996 THE ACCOUNTING PROFESSION - MAJOR ISSUES: PROGRESS AND CONCERNS GAO/AIMD-96-98 The Accounting Profession (917641) Abbreviations =============================================================== ABBREV AcSEC - Accounting Standards Executive Committee AICPA - American Institute of Certified Public Accountants AIMR - Association for Investment Management and Research AITF - Audit Issues Task Force APB - Accounting Principles Board ASB - Auditing Standards Board AudSEC - Auditing Standards Executive Committee CAP - Committee on Accounting Procedure CAuP - Committee on Auditing Procedure CFO - Chief Financial Officer COSO - Committee of Sponsoring Organizations of the Treadway Commission CPA - certified public accountant CPE - continuing professional education EITF - Emerging Issues Task Force FAF - Financial Accounting Foundation FASAB - Federal Accounting Standards Advisory Board FASAC - Financial Accounting Standards Advisory Council FASB - Financial Accounting Standards Board FDICIA - Federal Deposit Insurance Corporation Improvement Act of 1991 FMFIA - Federal Managers' Financial Integrity Act of 1982 GAAP - generally accepted accounting principles GAAS - generally accepted auditing standards GAGAS - generally accepted government auditing standards OMB - Office of Management and Budget PITF - Professional Issues Task Force POB - Public Oversight Board QCIC - Quality Control Inquiry Committee SAS - statement of auditing standards SEC - Securities and Exchange Commission SFAS - statement of financial accounting standards SOP - statement of position Letter =============================================================== LETTER B-258991 September 24, 1996 The Honorable John D. Dingell Ranking Minority Member Committee on Commerce House of Representatives Dear Mr. Dingell: This two-volume report responds to your request concerning the status of recommendations made to the accounting profession over the past two decades by major study groups. Our objectives were to identify (1) recommendations made from 1972 through 1995 to improve accounting and auditing standards and the performance of independent audits under the federal securities laws and the actions taken on those recommendations and (2) any unresolved issues to determine their impact on the performance of independent audits, effective accounting and auditing standards setting, and efforts to expand the scope of business reporting and audit services. We are sending copies of the report to other appropriate congressional committees, federal agencies, and organizations of the accounting profession, including the Chairman, House Committee on Commerce; Chairman and Ranking Minority Member, Subcommittee on Oversight and Investigations, House Committee on Commerce; Chairman and Ranking Minority Member, House Committee on Banking and Financial Services; Chairman and Ranking Minority Member, Senate Committee on Banking and Financial Services; the Chairman of the Securities and Exchange Commission; the Chair and President of the American Institute of Certified Public Accountants; the President of the Financial Accounting Foundation; the Chairmen of the Financial Accounting Standards Board, Public Oversight Board, and the Auditing Standards Board; the Managing Partners of the "Big 6" accounting firms; and other interested parties. We will also make copies available to others on request. This report was prepared under the direction of Donald H. Chapin, Chief Accountant, and Robert W. Gramling, Director, Corporate Audits and Standards. Please contact Mr. Gramling on (202) 512-9406 if you or your offices have any questions. Major contributors are listed in appendix IX of this report (GAO/AIMD-96-98A). Sincerely yours, Charles A. Bowsher Comptroller General of the United States EXECUTIVE SUMMARY ============================================================ Chapter 0 PURPOSE ---------------------------------------------------------- Chapter 0:1 Following the Great Depression, the Securities and Exchange Commission (SEC) was established in the 1930s to help protect investors through the regulation of securities, including requirements for financial disclosures and audits of financial statements. The public accounting profession, through its independent audit function, has fulfilled the important role of attesting to the reliability of financial statements and related data. The accounting profession's services are critical to the effectiveness and efficiency of our nation's commerce and capital markets as well as international markets. In the United States, there are over 1,000 public accounting firms that audit publicly owned companies. Six large accounting firms, which employ over 91,000 professionals, audit over 78 percent of the nation's 16,000 publicly owned companies. Over the past two decades, certain unexpected business failures that were well-publicized and costly--such as financial institution failures and large government bailouts--have raised questions about what the public expects from an independent audit of public companies and the effectiveness of the audit function to meet those expectations. More recently, the globalization of businesses, the increasing complexities of business transactions, and advances in information technology are challenging the relevance and usefulness of traditional financial reporting and the auditor's role in serving the public interest. These issues, coupled with significant litigation involving independent auditors, prompted many studies of financial reporting and auditing over the past two decades, resulting in hundreds of recommendations and many actions by the accounting profession to address these issues. Pursuant to the request of the Ranking Minority Member, House Committee on Commerce, GAO undertook a review of the accounting profession to (1) identify recommendations made from 1972 through 1995, and actions taken, to improve accounting and auditing standards and the performance of independent audits of publicly owned companies required by federal securities laws and (2) identify any unresolved issues and determine their impact on the performance of independent auditors, effective accounting and auditing standards setting, and the scope of business reporting and audit services. BACKGROUND ---------------------------------------------------------- Chapter 0:2 Public confidence in the fairness of financial reporting is critical to the effective functioning of the securities markets. Federal securities laws, which are primarily administered by the SEC, help to protect the investing public by requiring public companies to disclose information that accurately depicts the financial condition and results of company activities. These laws also require that financial statements filed with the SEC by public companies be audited by independent public accountants. Management of a public company is responsible for the preparation and content of the financial statements which are to be presented in accordance with generally accepted accounting principles (GAAP). Company management must also set the appropriate tone and establish the overall control environment in which it prepares financial reports. In addition, public companies registered with the SEC must maintain an adequate system of internal accounting control. The independent auditor is responsible for auditing the financial statements in accordance with generally accepted auditing standards (GAAS). The SEC, the primary federal agency involved in accounting and auditing requirements for publicly traded companies, has traditionally delegated much of its responsibility for setting standards for financial reporting and independent audits to the private sector, retaining a role largely of oversight. Accordingly, the SEC has accepted rules set by the Financial Accounting Standards Board (FASB)--GAAP--as the primary standard for preparation of financial statements. The SEC has accepted rules set by the American Institute of Certified Public Accountants' (AICPA) Auditing Standards Board--GAAS--as the standard for conducting independent audits of financial statements. The SEC reviews and comments on various financial reports required to be filed with the SEC by federal securities laws and regulations, and issues interpretive guidance and staff accounting bulletins on accounting and auditing matters. In addition, the stock exchanges, which are self-regulatory organizations under SEC authority, require listed companies to publish annual reports containing financial statements prepared in accordance with GAAP and audited by independent public accountants. During the 1970s, a series of unexpected failures by major corporations and disclosures of questionable and illegal payments to foreign officials led the Congress and others to review the role of the SEC and the auditor in the financial reporting process. In 1977, the Congress enacted the Foreign Corrupt Practices Act to require that companies registered with the SEC have internal accounting controls sufficient to provide reasonable assurance that transactions reflect management's authorization and financial statements are prepared in accordance with GAAP. In the 1980s, continued business failures, particularly those involving financial institutions, led to a series of congressional hearings on auditing and financial reporting under federal securities laws. Litigation against auditors emanating from those failures, along with auditor independence concerns raised by the SEC's Chief Accountant in the early 1990s, prompted renewed scrutiny of the accounting profession. These types of concerns over the past two decades have resulted in considerable debate and study of the accounting profession by the Congress, AICPA-appointed groups, GAO, and others. Appendixes to this report contained in GAO/AIMD-96-98A (1) identify the major studies and provide information on the study groups and (2) list specific recommendations made by the study groups and related actions taken by the accounting profession and others. The AICPA, FASB, and the SEC assisted GAO in identifying the specific actions taken to address the recommendations. The accounting profession has taken many actions, ranging from major changes in the structure for setting accounting and auditing standards and instituting a quality control program for accounting firms, to alerting auditors about specific problems. This report analyzes the major issues addressed by the study groups and the progress made in addressing the issues, provides GAO's observations on the significance of unresolved issues, and discusses the outlook for further progress. GAO identified five major issues discussed in the various studies from 1972 through 1995: (1) auditor independence, (2) auditor's responsibilities for fraud and internal controls, (3) audit quality, (4) the accounting and auditing standard-setting processes and the effectiveness of financial reporting, and (5) the role of the auditor in the further enhancement of financial reporting. RESULTS IN BRIEF ---------------------------------------------------------- Chapter 0:3 GAO's analysis of the actions taken by the accounting profession in response to the major issues raised by the many studies from 1972 through 1995 shows that the profession has been responsive in making changes to improve financial reporting and auditing of public companies. Further, GAO's analysis of statistical data on the results of peer reviews of accounting firms that audit public companies registered with the SEC shows that most firms now have effective quality control programs to ensure adherence with professional standards. However, GAO's review of the studies' findings shows that the actions of the accounting profession have not been totally effective in resolving several major issues. Issues remain about auditor independence, auditor responsibility for detecting fraud and reporting on internal controls, public participation in standard setting, the timeliness and relevancy of accounting standards, and maintaining the independence of FASB. New complex financial instruments, such as derivatives, and rapidly developing information technology that is facilitating electronic commerce and communication, such as the Internet, are significantly challenging the relevance of historical cost-based financial statements and the traditional audit of those statements. The accounting profession is also faced with challenges concerning the future role of the auditor in providing new services related to assuring the quality of information that is more timely and relevant than data contained in traditional financial statements. For the accounting profession to successfully move to a more modern era of auditing and provide expanded assurance services, it must more vigorously continue to address the major unresolved issues. Several studies have suggested that the auditor review and report on the effectiveness of entities' internal control systems and that the accounting profession build a stronger relationship with the boards of directors and audit committees of public companies. GAO believes such changes have considerable merit and could be instrumental in moving the profession forward to effectively address the issues of auditor independence and auditor responsibilities for detecting fraud and reporting on internal controls. Effective internal controls are the first line of defense for safeguarding assets and preventing fraudulent financial reporting--a lesson well-learned from the savings and loan crisis and, most recently, from business losses and failures from internal control breakdowns in the use of derivatives. Auditor reporting on internal controls would help ensure sufficient work by the auditor to determine the effectiveness of internal controls. Reporting on internal controls is also related to the auditor's ability to provide more relevant and timely assurances on the quality of data beyond that contained in traditional financial statements and disclosures. The auditor will need to know the adequacy of accounting and related information systems controls to provide timely assurance related to the quality of data from such systems. However, an increase in assurance services, coupled with the current large volume of consulting services provided clients by the largest accounting firms, could lead to increased concerns over auditor independence because of perceived economic ties to company management. GAO agrees with the studies of the accounting profession that suggest changes in the auditor/client relationship are needed to deal with the continuing concerns over auditor independence. For example, requiring the auditor to report directly to the board of directors or audit committee is a reasonable and effective means to strengthen auditor independence. GAO also believes that the effectiveness of such a direct reporting relationship would be further enhanced by having an audit committee that is independent. Setting accounting and auditing standards is inherently difficult and controversial. The complexities of the current financial reporting model, which includes a mix of historical and more current values, is a contributing factor that generates debate over the effects of proposed standards in preparing financial statements and contributes to the pressures placed on FASB. Further, recent studies have advocated additions of various types of information to traditional financial reporting. Suggested additions include current values for soft assets, such as trademarks and other intangible assets, that are often not recognized in traditional financial statements, forward-looking information about opportunities and risk, and nonfinancial data, such as performance measures. In addition, the studies have advocated that independent auditors be substantially more involved with checking the reliability of internal systems, and related controls, that produced information for external consumption. GAO believes that updating the present reporting model, as well as increased auditor involvement with assuring the effectiveness of internal controls, has merit especially in view of the fact that information technology is rapidly increasing data access and such data are increasingly significant to investors. GAO supports the recent successful efforts of the SEC to achieve increased public representation among the trustees of the Financial Accounting Foundation--FASB's parent organization that appoints members of FASB. Additional public participation will enhance the independence of the standard setters and the acceptability of the standard-setting process by providing public views to balance those of financial statement preparers and auditors. GAO also believes that the leadership the SEC has shown in addressing issues that concern the independence of the standard setters should also be extended to working cooperatively with the accounting profession to address the other important unresolved issues that the studies have continued to identify. The effective resolution of these issues cannot be accomplished by the accounting profession alone. The SEC's responsibilities under the securities laws place it in a pivotal position to assume a leadership role to work not only with the accounting profession, but also with the stock exchanges, public companies, and users of financial reporting to resolve these issues. PRINCIPAL FINDINGS ---------------------------------------------------------- Chapter 0:4 AUDITOR INDEPENDENCE: PROGRESS MADE BUT CONCERNS REMAIN -------------------------------------------------------- Chapter 0:4.1 The independence of public accountants--both in fact and appearance--is crucial to the credibility of financial reporting and, in turn, the capital formation process. Various study groups over the past 20 years have considered the independence and objectivity of auditors as questions have arisen from (1) significant litigation involving auditors, (2) the auditor's performance of consulting services for audit clients, (3) "opinion shopping" by clients, and (4) reports of accountants advocating questionable client positions on accounting matters. The accounting profession recognizes the importance of auditor independence and has taken various steps to strengthen independence. For example, the profession revised its code of ethics to help ensure auditor independence and objectivity and adopted a code of professional conduct to govern the acceptance of consulting services and/or other activities that may be perceived as creating conflicts of interest. In addition, AICPA members are now required to report annually to the client's audit committee the total fees received for management consulting services during the year under audit and a description of the types of such services rendered. Further, auditing standards require auditors to inform the audit committee of matters such as disagreements with management, consultations with other accountants, and difficulties encountered in performing the audit. The standards also require auditors to report to the audit committee internal control weaknesses that could adversely affect the client's ability to safeguard assets and to produce reliable financial statements. Others have also acted to strengthen auditor independence. For example, the SEC requires disclosures when an auditor resigns or is dismissed from an audit in order to discourage the practice of changing auditors to obtain a more favorable accounting treatment. In 1991, the Congress enacted the Federal Deposit Insurance Corporation Improvement Act (FDICIA), which includes requirements for independent audit committees in large banks and savings and loans, such as matters they should discuss with the independent auditor, and also sets audit committee membership requirements for the largest of the institutions. In 1995, the Congress enacted the Private Securities Litigation Reform Act of 1995, which codifies the auditor's responsibility for reporting illegal acts to audit committees and requires, in certain circumstances, auditors to report illegal acts to regulators. Despite actions taken by the accounting profession and others to strengthen auditor independence, concerns remain. In 1992 and again in 1994, the SEC Chief Accountant questioned the independence of accounting firms in situations in which they condoned or advocated what he questioned as inappropriate interpretations of accounting standards to benefit their clients. In addition, study groups have expressed concern that the growth of consulting services, relative to a static level of auditing and accounting services, could be perceived as lessening the objectivity of the auditor. Both the accounting profession and the SEC have been active in examining continuing auditor independence concerns. They have found there is no conclusive evidence that providing traditional management consulting services compromises auditor independence. Further, they believe that such services not only benefit the client, but ultimately benefit investors and other interested parties. GAO believes measures that would limit auditor services or mandate changing auditors at set intervals are outweighed by the value of continuity in conducting audits and the value of traditional consulting services. However, GAO also believes that questions of auditor independence will probably continue as long as the existing auditor/client relationship continues. This concern over auditor independence may become larger as accounting firms move to provide new services that go beyond traditional services. The accounting profession needs to be attentive to the concerns over independence in considering the appropriateness of new services to ensure that independence is not impaired and the auditor's traditional values of being objective and skeptical are not diminished. GAO supports a recent proposal by the AICPA's Public Oversight Board to bring the independent auditor into a more direct working relationship with the board of directors. The proposal also emphasizes the role of the independent audit committee as an overseer of the company's financial reporting process, a buffer between management and the auditor, and a representative of user interests. Such a change is inherently difficult to accomplish. Further, the change may not happen voluntarily since a GAO survey of Fortune Industrial 500 and Fortune Service 500 companies showed that audit committee chairmen appear satisfied with their present relationship with the independent auditor. The fear of litigation by boards of directors and audit committees is another barrier to voluntarily changing auditor/client relationships and the perceived increase in their responsibilities that may result. Although the recently enacted Private Securities Litigation Reform Act of 1995 provides some liability relief and requires reporting on certain matters that could involve directors and auditors, the Act does not fundamentally address existing working relationships between auditors and boards of directors or audit committees. As an alternative to voluntary action, the SEC, which has the responsibility and authority under securities laws to ensure that accountants who audit companies registered with the SEC are independent, could more clearly define the roles of boards of directors and audit committees as they relate to the independent auditor. The SEC has been reluctant to exercise authority in matters of corporate governance and may want to seek legislation expressly authorizing the SEC to act in this area. For example, the SEC could seek legislation containing audit committee requirements such as those in FDICIA. Although FDICIA-type requirements do not establish a formal relationship between the auditor and the audit committee, they would be an improvement over the current situation. Such requirements could specify certain audit committee qualifications and basic responsibilities regarding reviewing with the auditors the reports on financial statements, internal controls, and compliance with laws and regulations. An independent and knowledgeable audit committee as envisioned by FDICIA would enhance the effectiveness of having the auditor report directly to the audit committee. As another alternative, the SEC could work through the major stock exchanges to achieve listing requirements that would more specifically define audit committee duties and responsibilities and their relationships with the independent auditor. The listing agreements of the major stock exchanges already require members to have audit committees, so the basic principle has been established. Such an approach by the stock exchanges, backed by the SEC, would not require legislation. EXPECTATION GAP STILL EXISTS FOR DETECTION OF FRAUD AND DETERMINING EFFECTIVENESS OF INTERNAL CONTROLS -------------------------------------------------------- Chapter 0:4.2 Well-publicized cases of financial irregularities and internal control weaknesses in some companies and many financial institutions, and seemingly unforeseen business failures, have raised questions concerning the auditor's role and responsibilities. Studies have advanced proposals to narrow what has been termed "the expectation gap" between what the public expects of the accounting profession, especially as it relates to the audit function, and what the profession believes is its proper role. To address the expectation gap, the accounting profession issued auditing standards to address the auditor's responsibilities and provide guidance for (1) evaluating internal controls, (2) providing early warning of a company's financial difficulties, (3) designing the audit to provide reasonable assurance of detecting material fraud, and (4) improving communication to the financial statement user and to the audit committees of public companies. These actions have not eliminated the expectation gap, particularly with regard to the auditor's responsibility for detection of fraud and internal control problems. For example, the public may be holding the auditor responsible for preventing fraud as well as detecting and reporting material fraud. The public may also be holding the auditor responsible for other types of unauthorized behavior resulting from inadequate risk management controls that are not directly related to the financial statements. The scope of audit work required by existing standards is too limited to address these expectations. GAO believes the issues of the auditor's responsibility for fraud and internal controls overlap--effective internal controls are the main line of defense in preventing and detecting fraud. Control weaknesses were a major contributing factor to many of the notorious cases of management fraud and failed savings and loans. However, as part of a financial statement audit, auditors are not required to evaluate internal controls in a manner sufficient to form an opinion on their effectiveness in preventing and detecting fraud and other types of failures in internal risk management systems. In pursuing reforms these issues should be linked together. GAO believes that auditor reporting on the effectiveness of internal controls is fundamental in successfully addressing the public expectation gap for fraud. GAO's work on internal controls and compliance with laws and regulations as part of its financial statement audits of federal entities shows that auditors have the capacity to examine the adequacy of controls to prevent and detect fraud in financial reporting and in the acquisition, use, and disposition of assets. The accounting profession has recently publicly supported auditor reporting on internal controls. The profession has also recently issued for comment a new standard that attempts to heighten auditor initiatives in detecting fraud. The proposed guidance emphasizes the need for the auditor to exercise professional skepticism and pursue "red flags" to detect fraud. Such guidance is an important component of assessing risk and, accordingly, planning and conducting the audit. However, the proposed standard does not make the important linkage of reporting on the effectiveness of internal controls with fraud detection, which will likely limit the standard's effectiveness in narrowing the expectation gap with respect to fraud. Performing a full evaluation of internal controls would provide greater assurance of detecting and preventing significant fraud and thereby more effectively address the expectation gap. Because these extra procedures would increase audit costs, management of many companies may resist expanding auditors' responsibilities for internal controls. In addition, although the recently enacted Private Securities Litigation Reform Act provides greater protection for the accounting profession from unwarranted litigation, the profession's liability concerns may continue to impede its willingness to accept additional responsibilities for fraud prevention and detection. However, GAO believes the public interest should also be considered. The savings and loan crisis in the 1980s demonstrated the cost to the public of weak internal controls. Internal control weaknesses were a significant contributing factor to the failure of savings and loans. More recently, there have been large business losses and failures centering on weak controls over the use of derivatives. GAO has expressed concern that weak controls, given the large volume of derivatives activity among major brokers and dealers, pose a systemic risk to the stability of the entire financial system. Strong internal controls would not only serve to protect against fraud, but could also serve a broader function of ensuring that important internal risk management policies are likely to be followed. As one option, legislation could be enacted to require management and auditor internal control reporting for all public companies similar to that required of banks and savings and loans by FDICIA. Alternatively, if the auditor/client relationship were to shift to the board of directors, as suggested in 1994 by the Public Oversight Board Advisory Panel on Auditor Independence, and the board assumes more responsibility for overseeing risk management and the effectiveness of the controls, boards of directors may see the value of auditors' involvement with internal controls and may call upon auditors to assist them in their oversight responsibilities. Accordingly, public reports on internal controls would likely result. As previously stated, GAO does not believe that many businesses will likely voluntarily change the auditor/client relationship. Looking to the future, more pressure to extend the accounting profession's responsibility for internal controls is likely to develop as globalization of businesses, complex business transactions, and advances in information technology increase the importance of safeguarding controls over assets. Auditors can better serve their business clients and other financial statement users by having a greater role in providing assurances over the effectiveness of internal controls in protecting assets and in providing an early warning of weaknesses that could lead to business failure. The accounting profession, the SEC, and boards of directors are each major stakeholders in reaching the ultimate goal of having an audit that is more likely to be able to provide reasonable assurance of detecting material fraud. While the accounting profession now supports internal control reporting, the SEC has not been convinced of the merits of reporting on internal controls. SEC support is critical to further progress in this area. In the long run, GAO expects that audits will be expanded to include internal control reporting, either because of market demand or some systemic crisis. THE ACCOUNTING PROFESSION'S SELF-REGULATION PROGRAM HAS IMPROVED AUDIT QUALITY -------------------------------------------------------- Chapter 0:4.3 Concerns raised in the 1970s with audits of public companies focused attention on the need to improve quality control mechanisms to ensure that professional standards were being met. In 1977, the AICPA instituted a voluntary peer review program that included reviewing public accounting firms' systems of quality control for their accounting and auditing practices, creating the SEC Practice Section within the AICPA to administer the program, and creating the Public Oversight Board to oversee the SEC Practice Section and to represent the public interest. In response to critics, the AICPA required all its members that audit public companies to become members of the program beginning in 1990. As a result, membership increased from 519 firms in June 1989 to 1,257 firms in August 1995. These firms audit about 97 percent of the 16,000 SEC registrants. The current program has had a positive impact on the quality control processes within accounting firms and on the overall quality of audits. In 1991--the year in which most initial peer reviews were conducted--83 of 300 peer reviews (about 30 percent) resulted in modified reports.\1 GAO's analysis of 724 peer review reports issued for accounting firms that audited SEC registrants during 1992 through 1994 showed that only about 10 percent of the peer reports were modified. GAO's analysis also showed that none of these modified reports were received by the largest accounting firms (firms that audit 30 or more SEC registrants). GAO's review of the peer review reports also showed that they frequently identify audit documentation weaknesses, such as auditors not adequately documenting work performed, and financial reporting weaknesses, such as inadequate financial statement disclosures. GAO also found no major difference regarding the frequency of such deficiencies among the smallest firms or the largest firms. Although the vast majority of these deficiencies are not considered serious enough by the peer reviewers to modify their reports, continual finding of these types of deficiencies is troubling, especially in the cases where such weaknesses were reported in firms' previous peer reviews. Such weaknesses can detract from the credibility of the accounting profession and expose the firms to liability in the event of a business failure and a resulting lawsuit. GAO believes that closer attention to audit supervision, which may be achieved in part through the AICPA's enhanced requirements for concurrent partner review, should help to reduce documentation and reporting deficiencies. -------------------- \1 A modified report can either be qualified or adverse, or it may include a disclaimer of opinion. A qualified opinion identifies significant deficiencies in the firm's quality control processes or in compliance with those processes. An adverse opinion indicates the processes, or compliance with the processes, are not adequate. A disclaimer of opinion is issued when limitations on the scope are so significant that the review team cannot form an overall opinion. No disclaimers of opinion were issued through 1994. USER PARTICIPATION, TIMELINESS, AND SPECIAL INTEREST PRESSURES CONTINUE TO CHALLENGE STANDARD SETTERS -------------------------------------------------------- Chapter 0:4.4 The current structure for establishing accounting and auditing standards, which has served our nation well in providing generally accepted standards, is a result of the recommendations made over the past two decades to improve accounting and financial reporting to adequately serve the public interest. This is no easy task since, to be effective, standard setters must be able to address important, and usually controversial, accounting and auditing issues on a timely basis and to resolve those issues with credible, conceptually sound standards that are responsive to the broad public interest. However, the overall limited amount of user participation in the standard-setting processes, the timeliness of issuing accounting standards, and the pressures brought by groups that attempt to influence accounting standards are still significant concerns. FASB and the AICPA have made efforts to obtain increased user participation in setting standards. For example, FASB and Auditing Standards Board (ASB) meetings are required to be open to the public. FASB and the ASB also issue exposure drafts of proposed standards and other materials to the public for comment. To balance views in setting standards, the Financial Accounting Foundation (FAF) trustees--FASB's parent organization--have appointed users, as well as auditors, financial statement preparers, and educators to FASB and its Financial Accounting Standards Advisory Council (FASAC). However, user representation and participation remains lower than other groups, making it difficult to produce standards that have a balanced perspective in meeting users' needs. In practice, audit standard setting has been primarily the domain of the accounting profession. Auditing standards have been influenced by auditors' liability concerns and perceptions of a lack of cost benefit that have constrained the scope of audit. The SEC, which has ultimate authority for standard setting and responsibility for protecting the public interest, has not always strongly asserted that role in its relationship with the standard setters. Recently, the SEC expressed strong views that the majority of the FAF trustees should be public representatives as a means to strengthen both the substance and perception of FASB's independence, and reached agreement with FAF that trustee membership will be balanced between constituent and public members. GAO believes the SEC's recent attention to strengthening standard setting is a step in the right direction. In response to concerns over the quality and timeliness of accounting standards, FASB developed a conceptual framework for deliberations on accounting matters, created an Emerging Issues Task Force to provide timely accounting and reporting guidance, and began relying on the AICPA to set standards for certain issues. Despite these efforts, according to the FASB records, it takes an average of 2 years to issue specific standards. Complex, controversial accounting treatments can take considerably longer. FASB's timeliness remains problematic, particularly in critical areas such as the current need for accounting standards for derivatives. FASB has at times been confronted by strong opposition to positions it has taken in developing proposed standards and has responded professionally to those positions. GAO believes that FASB's mixed financial reporting model, which measures some assets and liabilities at historical cost and others at more current values, and the difficulties claimed by the companies in implementing such proposed standards, contribute to the pressures brought to bear on FASB in developing standards. FASB's ongoing debate over accounting standards for derivatives and the financial statement consequences of measuring derivatives at market values and related assets or liabilities at other values is a prime example. Resolving conceptual issues surrounding the mixed financial reporting model by moving toward a model with more consistent accounting treatment for derivatives' related assets and liabilities may help to improve timeliness. However, the inherently controversial nature of setting accounting standards will likely always result in some level of debate and in continued pressures. Therefore, it is important that the SEC continue to monitor the operation of the standard-setting process to ensure FASB's ability to objectively set standards. FASB recently developed a strategic plan to carry the organization into the next century. One of the plan's objectives is to build broader acceptance from users, as well as preparers, educators, and auditors, for the accounting standard-setting process and the resultant accounting standards. Another objective of the strategic plan is to make standard setting more timely and efficient. This plan is part of FASB's recognition of the need for improvement in the effectiveness and efficiency in achieving its mission to establish and improve standards of financial accounting and reporting. The SEC can play an important role in working with FASB to address questions that have been raised about the efficiency of FASB's operations. It is essential that any changes made to improve the efficiency of FASB's operations do not adversely affect its independence as a standard setter since independence is critical to achieving acceptance of the standard-setting process. THE NEED FOR A COMPREHENSIVE REPORTING MODEL AND EXPANDED ASSURANCE SERVICES -------------------------------------------------------- Chapter 0:4.5 Audited historical cost-based financial statements are important to our financial markets and are a valuable component of our economy. Over the years, the accounting profession has issued many standards to improve disclosures of financial information and audits of those disclosures. However, the limitations of historical cost-based financial statements for making investment, credit, and other decisions are more widely appreciated and growing as technological advances have improved both the timeliness and accessibility of information and as business transactions have become more complex. Much of the information used today for business decisions is outside the traditional financial statements and therefore is unaudited. Present day accounting reflects conflicting concepts of historical cost and market valuation, concepts that do not recognize some important economic values, and lacks forward-looking information that is important to investors and other financial statement users. Analysts and other sophisticated investors who have the capability to interpret and supplement existing data may not have difficulty with the current mixed model of reporting. However, the usefulness of such reporting to the general public is less likely. By not requiring all financial instruments to be valued at market value, the current reporting model allows values to be placed on certain assets that do not reflect economic reality. The mixed model can facilitate earnings management and, in egregious cases, can facilitate manipulation of earnings and cover-up of business failures. Requiring extensive and burdensome disclosures to mitigate the concerns associated with such reporting is not an acceptable substitute for adequate accounting, and contributes to concerns over "disclosure overload." The current reporting model also lacks certain forward-looking information about opportunities and risks that is important to investors and other financial statement users. Soft assets are another example where the current reporting model does not provide information about important business assets. As a result, historical cost-based financial statements are not fully meeting users' needs. The use of nontraditional financial data in the investment and credit communities is raising important questions for the accounting profession with regard to the appropriate business reporting model and the role auditors should have in providing adequate assurances for information in a new expanded model. The prominent role of unaudited information in facilitating business decisions in today's economy also raises questions for the SEC and whether the basic audit requirements for financial statements that grew out of the economic conditions of the 1930s need to be revisited to better protect shareholders in a much different information world. Recent studies have identified the need for a more comprehensive reporting model that would include the traditional mixed attributes of historical cost and more current values, but also provide users with more timely and forward-looking information. There is also ongoing debate about the need for market value measurements of financial instruments and more expansive disclosures regarding the reporting entity's risks and uncertainties. The standard setters and the SEC are currently considering the recommendations of, and varying reactions to, these studies. FASB's current strategic plan includes an initiative to develop and enhance the financial reporting model as a tool for decision-making in a rapidly changing and technological environment. However, there are significant barriers to expanding business reporting, such as concerns over the cost of preparing and auditing expanded disclosures, disclosure overload, and litigation risk. The AICPA is performing an ongoing study of the role auditors should play in providing assurances on information not currently required in financial statements, given the changing business world and advances in information technology. Users are placing more importance on information, in making financial decisions, that is more subjective and difficult to value or determine its reasonableness, such as information on soft assets and risks and opportunities facing a business. Expanding financial statements or related disclosures to include such information will require professional auditing standards governing assurance on data that are not susceptible to traditional methods of verification. GAO believes it should be possible to accomplish reporting for this information without losing the historical cost data and basic auditability of financial statements that now exists. Historical cost data provide an important foundation for accountability and for audited financial statements with respect to fixed assets and other nonfinancial assets and liabilities and should continue to do so. The accounting profession will need to be more involved with auditing internal control systems if it is to provide timely assurances on information produced by computer systems and available to the markets. Although concerns over auditor independence may increase as auditors spend the necessary time with their clients in auditing systems, GAO believes that shifting the auditor/client relationship away from management and more toward the board of directors should help to alleviate independence concerns. The accounting profession must effectively resolve fundamental concerns in the key areas of independence and auditor responsibility for reporting on internal controls and fraud, as discussed previously, if it is to be successful in providing expanded assurance services. The accounting profession operates in a liability risk aversion mode that has been a barrier to offering services that increase auditor responsibility. The Private Securities Litigation Reform Act of 1995 that was supported by the accounting profession may help to reduce its concerns over possible litigation that could result from providing expanded services, such as reporting on internal controls and providing assurances on forward-looking information. However, it is too soon to tell what effect, if any, this act will have on the profession's willingness to provide expanded assurance services. It is not yet clear whether management will value expanded assurance services from auditors. However, expanded assurance services should not only be a function of management demand. Users' needs and the assurance that information affecting the functioning of our capital markets is reliable are also important. GAO believes it will take a concerted effort by the AICPA, FASB, the SEC, and other interested parties to achieve a comprehensive reporting model that meets the needs of today's financial statement users. How the accounting profession handles this issue will affect the nature and extent of its future role in providing business information to users. Absent strong leadership from the SEC, obstacles to implementing a comprehensive reporting model will be even more difficult to overcome. RECOMMENDATIONS ---------------------------------------------------------- Chapter 0:5 This report frames the major issues for the accounting profession and the SEC. It also provides observations to assist policymakers in deciding on specific actions to effectively and efficiently address these important issues. Although GAO is not making recommendations in this report, GAO believes the SEC, given its responsibilities under federal securities laws, is in a pivotal position to assume a leadership role in working with not only the accounting profession, but also the stock exchanges, public companies, and users of financial reporting to resolve these issues. ACCOUNTING PROFESSION AND SEC COMMENTS ---------------------------------------------------------- Chapter 0:6 The AICPA, the Public Oversight Board (POB), FASB, and the SEC Chief Accountant provided written comments on a draft of this report. The AICPA's comments incorporated comments from the Managing Partners of the six largest accounting firms (Big 6), the Auditing Standards Board, the AICPA Special Committee on Assurance Services, and the former AICPA Special Committee on Financial Reporting (Jenkins Committee). These comments are presented and evaluated in chapters 2 through 6 of the report and are reprinted in appendixes V through VIII of this report. (See GAO/AIMD-96-98A.) The accounting profession and the SEC Chief Accountant comments were complimentary of the comprehensiveness of GAO's study of the many recommendations to the accounting profession and the thoroughness of the analysis of the status of the recommendations and remaining major issues. Their comments also expressed general agreement with GAO's observations on the importance of the unresolved issues to the future of the accounting profession and improved financial reporting. The AICPA, the POB, and the SEC Chief Accountant provided comments on auditor independence. They agreed with GAO's support of the POB's suggestion of bringing the independent auditor more into a direct working relationship with the board of directors and emphasizing the role of the independent audit committee as an overseer of the company's financial reporting process, as a buffer between management and the auditor, and as a representative of user interest. Their comments reflect a willingness to work toward that result. They also provided comments on the unresolved issue of the auditor's responsibility for reporting on the effectiveness of internal controls. The AICPA also commented on the issue of the auditor's responsibility for detecting and reporting material fraud. The AICPA and the POB supported management and auditors' reports on internal controls to obtain assurance on the effectiveness of internal controls and to improve investor confidence in the reliability of the financial reporting process. The SEC Chief Accountant recognized the benefits of such reporting, but believed the SEC's current focus on providing investors with more information on market risk related to derivatives financial instruments may be a more appropriate priority for the SEC at this time. The AICPA commented that its proposed auditing standard will provide the auditor with more specific guidance to detect fraud. GAO believes that SEC leadership is necessary to achieve reporting on the effectiveness of internal controls by management and independent auditors. Such reporting would greatly enhance the auditor's ability to prevent and detect material fraud. Although GAO supports the AICPA's efforts to provide the auditor with increased guidance to detect fraud, GAO believes that the auditor would be more effective in this role if the effectiveness of internal controls were also assessed. GAO also believes that the auditor/client relationship places the accounting profession in a difficult position in achieving reporting on internal controls and that the SEC is in a key position to provide the leadership and support to achieve the changes needed to resolve these major issues. The AICPA and the POB commented on the accounting profession's efforts to improve audit quality through the peer review program and stated they will continue to seek ways to strengthen audit quality. Although GAO found that program statistics show that peer review has improved audit quality, GAO identified some audit documentation and reporting deficiencies. The AICPA commented that it is considering additional steps to improve these areas of the audit. FASB, the AICPA, and the SEC Chief Accountant provided comments on various issues of accounting and auditing standard setting. FASB agreed with many of GAO's criticisms of the current financial reporting model, but commented that adopting fair value accounting for all financial instruments would not resolve all major issues, including reducing controversy and timeliness, and would raise challenging issues. However, FASB stated that it is studying this issue again. GAO agrees that adopting fair value accounting for all financial instruments raises difficult accounting issues. GAO believes that the benefit of having more current values recognized in the financial statements outweighs the effort necessary to successfully resolve remaining issues. The SEC Chief Accountant commented on another aspect of the current financial reporting model: the recognition of soft assets in financial statements. He commented on the importance of these assets to investment decision-making, but noted that it was currently difficult to arrive at a consensus on how such information should be presented. GAO agrees with the SEC Chief Accountant that additional research would be beneficial. GAO believes that the SEC should work with FASB to ensure the adequacy of such research and to develop specific plans to appropriately consider how information on soft assets can best be reported. On the related issue of the need for a comprehensive reporting model, FASB noted that its project to obtain additional views on the Jenkins Committee recommendations suggested that not all users agreed with the specific findings. GAO believes such comments are consistent with the findings of the Jenkins Committee and the 1993 report of the Association for Investment Management and Research. The findings of both major studies supported the need for a comprehensive reporting model, but found disagreement on certain specific components. Reasons for opposition to certain recommendations include cost, competitive disadvantage, and liability concerns. GAO's report points out that FASB should not be expected to resolve these issues by itself. A concerted effort by all the major players, including strong SEC leadership, is needed to achieve a comprehensive reporting model that is relevant to today's financial statement users. Although FASB's comments indicate general support for FASAC, the SEC Chief Accountant agreed with GAO's observation that FASAC is not working as effectively as it could and that he would support a reconsideration of FASAC's membership criteria. The SEC Chief Accountant also agreed with GAO's observation that opportunity exists in setting auditing standards to better meet the public interest by having more Auditing Standards Board members who are knowledgeable of standards but are not public practioners. The SEC Chief Accountant also commented that GAO's discussion of the SEC's relationship with the standard-setting bodies implied that there has been a transfer of official statutory responsibility to FASB and that SEC oversight has been sporadic. He stated that this is not the case and provided examples of how the SEC works with the standard setters. GAO's report recognizes that the SEC has statutory responsibility for administering and enforcing the federal securities laws, but, in practice, has looked to the private sector to set accounting and auditing standards and has overseen that process and the resulting standards. GAO believes that the SEC has not always strongly asserted leadership in its relationship with the standard setters and that more progress could be achieved in resolving major issues facing the standard setters if that were to occur. The SEC's recent action resulting in restructuring FAF is a prime example of progress achieved through SEC leadership. The AICPA and the SEC Chief Accountant provided comments on the role of the auditor in providing expanded assurance services. The AICPA commented that its Special Committee on Assurance Services will report in October 1996 and that its findings suggest an evolution in the way the accounting profession will service the public in the future. The SEC Chief Accountant agreed with GAO's findings regarding the need to resolve concerns over auditor independence if the accounting profession is to be successful in providing expanded assurance services. His comments and those of the AICPA and the POB also show the importance of resolving the issues of internal control reporting and detecting fraud, as discussed in GAO's report, if the accounting profession is to be successful in providing expanded assurance services. INTRODUCTION ============================================================ Chapter 1 Full, fair, and accurate disclosure of financial information by public companies is critical to the effective functioning of the capital and credit markets in the United States. Individuals and enterprises use financial information to allocate capital among companies, a process that when done efficiently, fuels economic growth. Both the independent auditor and the Securities and Exchange Commission (SEC) play major roles in ensuring that public companies meet their financial reporting responsibilities. Over the past two decades, business failures in combination with public expectations of auditors, large government bailouts, advances in information technology, the complexity of business transactions, and other forces have raised concerns about the effectiveness of the independent audit of public companies and the relevance, reliability, and usefulness of financial reporting. These concerns, coupled with a significant amount of litigation against accounting firms, prompted many studies of auditing and financial reporting. In total, the studies proposed hundreds of recommendations, principally to the accounting profession to improve auditing and financial reporting. Pursuant to the request of the Ranking Minority Member, House Committee on Commerce, we undertook a review of the progress to address the recommendations made in the studies and to identify any major issues that continue to confront the accounting profession. PARTICIPANTS IN THE FINANCIAL REPORTING PROCESS ---------------------------------------------------------- Chapter 1:1 Federal securities laws and regulations require publicly owned companies to disclose financial information in a manner that accurately depicts the results of company activities. Financial statements, which disclose a company's financial position, results of operations, and cash flows, are an essential component of the disclosure system on which the U.S. securities market is based. Public companies are responsible for the preparation and content of financial statements that are complete, accurate, and presented in accordance with generally accepted accounting principles (GAAP). The independent public accountant plays an important role through the audit process. Other entities, most notably the SEC and the stock exchanges, as well as other regulatory agencies and organizations, also play important roles in the financial reporting process. Company management must set the appropriate tone and establish the overall control environment in which it prepares financial reports. In addition, public companies registered with the SEC must maintain an adequate system of internal accounting control. The Securities Exchange Act of 1934, as amended by the Foreign Corrupt Practices Act of 1977, requires these controls to ensure that among other things, transactions are recorded as necessary to permit preparation of statements in accordance with applicable standards. The public accountant's audit is an important element in the financial reporting process because the audit subjects financial statements, which are management's responsibility, to scrutiny on behalf of shareholders and creditors to whom management is accountable. The auditor is the independent link between management and those who rely on the financial statements. In that role, the auditor evaluates the judgments made by management in applying standards for the presentation of financial information. In the United States, there are over 1,000 public accounting firms that audit publicly owned companies. Six large accounting firms, which collectively employ over 91,000 professionals,\1 audit over 78 percent of the roughly 16,000 publicly owned companies that control a large proportion of the nation's economic wealth. Accounting firms also perform other accounting related services, such as tax services, and provide a wide array of nonaccounting and nonauditing services, such as management advisory or consulting services. The SEC, through its responsibilities for administering and enforcing the federal securities laws, is the primary federal agency involved in accounting and auditing requirements for publicly traded companies. The SEC traditionally has delegated much of its responsibility for setting standards for financial reporting and independent audits under the securities laws to the private sector. Accordingly, the SEC has accepted rules promulgated by the Financial Accounting Standards Board (FASB)--GAAP--as the primary standard for preparation of financial statements. The SEC has accepted rules promulgated by the American Institute of Certified Public Accountants' (AICPA) Auditing Standards Board--generally accepted auditing standards (GAAS)--as the standard for independent audits. The SEC also reviews and comments on registrant filings and issues interpretive guidance and staff accounting bulletins on accounting and auditing matters. The SEC exercises oversight in the standard-setting processes of both FASB and the AICPA. The SEC's staff participates in meetings and on task forces with the FASB and AICPA staff, monitors the development of new standards, and carries on a continuing discussion with FASB and the AICPA on the implementation and interpretation of the standards. The stock exchanges, which are self-regulatory organizations under SEC authority, establish accounting and auditing regulations for listed companies. The major exchanges require listed companies to prepare and publish annual reports containing financial statements that have been prepared in accordance with GAAP and audited by independent public accountants. Financial institution regulators, such as the Office of the Comptroller of the Currency, the Federal Deposit Insurance Corporation, the Federal Reserve Board, and the Office of Thrift Supervision, administer portions of the federal securities laws applicable to the entities under their jurisdiction. -------------------- \1 Public Accounting Report, May 31, 1996, based on a 1996 survey of national accounting firms. LONG-STANDING ISSUES AFFECTING THE FINANCIAL REPORTING PROCESS AND THE ACCOUNTING PROFESSION ---------------------------------------------------------- Chapter 1:2 For over 60 years, since the Great Depression and the origin of the securities acts in the 1930s, the public accounting profession, through its independent audit function, has played an important role in enhancing a financial reporting process that facilitates the effective functioning of our capital markets as well as international markets. The public confidence in the reliability of issuers' financial statements that is provided by the performance of independent audits encourages investment in securities issued by public companies. This sense of confidence depends on reasonable investors perceiving auditors as independent professionals who have neither mutual nor conflicting interests with their audit clients. Accordingly, investors and other users of financial statements expect auditors to bring to the financial reporting process technical competence, integrity, independence, and objectivity, and to prevent the issuance of misleading financial statements. During the 1970s, serious questions were raised concerning the activities and accountability of publicly owned companies and whether auditors were living up to the expectations of the investing public. These questions arose in large part from a series of unexpected failures of large companies as well as disclosures of questionable and illegal payments made to foreign officials. Such events threatened the public's confidence in the integrity of the nation's financial reporting system, including the value of financial reporting and the effectiveness of the independent audit function, and led the Congress and others to review the role of the SEC and the auditor in the financial reporting process. In 1975, the staff of the Subcommittee on Reports, Accounting, and Management, Senate Committee on Government Operations (Metcalf Subcommittee), began a study of the federal government's role in establishing accounting practices used by publicly owned companies in financial reporting.\2 The staff made several recommendations to the Congress. In 1977, the Metcalf Subcommittee held a series of hearings that included the findings of the staff's study on the role of the federal government in ensuring the accuracy of corporate financial reports of listed companies. Witnesses at the hearings included representatives from the Congress, academia, public accounting firms, public interest groups, and the SEC. Many of the issues discussed at those hearings-- auditor independence, the role of audit committees, the auditor's role in detecting fraud, and questions about self-regulation--continue to confront the accounting profession and are discussed in this report. In December 1977, as a result of revelations that falsification of records and improper accounting allowed corporations to make millions of dollars in questionable or illegal payments, the Congress enacted the Foreign Corrupt Practices Act. The accounting provisions of the act require SEC registrants to maintain a system of internal accounting controls sufficient to provide a reasonable assurance that transactions are executed consistent with management authorization and are recorded to permit preparation of financial statements in conformity with generally accepted accounting principles. In the 1980s, continued business failures, particularly those involving financial institutions, led to a series of congressional hearings on auditing and financial reporting under the federal securities laws.\3 Litigation emanating from these failures against auditors, along with allegations made in 1992 and again in 1994 by the SEC Chief Accountant concerning auditor independence, prompted renewed scrutiny of the public accounting profession. In addition, the increasingly pervasive use of information technology and the changing business world are posing a serious challenge for the standard setters and independent auditors regarding the usefulness of audited historical cost-based financial statements. The profession has responded to these concerns and challenges by identifying steps to improve the value of financial information and the public's confidence in the financial reporting process. Also, the profession is currently considering additional audit services to respond to the changing needs of users and better serve the public interest. -------------------- \2 The Accounting Establishment, Staff Study prepared by the Subcommittee on Reports, Accounting, and Management of the Committee on Government Operations, United States Senate (ordered to be printed March 31, 1977). \3 Hearings by the Subcommittee on Oversight and Investigations, House Committee on Energy and Commerce, beginning in February 1985. AUDITORS' LIABILITY ------------------------------------------------------ Chapter 1:2.0.1 The recessions of the early 1980s and 1990s resulted in an increase in both the number and size of corporate and financial institution failures in the United States. These failures have led to a number of lawsuits by those who suffered losses against companies, auditors, and other professionals. Many of these lawsuits have resulted in multimillion dollar judgments against accounting firms and a number of very substantial settlements. The accounting profession believes that the current legal liability climate is threatening its viability. The accounting profession claims that the threat of unwarranted and excessive liability is not only having a detrimental financial impact on the profession, but is also affecting the profession's ability to adequately serve and protect the public interest. For example, large accounting firms claim they have found it more expensive and harder to obtain liability insurance, and are experiencing difficulty in attracting and retaining qualified professionals. In addition, accounting firms have asserted they have limited the availability of audit services, particularly for high-risk clients and even entire industries such as high-technology companies. Also, firms are reluctant to assume new responsibilities in such areas as providing assurances on internal controls, disclosure of certain risks and uncertainties, or forward-looking financial data. For these reasons, in addition to taking actions to improve auditor independence and auditor performance, the profession has actively supported legislative efforts at the federal and state level to reduce its liability exposure. In December 1995, the Congress enacted the Private Securities Litigation Reform Act of 1995\4 (the Act), which contains some provisions that were supported by the accounting profession. For example, the Act changes the standard for assessing damages in cases brought by private parties for violation of the Securities Exchange Act of 1934. Previously, each defendant found to have committed a violation of the Securities Exchange Act of 1934 was liable for the plaintiff's entire loss, jointly and severally with each other defendant, irrespective of relative fault. The Act adds a system of proportionate liability. As a result of the Act, persons against whom a judgment is entered for violating the Securities Exchange Act of 1934 are jointly and severally liable for damages if they "knowingly" commit the violation; persons against whom a judgment is entered who did not knowingly commit the violation are liable only for that portion of the judgment that corresponds to their percentage of responsibility for the violation.\5 The Act also provides a "safe harbor" protecting certain forward-looking statements from liability in private actions under the Securities Act of 1933 and the Securities Exchange Act of 1934.\6 Forward-looking statements protected from liability under the Act generally are written or oral statements that project, estimate, or describe future events that are accompanied by notice that the information is forward-looking and by meaningful cautionary statements that actual results may materially differ from such statements. The Act contains a number of specific exclusions from safe harbor. For example, forward-looking statements included in financial statements prepared in accordance with GAAP or made in connection with an initial public offering are excluded from safe harbor.\7 The Act also requires independent auditors of financial statements to include procedures designed to provide reasonable assurance of detecting material illegal acts, identify material related party transactions, and evaluate the ability of the entity to continue as a going concern.\8 In addition, the Act requires independent auditors to report to the company's management when the auditor determines that an illegal act likely has occurred and describes circumstances where the auditor must report illegal acts directly to the company's board of directors and the SEC.\9 The Act protects the auditor from liability in any private action for any finding, conclusion, or statement about an illegal act made in a required report to the SEC. -------------------- \4 This act amended sections of the Securities Act of 1933 and the Securities Exchange Act of 1934. \5 Private Securities Litigation Reform Act of 1995, Section 201. The Act defines when a person knowingly commits a violation and addresses how to determine responsibility for persons whose violation was not knowingly committed. A defendant also may be required to pay an additional amount if the share payable by another defendant is uncollectible. \6 Private Securities Litigation Reform Act of 1995, Section 102. \7 Refer to Section 102 of the Act for other types of forward-looking information that are excluded from safe harbor. \8 Private Securities Litigation Reform Act of 1995, Section 301. Independent auditors are also required to perform such procedures under GAAS. \9 Private Securities Litigation Reform Act of 1995, Section 301. MANY GROUPS HAVE ADDRESSED THE ISSUES ---------------------------------------------------------- Chapter 1:3 The accounting profession and other groups, in response to congressional investigations and their own initiatives, established a number of special study groups and task forces to address issues relating to financial reporting and auditing. For purposes of this review, we have summarized the concerns, recommendations, and actions taken on five significant issues that have been repeatedly identified over the past two decades by the major studies of the accounting profession. These are (1) auditor independence and the role of audit committees in strengthening corporate governance, (2) the role and responsibilities of auditors, particularly in detecting and reporting fraud and assessing the effectiveness of and reporting on internal controls, (3) the quality of auditor performance and the accounting profession's self-regulatory mechanisms, (4) the accounting and auditing standard-setting processes, including the adequacy, quality, and timeliness of the standards, and the adequacy, relevancy, and usefulness of financial reporting, and (5) the role of the auditor in the further enhancement of financial reporting. The following table provides a timeline of the major issues debated over the past two decades and identifies the study groups that addressed these issues. Appendixes I and II to this report (contained in GAO/AIMD-96-98A), identify the major studies, provide information on the study groups, and list specific recommendations made by the study groups and related actions taken by the accounting profession and others. The study groups' recommendations and actions taken to address the recommendations are organized in appendix II by the major issues listed in the table. The status of those major issues and our observations are discussed as follows: chapter 2, auditor independence; chapter 3, audit quality relating to the auditors' responsibilities for fraud and internal controls; chapter 4, audit quality relating to auditor performance; chapter 5, setting accounting and auditing standards; and chapter 6, expanded reporting and auditor services. Table 1.1 Timeline of Major Issues Debated Over the Past Two Decades Issue 1972-1976 1977-1981 1982-1986 1987-1991 1992-1995 ----------- ----------- ----------- ----------- ----------- --------------- Auditor Moss Metcalf Anderson Treadway POB independenc Subcommitte Subcommitte Committee Commission e e e AICPA Board of Big 7 GAO Directors Cohen Commission GAO POB Kirk Panel Audit AICPA Metcalf Price Treadway GAO quality Special Subcommitte Waterhouse Commission (includes Committee e POB auditor's on Equity Anderson GAO role, Funding Cohen Committee AICPA Board of responsibil Commission Directors ities, and Moss Big 7 performance Subcommitte Kirk Panel ) e GAO Setting Wheat Metcalf FAF AICPA Task POB accounting Committee Subcommitte Force on standards e Big 7 Risks and GAO Trueblood Uncertainti Committee FAF es Kirk Panel Moss Cohen FAF Jenkins Subcommitte Commission Committee e GAO Setting Moss Metcalf Big 7 Treadway POB auditing Subcommitte Subcommitte Commission standards e e Cohen Commission Oliphant Committee Expanded Trueblood Metcalf Big 7 AICPA Task POB reporting Committee Subcommitte Force on and auditor e GAO Risks and AICPA Board of services Moss Uncertainti Directors Subcommitte Cohen Price es e Commission Waterhouse AIMR Treadway Commission GAO GAO Kirk Panel Jenkins Committee -------------------------------------------------------------------------------- OBJECTIVES, SCOPE, AND METHODOLOGY ---------------------------------------------------------- Chapter 1:4 Our objectives were to -- identify recommendations made from 1972 through 1995, and actions taken, to improve accounting and auditing standards and the performance of independent audits of publicly owned companies required by federal securities laws and -- identify any unresolved issues and determine their impact on the performance of independent auditors, effective accounting and auditing standards setting, and efforts to expand the scope of business reporting and audit services. To identify recommendations made and actions taken to improve accounting and auditing standards and the performance of independent audits under federal securities laws, we reviewed the many reports, studies, hearing records, and articles published from 1972 through early 1996 on accounting, auditing, and financial reporting pertaining to public companies (companies registered with the SEC). Appendix I lists the reports and studies we reviewed. We also consulted with experts on the subject of accounting and auditing. Appendix IV identifies the individuals that we consulted. Our review identified five major issues concerning accounting and auditing of public companies and related financial reporting and over 500 recommendations to address those issues. The recommendations were addressed to various parties--public companies; the SEC and other federal entities; independent accountants and auditors; the AICPA, FASB, and other accounting organizations; and educators. The AICPA, FASB, and the SEC provided us information on the actions taken in response to the recommendations. The major recommendations from 1972 through 1995 and actions taken are detailed in appendix II. We did not verify the accuracy of the responses from the AICPA, FASB, or the SEC, nor did we analyze the appropriateness of each action taken. Instead, we considered the actions taken as a whole in evaluating the progress made toward resolving the five major issues. To identify any unresolved issues and determine their impact on the performance of auditors of public companies, we concentrated our efforts on the accounting profession's self-regulatory mechanisms. We reviewed annual reports issued by the AICPA's SEC Practice Section to obtain historical information on the results of the profession's peer review program, including data on the number of failed audits identified and the types of opinions rendered on reviewed firms' quality control processes. We used a data collection instrument to obtain and analyze data on the 724 peer reviews--of public accounting firms that audit SEC registrants--performed by the SEC Practice Section during the period 1992 to 1994. We also interviewed SEC officials concerning SEC oversight of independent auditors of public companies. We obtained and analyzed SEC Accounting and Auditing Enforcement Releases issued from 1982 through March 1995 that pertained to audit quality. In addition, we identified changes and improvements in professional standards, audit guidance, and education requirements. We also studied the involvement of audit committees in corporate governance. Our work generally encompassed determining the extent to which the companies in our population (1) reported publicly on their internal controls and (2) maintained independent, knowledgeable audit committees that acted to help assure the independence of their company's independent public accountant. Our methodology consisted of statistically selecting a sample of 313 public companies from the 1992 Fortune Industrial 500 and 1992 Fortune Service 500 companies. Using a data collection instrument, we analyzed the fiscal year 1992 annual reports of all 313 companies in our sample to determine the extent to which these companies reported publicly on their internal controls. We also surveyed the audit committee chairpersons of 310 companies (3 companies declined to participate in our survey) in our sample to obtain information about the companies' audit committees.\10 In addition, we reviewed 134 audit committee charters submitted by the chairpersons who responded to our survey. To identify any unresolved issues and determine their impact on the accounting and auditing standard-setting processes and the usefulness of financial reporting and auditing, we conducted detailed interviews with many experts and organizations both in the public accounting profession and the community of users of financial information. These interviews involved the SEC Chief Accountant and his staff; the President and Executive Vice President of the Financial Accounting Foundation; members, former members, and staff of FASB; the Chairman of the Financial Accounting Standards Advisory Council (FASAC); members of the AICPA's Board of Directors; members and staff of the AICPA's Accounting Standards Executive Committee; members of the AICPA's Auditing Standards Board; staff members of the AICPA's Division of Professional Services; the Director of the AICPA's Public Oversight Board (POB); a member of an AICPA Industry Committee; and a member of the AICPA's Financial Reporting Coordinating Committee. We also conducted interviews with representatives of the Association for Investment Management and Research, Standard & Poor's, Moody's Investors Service, the Institute of Management Accountants, the American Accounting Association, the American Bar Association, the Securities Industry Association, the American Association of Individual Investors, Robert Morris Associates, the Financial Executives Institute, and the Business Roundtable. The individuals of these organizations that we interviewed are listed in appendix IV. Appendix IV also lists the members of an advisory panel we formed to consult with in planning and conducting the study, and a consultant who also provided advice. We also drew upon the experience of senior GAO staff who served as members of the AICPA Special Committee on Assurance Services and the FASAC. We also reviewed documents, articles, and reports obtained primarily from various groups listed above to corroborate information from our interviews and to enhance our understanding of the major issues. We conducted our review between February 1995 and May 1996, in accordance with generally accepted government auditing standards. We provided a draft of the report to the AICPA, who obtained input from the POB,\11 the Auditing Standards Board, the managing partners of the Big 6 accounting firms that are members of the SEC Practice Section, and the AICPA's Special Committee on Assurance Services and its former Special Committee on Financial Reporting; FASB; and the SEC. Their comments are included in appendixes V through VIII and are evaluated as appropriate at the end of chapters 2 through 6. -------------------- \10 Of the 307 audit committee chairpersons who participated in our survey, 236 responded to our questionnaire. We examined the characteristics of the 71 nonresponding audit committee chairpersons and concluded they were similar to the respondents. \11 The POB oversees the profession's peer review program for AICPA member firms that audit companies registered with the SEC. The POB provided us its comments in a separate letter. AUDITOR INDEPENDENCE ============================================================ Chapter 2 The auditor must be independent in both fact and appearance so that the results of the auditor's examination are perceived to be fair and impartial. Concern over auditor independence is a long-standing and continuing problem for the accounting profession, the business and financial community that it serves, and public shareholders of companies. Over the past two decades, several study groups have addressed this issue.\1 The accounting profession and the SEC have taken various actions to enhance both the real and perceived independence of auditors, such as establishing auditing standards governing the auditors' relationship with audit committees and ethics rules concerning professional conduct, and limiting certain nonaudit services. These groups have also established disclosure requirements and performance and reporting standards to discourage companies from using the threat of changing auditors--opinion shopping--to gain approval of questionable accounting practices. Despite these actions, recent events and actions by the SEC and the accounting profession indicate continuing concerns over auditor independence, particularly with the auditor/client relationship, the profession's scope of services, and in instances where auditors are perceived to be advocating accounting positions on behalf of their clients. -------------------- \1 Refer to table II.1, appendix II (GAO/AIMD-96-98A) for the recommendations made by various study groups to strengthen auditor independence. INITIATIVES TO STRENGTHEN AUDITOR INDEPENDENCE IN THE 1970S AND 1980S ---------------------------------------------------------- Chapter 2:1 The independent audit fills an essential role for the investing public and creditors by giving assurance as to the reliability of financial statements. Users of financial statements must perceive auditors as independent professionals who exercise objective and impartial judgment on all issues brought to their attention. This perception is aided when users also perceive that auditors have neither mutual nor conflicting interests with their audit clients. The concept of actual and perceived independence was described by a former AICPA chief staff officer as follows: "Independence is an abstract concept, and it is difficult to define either generally or in its peculiar application to the certified public accountant. Essentially, it is a state of mind. It is partly synonymous with honesty, integrity, courage, character. It means, in simplest terms, that the certified public accountant will tell the truth as he sees it and will permit no influence, financial or sentimental, to turn him from that course."\2 Events such as the debates in the early 1930s concerning the enactment of the federal securities laws, several cases involving independent accountants,\3 and SEC regulations and enforcement actions have addressed auditor independence issues, including the profession's performance of nonaudit services, its professional conduct, and its relationship with the client versus its obligation to the public. These events raised questions concerning the importance of independence, how independence can best be maintained, and what actions detract from independence. The importance of auditor independence is recognized in securities laws, by the Supreme Court, and in auditing and professional standards. For example, federal securities laws require that financial statements filed with the SEC be certified by independent public accountants. Also, the SEC, under its authority to issue rules and regulations to implement various statutory requirements, has defined situations where an auditor would not be considered independent for an audit of financial statements. The U.S. Supreme Court, in United States v. Arthur Young & Co.,\4 emphasized the public responsibility entrusted to the independent public accountant and the auditor's need to maintain an independent attitude. The Supreme Court stated that "The independent public accountant... owes ultimate allegiance to the corporation's creditors and stockholders, as well as to the investing public. This "public watchdog" function demands that the accountant maintain total independence from the client at all times and requires complete fidelity to the public trust...." Auditing and professional standards address independence and require that the audit organization and the auditor be independent in fact and in appearance. These standards place responsibility on the auditor and the audit organization to maintain independence so that opinions, conclusions, judgments, and recommendations will be impartial and will be viewed as impartial by knowledgeable third parties. -------------------- \2 John L. Carey, Professional Ethics of Public Accounting, AICPA, 1947. \3 For example, cases such as In the Matter of Cornucopia Gold Mines (1936); In the Matter of McKesson & Robbins (1940); and In the Matter of A. Hollander & Son, Inc. (1941) discuss auditor independence. \4 United States v. Arthur Young & Co., 465 U.S. 805, 817-818 (1984). AUDIT COMMITTEES -------------------------------------------------------- Chapter 2:1.1 A number of study groups have concluded that independent audit committees can play an important role in enhancing the public's perception of the independence and objectivity of auditors. For example, the Subcommittee on Oversight and Investigations, House Committee on Interstate and Foreign Commerce (Moss Subcommittee);\5 Metcalf Subcommittee;\6 the Commission on Auditors' Responsibilities (Cohen Commission);\7 the National Commission on Fraudulent Financial Reporting (Treadway Commission);\8 and GAO\9 all recommended that public companies should be required to have independent audit committees responsible for overseeing the financial reporting process and assisting the auditor in maintaining independence. The Treadway Commission also recommended that the SEC require all public companies to include in their annual reports to stockholders a letter signed by the chairman of the audit committee describing the committee's responsibilities and activities during the year. Proposals submitted to the AICPA Board of Directors by the heads of seven major accounting firms,\10 referred to as the "Big 7" throughout this report, included a recommendation to require auditors to communicate regularly with the audit committee or, absent an audit committee, with the entire board of directors on such matters as consultation with other auditors, business and other risks facing the company, large and unusual transactions, and other situations where alternative GAAP could materially affect the financial statements. Federal and state laws governing public corporations generally do not require audit committees.\11 In addition, the SEC does not require public companies to establish independent audit committees. While the SEC encourages audit committees, it believes that the stock exchanges' experience places them in a better position to exercise flexibility in the formulation and implementation of audit committee standards. Accordingly, the SEC has worked with the stock exchanges and the National Association of Securities Dealers, Inc. to encourage listed companies to have audit committees. Today, the largest U.S. securities markets require listed companies to have audit committees with at least a majority of independent directors. Based on our sample results of audit committee chairpersons of Fortune 1,000 publicly traded companies, we estimate that at least 90 percent of the companies required an independent audit committee as a matter of company policy. The survey also showed that audit committee duties and responsibilities are not consistently defined in their charters. For example, the 134 audit committee charters submitted by respondents varied greatly in specifically stating what was required in working with management and the independent public accountant. As previously mentioned, in 1991, the Congress enacted FDICIA which requires, among other things, independent audit committees for large banks and thrifts. FDICIA defined the audit committee's responsibilities in certain key areas, such as the committee's role in working with management and the independent auditor in the areas of financial audit, internal controls, and compliance with laws and regulations. FDICIA also established certain qualifications for audit committees of the largest banks and thrifts. FDICIA was a major step forward in using the audit committee to aid auditor independence and improve corporate governance. However, it was limited to only large banks and thrifts. The Treadway Commission made a recommendation for public companies to include a letter in their annual reports signed by the audit committee chairman, discussing the audit committee's responsibilities and activities during the year. However, because SEC regulations require certain companies that solicit proxies to disclose information concerning audit committees' members, functions, and numbers of meetings, the SEC reasoned that information in the proposed audit committee letter would duplicate existing proxy statement disclosure, and would not provide investors with significant additional information. The Treadway report acknowledged that certain features of the audit committee letter would duplicate existing proxy disclosure but felt that a letter from the audit committee might lead to better disclosures than now provided in proxy statements. Statement on Auditing Standards (SAS) No. 61, Communications With Audit Committees, issued by the Auditing Standards Board (ASB) in April 1988, requires the auditor to determine that the audit committee, or others formally designated as having oversight for the financial reporting process, is adequately informed of matters, such as disagreements with management, consultations with other accountants, and difficulties encountered in performing the audit such as unreasonable delays by management or unavailability of client personnel. In addition, the auditor is required to report "reportable conditions," which are deficiencies that could adversely affect the company's ability to produce reliable financial statements, to the audit committee. Further, the Private Securities Litigation Reform Act of 1995, Section 301, requires that independent public accountants, under certain circumstances, report illegal acts detected during the audit to management and the audit committee. -------------------- \5 Federal Regulation and Regulatory Reform, Report by the Subcommittee on Oversight and Investigations of the House Committee on Interstate and Foreign Commerce, October 1976. \6 Improving the Accountability of Publicly Owned Corporations and Their Auditors, Report of the Subcommittee on Reports, Accounting, and Management of the Senate Committee on Governmental Affairs, November 1977. \7 The Commission on Auditors' Responsibilities: Report, Conclusions and Recommendations, AICPA, 1978. \8 Report of the National Commission on Fraudulent Financial Reporting, October 1987. \9 CPA Audit Quality: Status of Actions Taken To Improve Auditing and Financial Reporting of Public Companies (GAO/AFMD-89-38, March 6, 1989). \10 The Future Relevance, Reliability, and Credibility of Financial Information, Recommendations to the AICPA Board of Directors by seven major accounting firms, April 1986. \11 The Federal Deposit Insurance Corporation Improvement Act of 1991 (FDICIA) requires audit committees for large banks and thrifts (institutions with $500 million or more in assets as defined by regulations issued by the Federal Deposit Insurance Corporation). Also, as of 1994, Connecticut was the only state that required audit committees for large publicly held corporations. SCOPE OF SERVICES -------------------------------------------------------- Chapter 2:1.2 Over the past two decades, many observers of the auditing profession have expressed concern about the expanding scope of professional services provided by the public accounting profession. For example, the Metcalf Subcommittee in the mid-1970s raised questions concerning the propriety of performing both audit and nonaudit services for the same client.\12 The issue has also been raised by the media and at hearings in the mid-1980s before the House Subcommittee on Oversight and Investigations. The potential impact on the auditor/client relationship of accounting firms' performance of nonaudit services for their audit clients has also been addressed by several study groups including the Cohen Commission, the AICPA's Public Oversight Board (POB),\13 the Big 7, the AICPA's Special Committee on Standards of Professional Conduct for Certified Public Accountants (Anderson Committee),\14 and the Treadway Commission, and has also been addressed by the SEC. None of these studies reported any conclusive evidence of diminished audit quality or harm to the public interest, or any actual impairment of auditor independence, as a consequence of public accounting firms providing advisory or consulting services to their audit clients. However, several groups studying the issue commented that rendering some management advisory services to audit clients is perceived by some persons as creating a situation in which the auditor's independence could be impaired. For example, the Anderson Committee concluded in 1986 that if nonaudit services place auditors in a position where they are viewed as a part of management, they will lose their appearance of independence, or independence could be impaired when the results of a nonaudit engagement have a direct and material effect on the financial statements on which the auditor expresses an opinion. Similarly, the Cohen Commission concluded in 1978 that certain combinations of services can potentially create a conflict with the audit functions.\15 Some groups studying the issue, as well as the large public accounting firms, believed that consulting services could have a positive impact on audit quality in that these services enable the auditor to learn more about a company's operations. For example, the Cohen Commission concluded that providing management advisory services for an audit client may increase the auditor's understanding and knowledge and prove advantageous in conducting the audit. Similarly, the POB's 1979 report states that management advisory services can enhance a firm's ability to recruit quality professionals; enhance a firm's expertise and sophistication; and give auditors an opportunity to assist a company in improvement of its internal controls, which in turn serves to facilitate the audit by improving the underlying structure of what is audited. However, the study groups acknowledged that public confidence in the integrity of financial reporting can be eroded if there is a perception that performing management advisory services for audit clients compromises the auditor's independence. Proposals advanced by groups studying the issue of auditor services varied from limiting services to those directly related to accounting to having auditors make a conscious determination as to whether these additional services create or appear to create an impairment of independence and assessing whether these services are consistent with their role as professionals. In addition, the Cohen Commission recommended that the profession develop standards and guidance addressing providing advice on accounting principles. Recommendations were also made to require companies to disclose information on nonaudit services provided by their independent auditor and require audit committees to review management's plans for engaging the company's independent accountant to perform management advisory services during the coming year, considering both the types of services that may be rendered and the projected fees. In 1978, the SEC adopted a requirement that an auditor disclose each type of nonaudit service it provided, and in 1979, the SEC issued an interpretive release describing certain factors that independent accountants, audit committees, boards of directors, and management should consider in determining whether independent accountants should be engaged in nonaudit services. According to the SEC, the reaction to the SEC's disclosure requirement and interpretive release was "unexpectedly severe." In commenting on the release, accounting firms indicated that the disclosure requirements and interpretive release had resulted in a curtailment of nonaudit services. Based on further SEC study of the profession's nonaudit services and disclosure of such services in proxy statements and on the SEC's belief that it had achieved its objective in increasing the awareness of independence concerns over nonaudit services, the SEC rescinded the disclosure requirements and the interpretive release. The ASB issued SAS 50, Reports on the Application of Accounting Principles, in July 1986, which established performance and reporting standards to be used when an accountant provides reports, and in some cases oral advice, to nonaudit clients on the application of accounting principles. However, this standard does not fully satisfy the Cohen Commission's recommendation for standards concerning advice on accounting principles since SAS 50 does not apply to accountants who have been engaged to audit financial statements and, as part of that audit, may be asked by the client to provide advice on the application of accounting principles to specific transactions. The POB commissioned a study in 1986 that measured the perceptions of key members of the public about the accounting profession. The results of the survey suggested that a number of nonaudit services performed by certified public accountants (CPA), such as designing a computer system or performing actuarial services for a company's pension plan, are not generally perceived as impairing independence. The survey found that a general perception exists that performing certain services, such as identifying merger or acquisition candidates, carrying out searches for senior management personnel, valuing assets acquired in business combinations, and developing executive compensation plans can impair objectivity and independence. Also in 1986, the AICPA commissioned a survey to measure attitudes toward the accounting profession. As with the POB's survey, many nonaudit services offered by certified public accountants (CPA) were thought to be proper; however, the respondents viewed other services, such as appraisal, executive search, and packaging and selling tax shelters, as inappropriate services for CPAs to offer. The Code of Professional Conduct adopted by AICPA members in January 1988 includes a section on "Scope and Nature of Services," which requires members to use sound judgment in making decisions about offering nonaudit services and about activities that may be perceived as creating conflicts of interest. The CPA is also to assess whether an activity is consistent with the auditor's role as a professional and the auditor's commitment to the public interest. The AICPA also developed restrictions for its member accounting firms that audit SEC registrants on performing certain consulting services for SEC registrants. Those prohibited services include psychological testing, public opinion polls, merger and acquisition analysis for a finder's fee, and certain actuarial and executive recruitment services. In addition, AICPA member firms that audit SEC registrants are required to report annually to the audit committee or board of directors of each SEC audit client on the total fees received from the client for management consulting services and the types of such services rendered. The AICPA objected to the Treadway Commission's recommendation that audit committees review management's plans for engaging the company's independent public accountant to perform management advisory services. It stated that the appropriate role for the audit committee is one of oversight, not management, and it is not appropriate to require advance approval from an oversight body for each management advisory service. The AICPA also cited the possibility that management or audit committees might arbitrarily bar all types of management advisory services to avoid possible criticism. Finally, the AICPA was concerned that the recommendation could have a counter-productive, negative effect on the quality of independent audits by depriving the auditor of the broader base of knowledge that can be derived from performing nonaudit services.\16 -------------------- \12 The Accounting Establishment, Staff Study prepared by the Subcommittee on Reports, Accounting, and Management of the Senate Committee on Government Operations, U.S. Senate (ordered to be printed March 1977). \13 Scope of Services by CPA Firms, Report of the Public Oversight Board of the SEC Practice Section, Division for CPA Firms, AICPA, March 1979. \14 Restructuring Professional Standards to Achieve Professional Excellence in a Changing Environment, Report of the Special Committee on Standards of Professional Conduct for Certified Public Accountants, AICPA, April 1986. \15 The Cohen Commission's conclusion was based on its research of the Westec Case (Carpenter v. Hall, filed August 23, 1968, in Houston, Texas), in which it was alleged that the independent auditor's provision of accounting advice combined with the auditor's involvement in the company's merger and acquisition program reduced the auditor's ability to independently audit the resulting transactions. \16 Letter from the AICPA to the National Commission on Fraudulent Financial Reporting, July 20, 1987. CHANGING AUDITORS -------------------------------------------------------- Chapter 2:1.3 Another area of concern for the profession has been the impact of auditor changes and "opinion shopping" on auditor independence. Because of the potential abuse of changing auditors to gain approval of questionable accounting practices, the Cohen Commission, the Big 7, the Treadway Commission, and the AICPA have all made recommendations to improve disclosure when a company changes independent public accountants. In addition, the Big 7 proposals would require peer reviewers to scrutinize all engagements assumed since the last peer review where there was disclosure of a significant disagreement with the former accountant or where the former accountant resigned. Also, the Treadway Commission recommended that management advise the audit committee when it seeks a second opinion on a significant accounting issue. Since the early 1970s, the SEC has required disclosures to discourage the practice of changing auditors to obtain more favorable accounting treatment.\17 The required disclosures for SEC registrants for reporting a change in accountants are normally filed in a Form 8-K\18 which is available to the public and is required to be filed within 5 business days after the resignation, dismissal, or declination of the former accountant to stand for reelection, or the engagement of a new independent public accountant.\19 These required disclosures, which the SEC has expanded over the years, include whether the accountant resigned, declined to stand for reelection or was dismissed, and the date thereof; whether the former accountant qualified the audit report or disclaimed an opinion during the past 2 years; whether the change in accountants was approved by the audit committee or the board of directors; and whether in connection with the audits of the 2 most recent fiscal years (plus any subsequent interim period) there were any reportable events or disagreements concerning accounting, auditing, or financial disclosure issues, which, if not resolved, would have caused the auditor to refer to the issue in connection with its report.\20 Disclosure is also required for consultations with the newly-engaged accountant that occurred within approximately 2 years prior to engagement if those consultations (1) were or should have been subject to SAS 50\21 or (2) were the subject of a disagreement or reportable event with the former accountant. The predecessor accountant is required to state whether he or she agrees with the disclosures and, if not, the respects in which he or she does not agree. In this disclosure process, the successor accountant also has an opportunity to respond and clarify any disclosed information or provide new information. In addition, SAS 61, issued by the ASB in April 1988, may help to discourage opinion shopping since it requires auditors to communicate certain information to audit committees, including disagreements with management. In order to further deter the abuse of opinion shopping, in 1989, we recommended that auditors directly notify the SEC upon their resignation or termination. In making this recommendation, we stated that we believed that this direct notification can serve as an early warning to alert the SEC to possible problems that may have caused the company to change auditors. As of May 1989, the AICPA's SEC Practice Section required its members to send a letter to the SEC when a change in accountants occurs. Another action aimed at enhancing auditor independence is the SEC Practice Section's requirement that establishes a maximum term of generally 7 consecutive years over which an individual partner may serve a particular SEC-registrant client. -------------------- \17 SEC Accounting Series Release No. 165, "Notice of Amendments to Require Increased Disclosure of Relationships Between Registrants and Their Independent Public Accountants," December 20, 1974. \18 Rules promulgated pursuant to the Securities Exchange Act of 1934 require registrants to file a report (Form 8-K) if any of several events occur. Among those events is a change in the registrant's independent public accountant. \19 In March 1989, the SEC accelerated the timing for filing Forms 8-K related to changes in registrants' independent accountant from 15 calendar days to 5 business days. \20 Currently, item 304(a) of Regulation S-K contains the disclosure requirements concerning changes in a registrant's independent accountant. \21 SAS 50, which established performance and reporting standards to be used when accountants provide written reports (or oral advice in certain circumstances) to nonaudit clients on the application of accounting principles, is intended to discourage the potential abuse of opinion shopping. INDEPENDENCE CONCERNS CONTINUE INTO THE 1990S ---------------------------------------------------------- Chapter 2:2 Even though basic rules to guide the public accountant in achieving and maintaining independence exist and the accounting profession and others have taken actions to help ensure auditor independence, auditor independence continues to be an area of concern for the profession and the users of financial statements. This was evidenced most recently by a 1993 congressional request for the SEC to study the importance of, and any impediments to, the independence of public accountants in performing their responsibilities under the federal securities laws.\22 In addition, a 1993 report by the POB\23 and speeches made by the SEC Chief Accountant in 1992 and 1994, discuss concerns regarding situations in which accounting firms condoned or advocated their clients' positions in financial reporting matters. In response to these continuing concerns, the POB appointed an advisory panel on auditor independence (Kirk Panel) to study whether additional steps were needed to better assure the independence of auditors. Both the SEC and the Kirk Panel\24 concluded that the combination of the extensive systems of independence requirements issued by the SEC and the AICPA, coupled with the SEC's active enforcement program, provides investors reasonable safeguards against loss due to conduct of audits by accountants who lack independence from their audit clients. Therefore, both agreed that the enactment of detailed legislation or the promulgation of additional rules governing independence was not necessary. However, the POB and the Kirk Panel, in 1993 and 1994, respectively, warned that while much has been done to enhance auditors' integrity, objectivity, and independence, fundamental developments, such as skepticism about auditor performance in areas such as fraud detection, could result in a loss of confidence in the audit function and over time undermine the value of the independent role of the profession in the private sector. As recognized before by several groups, the POB and the Kirk Panel also believed that a more interactive role by corporate boards of directors and audit committees with the independent auditor would lead to more effective corporate governance and more credible financial reporting. -------------------- \22 Staff Report on Auditor Independence, prepared by the SEC's Office of the Chief Accountant in March 1994, responds to a request by the Chairman of the Subcommittee on Telecommunications and Finance, House Committee on Energy and Commerce. \23 In the Public Interest, Issues Confronting the Accounting Profession, a special report by the Public Oversight Board of the SEC Practice Section, AICPA, March 1993. \24 Strengthening the Professionalism of the Independent Auditor, Public Oversight Board Advisory Panel on Auditor Independence, September 1994. CLIENT ADVOCACY -------------------------------------------------------- Chapter 2:2.1 Responding to accounting questions from clients and developing firm positions on accounting questions under consideration by FASB, the SEC, or other accounting standard-setting bodies is part of an accounting firm's public responsibility. However, client-related motivations, or even the appearance thereof, in reaching or communicating accounting policy decisions can contribute to a decline in the integrity, objectivity, and professionalism of public accounting firms and in public respect for the accounting profession. In 1977, the Metcalf Subcommittee raised concerns involving situations where accountants testify before public bodies advocating positions that are favorable to their clients. The Cohen Commission's 1978 report also discusses client advocacy concerns. The AICPA strongly objected to these concerns, contending that accounting firms advocate positions based on the firms' convictions concerning the issues rather than on the interests of clients. The AICPA also stated that it should not be surprising that in many instances, professionals deeply concerned with financial matters would find their own views corresponding to those of some of their clients. In 1992 and again in 1994, the SEC Chief Accountant questioned the independence of accounting firms in situations where they condoned what he called "incredible" accounting principles in financial statements, advocated such principles to the SEC, or were overly influenced by client views in formulating their own positions on subjects under scrutiny by FASB. The 1994 staff study by the SEC put the comments made by its Chief Accountant in perspective by reporting that while the SEC staff is concerned that accounting firms may have compromised their objectivity with respect to proposed or actual client accounting treatments, the number of instances in which questionable client advocacy has been established is very small in relation to the number of audited financial statements filed with the SEC. In its 1993 report, the POB addressed matters of client advocacy. The POB pointed out a distinction between client advocacy and client service, explaining that client advocacy is a willingness of the auditor to serve the immediate interests of the client in any way requested as long as the law permits that activity. Client service, as defined by the POB, means serving the client's best interest without coming into conflict with professional standards, the best interest of the audit function, or the auditor's best judgment. The POB urged the accounting profession to give this subject prompt attention and recommended that the AICPA undertake a project to sharpen further the distinction between client advocacy and client service and incorporate that distinction into the profession's Code of Professional Conduct. The POB's 1993 report also recognized that special care is needed to ensure that accounting firms' "participation in the standard- setting process is characterized by objectivity and professionalism," and accordingly, recommended that standard setters and leaders of the profession regularly discuss and address issues related to client advocacy in the standard-setting process. The Kirk Panel endorsed the POB's recommendations with regard to client advocacy. The Panel also believed that the firms' internal organization and processes for developing accounting positions should be insulated from undue client pressure and that accounting firm positions on FASB proposals should be communicated in a judicious, professional way that does not appear to gain favor with clients or appear to be part of an organized campaign. In addition, the Kirk Panel suggested that the POB, through its oversight of the peer review process, should identify effective policies and procedures that accounting firms have adopted for (1) internal technical consultation, (2) providing technical guidance to professional staff, and (3) developing firm positions on technical standards. The Panel further suggested that the POB should encourage adoption of the "best practices" it identifies. MANAGEMENT ADVISORY AND OTHER NONAUDIT SERVICES -------------------------------------------------------- Chapter 2:2.2 Another area of concern is the growth of the accounting profession's consulting services relative to a static level of auditing and accounting services. As discussed earlier, these services and their perceived impact on accounting firms' independence have been the subject of many studies. According to information provided by the Big 6 firms, the large public accounting firms earned less than half of their revenue in 1995 from auditing and accounting services.\25 In its 1994 report, the Kirk Panel asserted that some of the firms considered themselves multiline professional firms, not as accounting and auditing firms. The Kirk Panel noted that the threat of litigation, along with competition and fee-cutting, have made auditing less and less financially attractive. The Kirk Panel, large accounting firms, and others in the profession also have asserted that the percentage of top college graduates going into the accounting profession is declining and that there is a general unattractiveness of beginning a career in auditing. A 1991 report by the six largest accounting firms discussed the benefits to the investing public and clients of a broad scope of services and pointed out that there has been no conclusive evidence that providing management advisory services compromises auditor independence.\26 The report downplayed concerns about the appearance of conflicts of interest in arrangements with clients. For example, the report stated, "Business relationships between public accountants and audit clients do not impair independence as long as they result from the ordinary course of business and are not material to either party." However, the Kirk panel pointed out that such a position fails to recognize the special responsibilities of the independent auditor and the importance of avoiding the appearance of a conflict of interest. The 1991 report by the six accounting firms suggested a new framework for defining independence and gave examples of four principles relating to the scope of services that would be included in the framework. These principles are (1) public accountants and their firms should be financially independent of audit clients, (2) public accountants should not serve as directors, officers, or employees of audit clients, (3) public accountants should not exercise management decision-making responsibilities in the performance of service for audit clients, and (4) business relationships between public accountants and audit clients do not impair independence as long as they result from the ordinary course of business and are not material to either party. The six accounting firms believed that these four principles, combined with others covering such matters as financial interests, family relationships, and litigation, would create an effective structure for determining and governing independence. According to the Kirk Panel, the independence framework proposed by the six accounting firms was rejected by the SEC and not adopted by the profession. Study groups, such as the Kirk Panel, acknowledge that the trend away from auditing services could lessen the objectivity of the auditor and the value of the independent audit, although there has been no conclusive evidence. Nevertheless, the controversy is likely to persist as the auditing environment continues to change in the face of worldwide competition, global markets, technological innovations, and complex business structures. These developments have resulted in new demands from clients for a wider range of professional services. The largest accounting firms seem inclined to meet these demands by expanding their scope of services, believing that the interests of clients, investors, and the public will be better served.\27 Recently, the SEC and others have expressed concern with a public accounting firm's performance of internal audit services for audit clients, referred to in the professional accounting literature as extended audit services. Companies are increasingly outsourcing various staff and support functions, including internal auditing, as part of the reengineering efforts taking place in the 1990s. The POB believes that, based on an analysis of professional literature, the conduct of internal audit services for audit clients need not impair the auditor's independence if the auditor does not assume management's operational or decision-making responsibilities. However, others, such as the Institute of Internal Auditors, see these types of services as a potential conflict of interest for the entity's independent auditors. The AICPA's Professional Ethics Division worked with the Committee of Sponsoring Organizations of the Treadway Commission (COSO), the SEC, the POB, and other interested observers in developing an ethics interpretation that provides more specific guidance to CPA firms providing such services.\28 The new interpretation, issued in August 1996, reaffirms that these extended services would not impair independence with respect to audit clients as long as the auditor does not act or appear to act in a capacity equivalent to a member of management or as an employee. The SEC has also continued to express concern about certain other types of expanded services provided by accounting firms. On June 6, 1996, the Chairman of the SEC cautioned the accounting profession about what he saw as recent developments concerning expanded services that go far beyond traditional services, such as activities in investment banking, franchising the use of the auditor's name, and providing outsourcing for a variety of services in addition to internal auditing services, that threaten the accounting profession's credibility.\29 The Kirk Panel believed that existing conflict-of-interest rules and the various mechanisms for improving those rules were appropriate and adequate. However, the Panel concluded that growing reliance on nonaudit services had the potential to compromise the objectivity or independence of the auditor by diverting firm leadership away from the public responsibility associated with the independent audit function, by allocating disproportionate resources to nonaudit lines of business within the firm, and by reducing the audit function to a means to sell other services. Accordingly, the Kirk Panel cautioned accounting firms to focus on how the audit function can be enhanced and not submerged in large multiline public accounting/management consulting firms. In our April 1991 report on failed banks,\30 we discussed auditor independence concerns that should be addressed to enhance the credibility of independent audits. In developing our report recommendations, we considered both scope of service limitations and requirements for auditor rotation. Considering the value of the auditors' traditional management service capabilities and the value of continuity in conducting audits, we decided not to recommend such actions. We believed that improved corporate governance provided a strong opportunity to enhance auditor independence and would not be disruptive to the free market. We continue to hold that position. As discussed below, we believe that the corporate governance approach suggested by the Kirk Panel, in which the auditor looks to the board of directors as its client, is a fundamental change needed to address auditor independence concerns. -------------------- \25 Public Accounting Report, May 31, 1996, based on a 1996 survey of national accounting firms. \26 The Public Accounting Profession: Meeting the Needs of a Changing World, Arthur Andersen & Co., Coopers & Lybrand, Deloitte & Touche, Ernst & Young, KPMG Peat Marwick, and Price Waterhouse, January 1991. \27 The Public Accounting Profession: Meeting the Needs of a Changing World, Arthur Andersen & Co., Coopers & Lybrand, Deloitte & Touche, Ernst & Young, KPMG Peat Marwick, and Price Waterhouse, January 1991. \28 Interpretation 101-13 Under Rule of Conduct 101: Extended Audit Services, AICPA, August 1996. \29 Speech by SEC Chairman Arthur Levitt on June 6, 1996, before the SEC and Financial Reporting Institute, University of Southern California. \30 Failed Banks: Accounting and Auditing Reforms Urgently Needed (GAO/AFMD-91-43, April 22, 1991). PROPOSALS TO STRENGTHEN CORPORATE GOVERNANCE -------------------------------------------------------- Chapter 2:2.3 Many studies, such as those conducted by the Treadway Commission, GAO, the POB, and the Kirk Panel, have recognized that corporate boards and their audit committees could and should play a more significant role in strengthening the independence of auditors; however, little has been done to define the responsibilities of audit committees. As previously discussed, FDICIA was an important step forward by requiring independent audit committees, but it was limited to large banks and thrifts. In 1993, the POB identified several responsibilities that audit committees should assume, including reviewing the annual financial statements, conferring with management and the independent auditor about them, receiving from the independent auditor all information that the auditor is required to communicate under auditing standards, assessing whether the financial statements are complete and consistent with information known to them, and assessing whether the financial statements reflect appropriate accounting principles. In addition, the POB recommended that the SEC should require registrants to include in a document containing the annual financial statements a statement by the audit committee or the board of directors as to whether its members have carried out their responsibilities as described above. The POB believes the auditor should assist the audit committee and the board in understanding their responsibilities and the best practices to follow. The SEC has been reluctant to establish registrant requirements that it believes may be intrusive into matters of corporate governance, such as requirements for internal control reporting and audit committees. For example, in the 1980s, the SEC twice withdrew proposals for management reporting on internal controls. Cost was a primary consideration in withdrawing the proposals. Also, in response to our May 1994 report on derivatives,\31 the SEC did not support requiring management to report on internal controls over derivatives and related risk-management activities or requiring auditors' attestation on such reports. The SEC also did not support our recent suggestion for the SEC to issue guidelines governing boards of directors' responsibilities for derivatives activities. In addition to concerns over the cost of internal control reporting, the SEC believed that such SEC-imposed requirements or guidelines may be viewed as setting risk-management requirements that are part of corporate governance matters. Similarly, even though the SEC has encouraged the use of audit committees in public companies, the SEC is reluctant to set requirements for audit committees concerning their composition and role in overseeing risk-management systems, believing such matters are best left to the stock exchanges. The Kirk Panel's 1994 report discusses the necessity for fundamental changes in relationships of boards of directors and audit committees with the independent auditor in order to strengthen the objectivity and professionalism of the independent auditor and to enhance the value of the independent audit. The Panel explained that too close a relationship between the auditor and management can inhibit independent judgments. The Kirk Panel noted that, in most companies today, management selects or recommends auditors and changes in auditors, negotiates fees, guides the audit, prepares the financial statements, selects accounting principles, and makes estimates. The Kirk Panel acknowledged that a smooth working relationship between the auditor and management is important, but explained that too close a relationship can discourage the auditor from speaking up if the auditor questions the accounting principles selected, the clarity of disclosures, or the estimates and judgments made by management. The Panel believed that such a relationship could inhibit the auditor from openly communicating with the board of directors or audit committee. The Kirk Panel pointed out that to bring the audit function into the mainstream of corporate governance will require an environment in which boards of directors, audit committees, and management of public companies have high expectations about the auditing firms' integrity, objectivity, and professional expertise and in which the auditor, in meeting those obligations, recognizes an overriding public responsibility. Accordingly, the Kirk Panel suggested that -- the independence of boards of directors and their accountability to shareholders needs to be enhanced; -- auditors need to consider the boards of directors--the representatives of the shareholders--as the clients, not corporate management; -- boards of directors should expect to hear from the auditors candid evaluations of the appropriateness, not just technical acceptability, of accounting principles, financial statement estimates, and the clarity of the related disclosures in company reports; and -- auditors should be willing to express their views as experts to audit committees and full boards of directors about the appropriateness of the accounting principles and financial disclosure practice, particularly, the degree of aggressiveness or conservatism of accounting principles used by the companies and their application in developing estimates used in preparing the financial statements. In 1995, the POB published a summary report, Directors, Management, and Auditors: Allies in Protecting Shareholder Interests, to assist SEC Practice Section member firms, corporate financial management, and audit committees in implementing a principal suggestion from the Kirk Panel--that corporate boards and audit committees should expect to receive, and the independent auditor should deliver, forthright, candid oral reports in a timely manner on the quality--not just the acceptability--of a company's financial reporting. The POB has distributed the report to the chief executive, financial officers, and each director of all companies on the New York Stock Exchange and of other SEC-registered companies with revenues of at least $250 million. The Kirk Panel's suggestions pertaining to strengthening corporate governance through more auditor involvement with audit committees are also emphasized in the POB's 1994-1995 annual report. The Executive Committee of the SEC Practice Section, with the encouragement of the POB, has pledged active support of the Kirk Panel's suggestions. In its written response on the Kirk Panel's suggestions, the SEC Practice Section Executive Committee stated it will work with the POB in developing an appropriate plan of action for the accounting profession and will also help other groups address the Panel's recommendations directed to them. Also, the AICPA's January 1996 Journal of Accountancy, contains an article, "How Directors and Auditors Can Improve Corporate Governance," written by a member of the POB and a member of the Executive Committee of the SEC Practice Section. We identified several barriers to voluntarily achieving the needed changes in the auditor/client relationship. State laws govern the incorporation of public companies; the functions and powers of the directors; and the legal relationships among shareholders, directors, and management. Most states, however, do not establish statutory requirements for independent audit committees. Given concerns over litigation, neither boards of directors, management, nor the accounting profession are likely to voluntarily change the auditor/client relationship to having the auditor report directly to the audit committee. Further, in response to our 1994 survey of Fortune Industrial 500 and Fortune Service 500 companies' audit committees, audit committee chairpersons stated they are actively involved with their independent auditors. For example, based on the sample results, we estimate that at least 94 percent of the audit committees met privately with the company's independent public accountant, 93 percent monitored changes in the company's independent public accountant, 81 percent monitored management's evaluation of the auditor's independence, and 63 percent monitored management's plans for using the auditor to perform consulting services. Therefore, audit committees may be comfortable with their current relationship with the independent auditor and may not want to take additional steps of having the independent auditor reporting directly to the audit committee rather than to management without additional direction from the SEC. Further, independent public accountants' principal working relationship with the company is with the company's financial management as the preparer of the financial statements. We believe this makes it difficult for auditors to achieve the "Carey" ideal of independence previously discussed. Reporting to users is not practical, but reporting to directors who have a more direct stockholder concern or orientation might be feasible. However, directors may object to this potential expansion of their legal liabilities or to the more modest change in the auditor/director relationship made by FDICIA for the regulated banking industry, which may also be viewed as possibly expanding directors' legal exposure. FDICIA requires large banks and thrifts to have independent audit committees and that the committees' responsibilities include reviewing with management and the independent public accountant (1) management's responsibilities for preparing financial statements, the effectiveness of internal controls, and complying with laws and regulations, (2) management's assessment of the effectiveness of internal controls and the institution's compliance with laws and regulations, and (3) the auditor's reports on the financial statements and on management's assertion on the effectiveness of internal controls. The Federal Deposit Insurance Corporation Improvement Act of 1991 (FDICIA) also (1) requires that audit committee members in larger financial institutions have certain expertise and (2) prohibits membership from including any large customers of the institution. Without revamping the present free market system for obtaining audit services, the audit committee offers within the system the opportunity to have a financial report user as the employer of the independent public accountant. FDICIA, through its audit committee requirements, steers the auditor toward the audit committee, but stops short of the more expansive auditor/audit committee relationship envisioned by the Kirk Panel. Although FDICIA defined certain duties for the audit committee, it did not make the audit committee directly responsible for the audit function, which remained with management. Therefore, auditors are likely to spend most of their time during the audit working with management and continuing the relationship that currently exists. -------------------- \31 Financial Derivatives: Actions Needed to Protect the Financial System (GAO/GGD-94-133, May 18, 1994). OBSERVATIONS ---------------------------------------------------------- Chapter 2:3 Despite actions taken by the SEC and the AICPA in the 1970s and the 1980s to strengthen auditor independence, questions of auditor independence stemming primarily from auditor/client relationships in providing audit and other services have continued into the 1990s. The SEC and the accounting profession through the Kirk Panel both have been active in examining the continuing concern over auditor independence. Although both agreed that additional legislation or rules were not needed at this time, the Kirk Panel recognized that the continuing concern over auditor independence is a serious problem for the accounting profession that could over time undermine the independent role of the accounting profession. We believe that questions of auditor independence will probably continue as long as the existing auditor/client relationship in which the auditor effectively reports to corporate management continues. Without a change in that relationship, independence questions may become a larger concern given the sizable nature of management advisory services provided by the accounting firms. Further, new services that go beyond traditional services may increase concerns over auditor independence, and for that reason the appropriate nature of such services needs to be carefully considered by the accounting profession. We continue to believe that measures that would limit auditor services or mandate changing auditors are outweighed by the value of continuity in conducting audits and the value of traditional consulting services. We believe the more reasonable action is the Kirk Panel's idea of bringing the independent auditor more into a direct working relationship with the board of directors and emphasizing the independent audit committee's roles as an overseer of the company's financial reporting process; a buffer between management and the auditor; and a representative of user interests in full, fair, and reliable financial reporting. This is an inherently difficult change to accomplish, and the Kirk Panel's suggestions for voluntary change have a high risk of not succeeding for a number of reasons. Boards of directors have the responsibility of overseeing management, but this responsibility does not make them directly responsible for the propriety of the relationship between management and the auditor. Similarly, audit committees oversee the audit, but are not directly responsible for the effectiveness of the audit or for full and fair reporting. As long as boards of directors and audit committees have their present corporate governance roles, auditors will have a difficult time strengthening their relationship with boards and audit committees. Accordingly, we agree with the Kirk Panel that taking steps toward making the board of directors serve as the auditor's client offers a major opportunity to address concerns about auditor independence. Audit committees may not see the need to strengthen their role in working with the auditor. Audit committee chairpersons' responses to our survey show that the committees are working with the auditors and are satisfied with present relationships. Another barrier to the Kirk Panel's proposal is that boards of directors may be reluctant to accept responsibility for the effectiveness of the audit function as the representatives of shareholders and other users of the financial statements. Boards of directors, as well as the auditors, have concerns about their potential legal liabilities. Our work also shows that the duties of the audit committees are not well defined. A strengthened working relationship as envisioned by the Kirk Panel that would in effect specify certain audit committee duties is a major change from the existing structure of audit committees. Although the Private Securities Litigation Reform Act of 1995 provides some reporting responsibilities on matters that could involve directors and auditors, the Act does not formally address existing auditor/client relationships. For these reasons, we doubt that the Kirk Panel's proposal will be voluntarily accepted by boards of directors and independent audit committees. As an alternative to relying on voluntary action, the SEC could more clearly define the roles of the board of directors and audit committee with the independent auditor. Under the Securities Act of 1933 and the Securities Exchange Act of 1934, the SEC has broad responsibility for full and fair financial reporting and the related role of the auditor. However, the SEC has previously been reluctant to exercise authority in matters of corporate governance, and it might want specific legislation to support an initiative to alter the existing auditor/client relationship. Seeking legislation to amend the securities laws to contain audit committee requirements like those in FDICIA is another option that the SEC could take. This might be viewed as less intrusive by corporate management and not raise significant concerns by directors over their legal liabilities. It would be an improvement over the current situation by specifying certain audit committee qualifications and basic important audit committee responsibilities regarding reviewing with the auditors the financial statements, internal controls, and compliance with laws and regulations. An independent and knowledgeable audit committee as envisioned by FDICIA would enhance the effectiveness of requiring the auditor to report directly to the audit committee. However, it falls short in other areas of establishing the specific auditor/audit committee relationship envisioned by the Kirk Panel. Another initiative the SEC might take to achieve the objectives of the Kirk Panel's proposal would be to work through the major stock exchanges to achieve listing requirements that would more specifically define audit committee duties and responsibilities and their relationships with the auditor. The listing agreements of the major stock exchanges already require members to have audit committees, so the basic principle has been established. An approach by the stock exchanges to extend the listing agreement requirements, backed by the SEC, would not require legislation. COMMENTS AND OUR EVALUATION ---------------------------------------------------------- Chapter 2:4 The AICPA, the POB, and the SEC Chief Accountant provided comments on auditor independence. They agreed with our observations on the importance of this issue for the accounting profession and our observation supporting the Kirk Panel's idea of bringing the independent auditor more into a direct working relationship with the board of directors and emphasizing the role of the independent audit committee as an overseer of the company's financial reporting process, as a buffer between management and the auditor, and as a representative of user interest. The AICPA stated that it has pledged to work with the POB in developing an appropriate plan of action for the accounting profession to achieve the Kirk Panel's recommendation for strengthening auditor independence. As part of that process, the AICPA's SEC Practice Section plans to identify best practices in implementing the Kirk Panel's recommendations. In addition, it is developing a database of practices relating to auditing firms' polices and procedures used to conduct internal accounting consultations. Also, the AICPA believes that SEC registrants and other publicly accountable organizations should be required to have independent audit committees charged with specific responsibilities, including overseeing the financial reporting process and recommending appointment of the entity's independent auditor. The POB commented that auditor independence continues to be a major focus of the POB and that it plans to spend a significant amount of time dealing with this matter during the next year. The POB commented that auditor independence must be at the top of the agenda of everyone concerned with maintaining the viability of the independent audit process. The SEC Chief Accountant stated that the concerns over auditor independence identified in our report must be resolved if the profession is to be successful in providing expanded assurance services. He also agreed that the increase in nontraditional services provided by auditing firms could lead to increased concerns about auditor independence. The SEC Chief Accountant thought that the Kirk Panel's recommendation to strengthen auditor independence was compelling and should be considered. He also pointed out that the SEC has promoted the establishment of independent audit committees and the use of the committees to enhance auditor independence. Given the agreement between the SEC Chief Accountant and the accounting profession that auditor independence is a major unresolved issue affecting the future of the accounting profession, we believe that the SEC should take a leadership position in working with the accounting profession to enhance the auditor's independence. The SEC Chief Accountant stated he would be willing to discuss with GAO and others ways to strengthen the roles of boards of directors. In addition to voluntary actions by SEC registrants to enhance auditor independence, our report provides several alternatives, including that the SEC more clearly define the roles of the boards of directors and audit committees, recognizing that the SEC may wish to seek legislation to achieve that objective. Also, we point out that an SEC approach of working with the stock exchanges to extend the listing agreement requirements is another alternative, and one that would not require legislation. AUDITORS' RESPONSIBILITIES FOR FRAUD AND INTERNAL CONTROLS ============================================================ Chapter 3 The Cohen Commission's study in the mid-1970s revealed that some users of financial statements equate an unqualified audit report with a guarantee of the accuracy and reliability of the financial statements and the continued viability of the business under examination. As evidenced by the media and litigation against auditors, when a business fails shortly after receiving an unqualified audit report, the public often perceives the failure as an audit failure. Investors and others question why they were not warned about the company's financial difficulties. Likewise, when charges of fraud are leveled against management or others in a company, the inevitable question is: Where were the auditors? These questions and perceptions suggested that an expectation gap existed between what the public expects of the accounting profession, especially as it relates to the audit function, and what the profession understands or believes is its proper role. Changes were made in auditing standards in the late 1980s to state the auditor's responsibilities more clearly; however, recent studies and AICPA initiatives indicate public expectations are still not fully satisfied by the level of responsibility assumed by auditors. Numerous examples of internal control weaknesses in financial institutions and businesses have focused on the importance of internal controls in ensuring accurate financial reporting and in preventing fraud, and management's responsibilities for reporting on the effectiveness of the control system.\1 The occurrence of internal control weaknesses has also raised questions concerning the auditor's responsibilities for reviewing and reporting on management's assertions concerning the effectiveness of internal controls. Many reforms have been advanced by the accounting profession and others over the past two decades, but only limited reforms have been instituted regarding internal controls. Moreover, internal control reforms have not been linked to the auditor's responsibility for fraud detection. The problems associated with the auditor's limited internal control reviews are exacerbated by the continuing advances in information systems technology and the resultant growing complexity of auditing financial data. -------------------- \1 Internal control is a process--effected by an entity's board of directors, management, and other personnel--designed to provide reasonable assurance regarding the achievement of objectives in the following categories: (1) reliability of financial reporting, (2) effectiveness and efficiency of operations, and (3) compliance with laws and regulations. PUBLIC EXPECTATIONS FOR AUDITORS ---------------------------------------------------------- Chapter 3:1 Over the past 20 or more years, well-publicized cases of financial irregularities in many companies and financial institutions, and seemingly unforeseen business failures, have focused unfavorable attention on the auditor's role in detecting fraud, suggesting a gap between what the public expects or needs and what auditors can and should reasonably expect to accomplish. In 1978, the Cohen Commission concluded that such a gap did exist. The Cohen Commission felt that in general, users appeared to have reasonable expectations of the abilities of auditors and the assurances they can give. However, the Commission concluded that many users appeared to misunderstand the role of the auditor and the nature of the services an auditor provides. For example, the Cohen Commission and other groups studying this issue found that the public expected the accounting profession to establish performance standards to reduce the incidence of fraudulent financial reporting by assuming greater responsibility for fraud detection. The Cohen Commission stated in its 1978 report that "significant percentages of those who use and rely on the auditor's work rank the detection of fraud among the most important objectives of an audit." The public also expected audited financial statements to provide an early warning of impending business failures and some assurance regarding the well-being of the reporting enterprise. The public did not understand how a company can fail as a result of management fraud shortly after an unqualified audit report on its financial statements is issued. Nor did it understand when audited financial statements did not inform users about all the significant risks and uncertainties confronting the business enterprise. The Cohen Commission, along with several other study groups, including the AICPA Special Committee on Equity Funding,\2 the Metcalf Subcommittee, Price Waterhouse,\3 the Big 7, GAO, and the Treadway Commission, advanced proposals to address this expectation gap.\4 -------------------- \2 The Adequacy of Auditing Standards and Procedures Currently Applied in the Examination of Financial Statements, Report of the Special Committee on Equity Funding, AICPA, February 1975. \3 Challenge and Opportunity for the Accounting Profession: Strengthening the Public's Confidence, the Price Waterhouse Proposals, 1985. \4 Refer to table II.2, appendix II, (GAO/AIMD-96-98A) for the recommendations made by these study groups that address the auditor's role and responsibilities. INITIATIVES TO NARROW THE EXPECTATION GAP FOR FRAUD ---------------------------------------------------------- Chapter 3:2 Financial statements that are materially misstated as a result of intentional deception constitute fraudulent financial reporting. The consequences of fraudulent financial reporting and unexpected business failures can be widespread and devastating. Those affected may include the company's stockholders, creditors, and others whose confidence in the stock market is shaken. Even though the company has the ultimate responsibility for ensuring accurate financial reporting, the auditor also plays an important role. Auditing standards have always acknowledged that the auditor has some responsibility to consider the existence of fraud in an audit.\5 However, interpretations of these standards seemed to emphasize the limitations of the auditor's role and, in applying the standards, searching for and detecting fraud was always seen as a by-product of the audit process. In 1988, the ASB issued two standards--one on errors and irregularities and one on illegal acts\6 --which directly address the auditor's responsibility for fraud detection, and a third standard on analytical procedures,\7 which relates indirectly to that responsibility. The 1988 statement on errors and irregularities requires the auditor to design the audit to provide reasonable assurance of detecting material errors and irregularities. The statement requires that the auditor inform the audit committee or others with equivalent authority about irregularities that have been detected. The statement also acknowledges that the auditor should recognize that certain circumstances may exist that pose a duty for the auditor to report outside of the client organization. These include reporting by the entity of an auditor change, responding to a subpoena, communicating with a successor auditor, and reporting to a funding agency or others in audits of entities that receive financial assistance from a government agency. The 1988 statement on illegal acts also requires the auditor to design the audit to provide reasonable assurance of detecting misstatements resulting from illegal acts that have a direct and material effect on the financial statements and to be aware of the possibility that illegal acts with an indirect effect may have occurred. Guidance on detecting illegal acts also requires the auditor to confirm that the audit committee or others with equivalent authority are informed of illegal acts, unless the acts are clearly inconsequential. The same circumstances which pose a duty for the auditor for reporting irregularities outside of the client's organization, as noted above, also apply for reporting illegal acts. The guidance on analytical procedures emphasizes that these procedures are an important part of the audit process and should be used in the planning and the overall review stages of all audit engagements to assist the auditor in obtaining an understanding of the client, identifying areas of risk, assessing the conclusions reached, and evaluating the overall financial statement presentation. The statement further states that analytical procedures may be effective in detecting potential misstatements, which would not be apparent using other tools. In December 1995, the Congress enacted the Private Securities Litigation Reform Act of 1995 (the Act). Section 301 of the Act concerns fraud detection and identifies the procedures, evaluations, and reporting the auditor is required to make in accordance with GAAS, as may be modified or supplemented by the SEC. The requirements are similar to those in SAS 53; however, the Act alters the existing reporting process. The Act requires the auditor, who in the course of an audit determines that an illegal act likely occurred, to inform the appropriate level of management as soon as practicable and ensure that the audit committee (or the board of directors if there is no audit committee) is adequately informed of the illegal act. If timely and appropriate remedial actions are not taken, and the auditor makes certain determinations, including that the illegal act has a material effect on the financial statements, the auditor is required to report its conclusions directly to the board. Upon receipt of the auditor's report, the board is responsible for notifying the SEC within 1 business day and furnishing a copy of the notice to the auditor. If the auditor fails to receive a copy of the notice before the expiration of the 1-business day period, the auditor must either resign from the engagement or furnish to the SEC a copy of its report not later than 1 business day following such failure to receive notice. An auditor who chooses to resign from the engagement must still provide a copy of his or her report to the SEC. In 1988, in addition to the three auditing standards relating to fraud, the ASB issued other standards to address the expectation gap. These standards extend, clarify, or modify the auditor's responsibilities regarding assessing of internal controls, auditing accounting estimates, considering an entity's ability to continue as a going concern, communicating internal control matters, and communicating with audit committees.\8 The ASB also revised the statement relating to the wording of audit reports to more explicitly limit the auditor's responsibility, the procedures the auditor performs, and the assurances the audit provides.\9 Since 1988, the AICPA has issued additional standards, some of which amended the auditor's responsibilities for considering internal controls, for reporting on uncertainties, and for evaluating going concerns.\10 In addition, in 1994, the AICPA issued a statement of position to improve and expand disclosure of risks and uncertainties facing the business as of the date of the financial statements.\11 -------------------- \5 Statement on Auditing Standards No. 16, The Independent Auditor's Responsibility for the Detection of Errors and Irregularities, and Statement on Auditing Standards No. 17, Illegal Acts by Clients, AICPA, January 1977. \6 Statement on Auditing Standards No. 53, The Auditor's Responsibility to Detect and Report Errors and Irregularities, and Statement on Auditing Standards No. 54, Illegal Acts by Clients, AICPA, April 1988. \7 Statement on Auditing Standards, No. 56, Analytical Procedures, AICPA, April 1988. \8 SAS No. 55, Consideration of the Internal Control Structure in a Financial Statement Audit; SAS No. 57, Auditing Accounting Estimates; SAS No. 59, The Auditor's Consideration of an Entity's Ability to Continue as a Going Concern; SAS No. 60, Communication of Internal Control Structure Related Matters Noted in an Audit; and SAS No. 61, Communication With Audit Committees, AICPA, April 1988. \9 SAS No. 58, Reports on Audited Financial Statements, AICPA, April 1988. \10 SAS No. 64, Omnibus Statement on Auditing Standards - 1990, December 1990; SAS No. 77, Amendments to Statements on Auditing Standards No. 22, "Planning and Supervision," No. 59, "Auditor's Consideration of an Entity's Ability to Continue as a Going Concern," and No. 62, "Special Reports," November 1995; SAS No. 78, Consideration of Internal Controls in a Financial Statement Audit: An Amendment to Statement on Auditing Standards No. 55, December 1995; and SAS No. 79, Amendment to Statement on Auditing Standards No. 58, "Reports on Audited Financial Statements," December 1995. \11 Statement of Position 94-6, Disclosure of Certain Significant Risks and Uncertainties, AICPA, December 30, 1994. AUDITORS' RESPONSIBILITY FOR FRAUD DETECTION AND REPORTING AND PUBLIC EXPECTATIONS ---------------------------------------------------------- Chapter 3:3 As stated by the Cohen Commission in 1978, and similarly by the POB in 1993, no major aspect of the independent auditor's role has caused more difficulty than the auditor's responsibility for the detection of fraud. As previously discussed, auditing standards were strengthened in 1988 to establish a more affirmative responsibility for fraud detection. However, a study presented at an "Expectation Gap" conference held by the AICPA in 1992 identified fraud as an area of continuing concern.\12 The study found that the auditing standard for errors and irregularities, SAS 53, did not appear to have narrowed the expectation gap between auditors and users. According to the study, although SAS 53 required some affirmative duty to provide reasonable assurance that material irregularities did not exist, auditors appeared not to have altered their audit planning or tests. The study also indicated that SAS 53 had not been widely accepted by public users, the SEC, or the courts. It stated that the public required the detection of "all material financial statement fraud," but the standard placed limits on the auditor's responsibility. For example, it did not hold auditors responsible for detecting fraud that was concealed by management collusion and forgery, and placed substantial limitations on the auditor's obligation to disclose fraud to the investing public. The study found that placing such limitations on the auditor's responsibilities was contrary to the expectations of users, who expected all material fraud to be detected and disclosed. The POB's 1993 report identified problems with auditor implementation of SAS 53.\13 In that report, the POB stated that SAS 53, if properly followed, could enhance the detection of fraud. However, it found that auditors were not consistently complying with this standard, especially in exercising the proper degree of professional skepticism. To improve auditor performance, the POB recommended that the profession assume more initiative through auditor skepticism and develop comprehensive guidelines to assist auditors in detecting fraud. The AICPA's Board of Directors responded by publishing a position paper that supported the POB's recommendations.\14 The paper renewed debate within the profession about the auditor's responsibility for fraud detection by specifically stating that the public looked to the independent auditor to detect fraud, and it was the auditor's responsibility to do so. Also, in 1993, the AICPA commissioned a study to determine user expectations regarding the auditor's responsibility to detect fraud. The study, which was performed by a Drexel University professor, found that financial statement users expected absolute assurance that material misstatements due to fraud would be detected by auditors, and that this expectation exceeded the description of the auditor's responsibilities contained in auditing standards and guidance.\15 The ASB formed a fraud task force in 1994 to address the various concerns related to the auditor's responsibilities for fraud detection. The objectives of the task force were to consider clarifying the auditor's responsibility for detection of fraud, consider revising factors contained in the standards that may be indicative of management fraud, and provide separate indicators of employee fraud. The ASB issued an exposure draft in May 1996 that proposed revisions to the basic general standards of the auditor's responsibility\16 and a new standard to replace SAS 53. The proposed revisions to the general standards include a statement of the auditor's responsibility for the detection of fraud in a financial statement audit and a conceptual discussion of due care, assurance, and professional skepticism relative to fraud detection. The ASB hopes that elevating the discussion on fraud to the auditor's basic general standards will heighten the auditor's awareness of the need to exercise professional skepticism and obtain reasonable assurance throughout the audit in order to detect all material fraud. The proposed auditing standard, which would supersede SAS 53, represents an attempt by the ASB to improve the fieldwork standard for fraud detection. While it does not increase the level of auditor's responsibility to find fraud, it includes the term fraud rather than irregularities,\17 discusses the characteristics of fraud, identifies fraud risk factors, requires an assessment of fraud risk on every audit, provides examples of how the auditor might respond to heightened fraud risk, and requires the auditor to reassess fraud risk at the end of the audit. According to an ASB member, the audit risk factors contained in the proposed auditing standard are based on recent research and will significantly improve guidance for identifying fraud. Despite efforts by the profession to improve standards for fraud detection, substantive progress on expanding the auditor's responsibilities for fraud detection have been impeded by liability concerns. The Cohen and Treadway Commissions found that the profession has been unwilling to define and expand the auditor's responsibility for detecting fraudulent financial reporting because of its fear of increasing the liability exposure of auditors. The recently enacted Private Securities Litigation Reform Act of 1995 may alleviate some of the profession's liability concerns since Section 201 of the Act provides, in effect, that auditors will now only be held liable under the Securities Exchange Act of 1934 for their portion of fault, unless the auditor knowingly violates the securities laws.\18 The 1995 Act also protects auditors from liability for making reports of illegal acts to the SEC. In addition to liability concerns, the current auditor/client relationship has also posed serious obstacles to fully resolving the expectation gap issue pertaining to fraud detection and reporting. As discussed by the Kirk Panel in its 1994 report, the auditor's public responsibility can be undermined when management becomes the primary intermediary between companies and auditing firms. The Kirk Panel also noted that "management has at times, captured the auditors," and stated that too close a relationship between the auditor and management can inhibit an auditor's independent judgment. For example, for frauds committed by management either in the misappropriation of assets or in fraudulent financial reporting that come to the auditor's attention,\19 unless auditors do extensive work, a persuasive management could convince auditors that there is not a problem. Management abuse of accounting principles can be particularly difficult for the auditor to challenge as standards may be general, leaving leeway for judgment in determining their application to particular transactions. In addition, efforts by management to reduce audit costs are often a major barrier to the auditor's thorough pursuit of red flags. Under current auditing standards, the auditor in planning the audit is responsible for assessing the risk of material misstatements in the financial statements and, as appropriate, going into a fraud detection mode by applying additional procedures and by being more skeptical. The issue is whether auditors can do this in the current structural arrangement where they must be cost competitive and continually stress client service. In its 1994 report, the Kirk Panel suggested that the auditor report directly to the board of directors and the audit committee to help reduce pressures stemming from cost competitiveness and providing services to management. The AICPA supports the Kirk Panel's suggestion. -------------------- \12 W. Steve Albrecht and John J. Willingham, "An Evaluation of SAS No. 53, The Auditor's Responsibility to Detect and Report Errors and Irregularities," The Expectation Gap Standards -- Progress, Implementation Issues, Research Opportunities (New York: AICPA, 1993), pp. 102-124. \13 In the Public Interest, Issues Confronting the Accounting Profession, a special report by the Public Oversight Board of the SEC Practice Section, AICPA, March 1993. \14 Meeting the Financial Reporting Needs of the Future: A Public Commitment From the Public Accounting Profession, AICPA Board of Directors, June 1993. \15 Henry Jaenicke, Users' Expectation of Auditors' Responsibilities to Detect Fraud, January 1994. \16 These standards along with standards for fieldwork and reporting provide the fundamental qualifications and performance conditions to be met by the auditor in conducting an audit under GAAS. \17 The ASB's fraud task force believed that the term "fraud" should be used in a more visible way in the proposed standard to heighten the auditor's awareness of the risk of fraud in performing a financial statement audit. SAS 53 did not provide specific guidance on fraud nor did it specifically mention fraud after the third paragraph. However, the fraud task force believed that it had to carefully craft the definition of fraud so that it would not inadvertently require the auditor to assume the burden of concluding that fraud in fact exists, such as establishing the presence of intent, a burden that would be inappropriate or impossible for the auditor to assume. \18 Previously, each of the defendants was liable for the plaintiff's entire loss, jointly and severally with each other, irrespective of relative fault. \19 Indications of increased risk of inappropriate or illegal actions by the company, referred to as "red flags," may be more difficult for the auditor to detect, particularly in cases where frauds are carefully concealed through forgery or collusion by management. IMPORTANCE OF INTERNAL CONTROLS AND COMPLIANCE WITH LAWS AND REGULATIONS ---------------------------------------------------------- Chapter 3:4 Good internal controls are important to manage properly and effectively, to ensure corporate accountability and accurate financial reporting, and to prevent fraud. Internal controls can help management ensure compliance with laws and regulations that are fundamental to operations and that may materially affect the financial statements. Controls are primarily the responsibility of management, but directors, auditors, and regulators also have essential roles to play. Recognizing the importance of effective internal controls, the Congress passed the Foreign Corrupt Practices Act in 1977. The Foreign Corrupt Practices Act amended the Securities Exchange Act of 1934 to require that SEC registered companies shall -- make and keep books, records, and accounts, which, in reasonable detail, accurately and fairly reflect transactions and dispositions of assets, and -- devise and maintain a system of internal accounting controls sufficient to provide reasonable assurances that (1) transactions are executed in accordance with management's general or specific authorizations, (2) transactions are recorded as necessary to permit preparation of financial statements in conformity with GAAP or any other criteria applicable to such statements and to maintain accountability for assets, (3) access to assets is permitted only in accordance with management's general or specific authorization, and (4) the recorded accountability for assets is compared with the existing assets at reasonable intervals and appropriate action is taken with respect to any differences. The Foreign Corrupt Practices Act was the result of numerous revelations that the falsification of records and improper accounting had allowed businesses to make millions of dollars in questionable or illegal payments to facilitate business transactions. The Foreign Corrupt Practices Act set a statutory mandate for corporations to maintain effective internal controls, but because the act did not require reporting on controls, it provided no mechanism for follow-up by the major players involved in ensuring corporate accountability--boards of directors, management, auditors, and regulators. Our work on thrifts\20 and banks\21 that failed in the 1980s revealed that serious internal control deficiencies and indications of fraud and insider abuse contributed to their failure. A congressional study\22 and our own work\23 on certain troubled insurance companies also disclosed how weak internal controls played a significant role in their decline. Examples where inattention to internal controls contributed to fraud and unnecessary exposure to investors can also be found in companies investigated by the SEC. For example, the Treadway Commission's 1987 report concluded that 45 percent of the 119 cases the SEC brought against public companies between July 1, 1981, and August 6, 1986, alleged fraud because of the breakdown in internal controls. More recently, our work in reviewing significant financial losses stemming from derivatives activities of certain companies and municipalities revealed that weaknesses in internal controls were a contributing factor. In some cases, the losses so significantly affected the entity's financial condition that the entity failed or declared bankruptcy. In the cases we reviewed, none of the entities reported publicly on their internal controls over derivatives activities. A requirement for such reporting could have identified areas where controls were weak or did not exist. The Congress recognized the link between past failures of financial institutions and weak corporate governance, including weak internal controls, when it enacted FDICIA. FDICIA requires the management of large banks and thrifts to report on the effectiveness of the institution's internal controls, including safeguarding of assets, and to report on the institution's compliance with those laws and regulations designated by the regulators. FDICIA also requires an independent external auditor to attest to management's assertions on internal controls and compliance in a separate report. Further, FDICIA requires the institutions to have independent audit committees and establishes a reporting link between the audit committee and the external auditor. The continuing growth of information systems technology places an even more important emphasis on internal controls, particularly computer security controls, in preventing and detecting fraud. A recent study of fraud in the United Kingdom pointed out that the continuing growth and development in information technology is one of the main reasons that the level of fraud is high and increasing and presents the greatest challenge to fraud prevention.\24 The United Kingdom report explained that computers could enable someone to manipulate transactions or intercept data without being subject to traditional forms of supervision. The study recommended that company directors conduct an annual review of fraud risk to help ensure that internal controls are designed to prevent and detect fraud. The United Kingdom is also considering requiring auditors to report, to directors and audit committees, on existing fraud control systems. -------------------- \20 Thrift Failures: Costly Failures Resulted From Regulatory Violations and Unsafe Practices (GAO/AFMD-89-62, June 16, 1989). \21 Bank Failures: Independent Audits Needed to Strengthen Internal Control and Bank Management (GAO/AFMD-89-25, May 31, 1989) and Failed Banks: Accounting and Auditing Reforms Urgently Needed (GAO/AFMD-91-43, April 22, 1991). \22 Failed Promises: Insurance Company Insolvencies, Subcommittee on Oversight and Investigations, House Committee on Energy and Commerce, February 1990. \23 Insurer Failures: Regulators Failed to Respond in Timely and Forceful Manner in Four Large Life Insurer Failures (GAO/T-GGD-92-43, September 9, 1992). \24 Taking Fraud Seriously, The Institute of Chartered Accountants in England and Wales, January 1996. AUDITORS HAVE LIMITED RESPONSIBILITIES FOR ASSESSING INTERNAL CONTROLS ---------------------------------------------------------- Chapter 3:5 Since the passage of the Foreign Corrupt Practices Act in 1977, numerous proposals have been made by the Cohen and Treadway Commissions, the SEC, GAO, and congressional committees to strengthen internal control requirements for the private sector. Such proposals included (1) requiring both management and auditors to increase reporting on internal controls to better ensure that they are in place and working effectively, (2) establishing stronger requirements for independent audit committees, and (3) requiring direct reporting by auditors of company's illegal acts to government regulators.\25 In 1988, the ASB issued SAS 55, which requires the auditor, in all audits, to obtain a sufficient understanding of a company's internal control structure-- control environment, accounting system, and control procedures--to assist in planning the audit. The audit standard requires the auditor to document his or her understanding of the three elements of the control structure and whether the elements have been placed in operation. The standard also states that the auditor should assess control risk; document the basis for conclusions about the assessed level of control risk for financial statement assertions; and design substantive tests, based on the auditor's knowledge of the control structure and assessed risk. The ASB also issued guidance for auditors to use in identifying and reporting certain internal control conditions observed during the audit.\26 These matters, termed "reportable conditions," are matters that the auditor feels should be reported to the audit committee or its equivalent because they represent deficiencies that could adversely affect the organization's ability to produce reliable financial disclosures. Also, in 1992\27 and 1994,\28 COSO published integrated guidance on internal controls. This guidance provides independent auditors and others with adequate criteria for judging and reporting on the effectiveness of internal controls over financial reporting and the safeguarding of assets, as well as operations and compliance controls. In 1995, the ASB amended auditing standards to recognize COSO's definition and description of internal control.\29 The revised description of internal control consists of five components--control environment, risk assessment, control activities, information and communication, and monitoring--instead of the three elements previously described. The revisions also changed certain terminology, such as internal control structure to internal control and control procedures to control activities. In the past, auditor reporting on management's assertion on the effectiveness of internal controls has met with resistance to some extent by the accounting profession. Accordingly, current auditing standards and guidance do not require the auditor to report on the condition of internal controls, which may hinder the auditor in detecting fraudulent financial reporting. As stated by the POB in its 1993 report, "This review of internal controls [as called for in the auditing standards] is neither sufficient nor intended to provide a basis for the evaluation of the quality of the client's system of internal control." For example, the auditor need only test the operation of those internal accounting controls that are relied upon based on the assessment of control risk in opining on the annual financial statements. If auditors rely upon them, then only those controls that are directly related to the financial statements and are material in relation to the financial statements need to be tested and evaluated. If auditors can accomplish the audit by directly testing account balances on the financial statements, they need not evaluate or test internal accounting controls. Further, operations controls, because they are not directly related to the financial statements, may not be tested by independent auditors. Therefore, such controls, which might provide reasonable assurance that the company is in compliance with laws and regulations, may not be tested. The POB's 1993 report contains a recommendation to the SEC to require registrants to include along with the annual financial statements a report by management and the independent auditor on the entity's internal control system. The AICPA now believes that the public expectation of the auditor's role in checking internal controls places the profession in the position of being best served by reporting on management's assertion rather than being silent. In its June 1993 position statement, the AICPA Board of Directors stated, "To provide further assurance to the investing public, we join the POB in calling for a statement by management, to be included in the annual report, on the effectiveness of the company's internal controls over financial reporting, accompanied by an auditor's report on management's assertions. An assessment by the independent auditor will provide greater assurance to investors as to management's statement. The internal control system is the main line of defense against fraudulent financial reporting. The investing public deserves an independent assessment of that line of defense, and management should benefit from the auditor's perspective and insights. We urge the SEC to establish this requirement." We believe FDICIA took a step in the right direction by requiring internal control reporting by management and the external independent auditor of large banks and thrifts. In our 1994 report on derivatives, we recommended that the FDICIA model be extended to entities involved with complex derivative products.\30 Since that report, we have been working with the SEC to adopt the FDICIA internal control model for end users of complex derivatives. However, the SEC is opposed to requiring similar reporting by all public companies. The SEC cited two separate instances in the 1980s in which it withdrew SEC proposals for internal control reporting, primarily because of concern over the cost of such reporting, and also because of concern over whether such reporting would constitute an admission of a violation of the Foreign Corrupt Practices Act. We recently suggested that instead of requiring internal control reporting, the SEC could issue guidelines for boards of directors' oversight of derivatives activities that would accomplish the objective of assessing and reporting on internal controls. However, the SEC is concerned about its intrusion in corporate governance if it were to issue such guidelines. Although commenters on SEC's past proposals concerning internal controls opposed auditor reporting on the effectiveness of internal controls, they supported a requirement for a statement by management concerning its responsibilities for the establishment and maintenance of a system of internal controls for financial reporting. Management believes the value of the requirement is obtained in its review of controls and that the auditor's review does not enhance that value. These perspectives are reflected in the results of our 1994 review of Fortune 1,000 publicly owned companies. The review showed that about two-thirds of the companies' annual reports that we sampled contained management reports, but only about one-third of companies' management reports contained conclusions about the effectiveness of internal controls, and less than 2 percent of the companies provided audited reports on the effectiveness of their internal controls. Notwithstanding the perspective of some companies that audited internal controls reporting is too costly, the work of the AICPA Special Committee on Financial Reporting (Jenkins Committee) found that professional investors and creditors believe that business reporting would benefit from increased auditor involvement in internal controls.\31 Its findings were based on an identified users' need for more comprehensive business reporting that in addition to traditional financial statements, would include forward-looking and other financial and nonfinancial information. Similarly, in its 1993 report on financial reporting, the Association for Investment Management and Research (AIMR), which represents financial analysts, portfolio managers, and other investment professionals, stated that it envisioned external auditors being substantially more involved than at present with the functioning of the internal systems that produce financial data for external consumption.\32 AIMR felt that too much attention is paid to the numbers and too little to the process that produces them. AIMR also pointed out that while audit costs may increase with increased auditor involvement in internal controls, the risk of audit failures would decrease. AIMR also expected that any increase in audit costs would be offset, at least partially, by the decreased cost of capital resulting from higher quality and more reliable information being made available to the financial markets. The Jenkins Committee and AIMR reports are discussed in more detail in chapters 5 and 6 of this report. -------------------- \25 Refer to table II.5, appendix II (GAO/AIMD-96-98A) for these and other recommendations pertaining to internal controls. \26 SAS 60. \27 Internal Control - Integrated Framework, Reporting to External Parties, the Committee of Sponsoring Organizations of the Treadway Commission, September 1992. \28 Internal Control - Integrated Framework, Addendum to Reporting External Parties, the Committee of Sponsoring Organizations of the Treadway Commission, May 1994. \29 SAS 78 amended SAS 55 and SAS 60. \30 Financial Derivatives: Actions Needed to Protect the Financial System (GAO/GGD-94-133, May 18, 1994). \31 Improving Business Reporting--A Customer Focus: Meeting the Information Needs of Investors and Creditors, Comprehensive Report of the Special Committee on Financial Reporting, AICPA, 1994. \32 Financial Reporting in the 1990's and Beyond, the Association for Investment Management and Research, 1993. ASSESSING INTERNAL CONTROLS IN FEDERAL ENTITIES -------------------------------------------------------- Chapter 3:5.1 Our own work on assessing the internal controls of federal government agencies and corporations has demonstrated the benefits of auditor involvement. Our reports covering controls over financial reporting, protection of assets, and compliance with laws and regulations have stimulated government agencies and corporations to take corrective action to improve the accuracy of financial reporting, reduce the risk of loss of assets, and deter violations of laws and regulations. We believe that expanded auditor involvement with the internal controls of business entities could produce similar results. Legislation to strengthen financial management and internal controls has been enacted for federal entities. For example, the concept for management reporting is well-established by the Federal Managers' Financial Integrity Act of 1982 (FMFIA) and the Chief Financial Officers (CFO) Act of 1990. FMFIA requires ongoing evaluations and annual public reports by heads of executive branch departments on the adequacy of internal accounting and administrative controls, as well as corrective measures to fix identified weaknesses. Moreover, FMFIA requires that internal controls provide reasonable assurance that obligations and costs are in compliance with applicable laws. The CFO Act extends the management reporting concept to government corporations and requires CFOs of executive branch departments to issue annual reports on the financial condition of their departments, including summaries of internal control weaknesses discussed in their latest FMFIA reports. Generally accepted government auditing standards (GAGAS), as well as private sector auditing standards, require the auditor to perform sufficient internal control work to understand the system of internal controls and test controls relied on in auditing the financial statements. However, generally accepted government auditing standards further require that auditors' findings related to their examination of internal controls and of compliance with laws and regulations be publicly reported. These reports on internal controls and compliance with laws and regulations are made in addition to the auditor's opinion on the financial statements. Additionally, for financial statement audits that we conduct, we have adopted a requirement to perform sufficient audit work to issue an opinion on the effectiveness of an entity's internal controls. MORE COMPREHENSIVE ASSESSMENT OF INTERNAL CONTROLS WOULD BE NEEDED TO ASSESS RISK OF COMPLEX BUSINESS OPERATIONS -------------------------------------------------------- Chapter 3:5.2 As mentioned above, controls that are not directly relied on in attesting to financial statements may not be tested by private-sector auditors. In addition, as discussed further in chapter 6, with the explosion in information technology, a greatly increased amount and variety of financial and nonfinancial information is now readily available to users. If auditors are engaged to provide assurance on this information, auditors will first need to focus on the reliability of the internal control systems producing this information. The losses suffered from derivatives activities is another example of where risk management policies and procedures are needed to manage the risks inherent in financial derivatives and highlights the importance of assessing the quality of risk management systems to control those risks. A recent publication explored the nature and consequences of business risks\33 that organizations are facing in today's environment and concludes that an effective internal control structure is essential to managing business risks.\34 The report discussed the need for a shift from evaluating controls that are focused only on financial risk to include evaluating controls that also focus on assessing business risk. -------------------- \33 Business risk is defined as the threat that an event or action will adversely affect an organization's ability to achieve its business objectives and execute its strategies successfully. \34 Managing Business Risks: An Integrated Approach, The Economist Intelligent Unit, in cooperation with Arthur Andersen, 1995. OBSERVATIONS ---------------------------------------------------------- Chapter 3:6 The accounting profession's response in the 1980s to the public expectation gap was a significant effort to clarify the auditor's responsibilities by issuing revised auditing standards to address areas of concern. Although these standards helped to clarify the auditor's role and responsibilities, they have not eliminated the public expectation gap, particularly with regard to the auditor's responsibility for fraud detection and determining the effectiveness of internal controls. The important issues of the auditor's responsibility for detecting and reporting fraud and for reporting on internal controls overlap since effective internal controls are the major line of defense in preventing and detecting fraud. Taken together, these issues raise the broader question of determining the proper scope of the auditor's work in auditing financial statements of publicly owned companies. We believe that auditor reporting on the effectiveness of internal controls is fundamental to successfully addressing the public expectation gap for fraud detection and interest in the effectiveness of internal controls. The accounting profession is now publicly supporting auditor reporting on internal controls and is actively working on new standards to heighten auditor initiatives in detecting fraud. However, the important linkage between these initiatives has not been made, and a major player to achieving success in narrowing the expectation gap for these responsibilities, the SEC, has not been not been convinced of the merits of reporting on internal controls. SEC support is critical to further progress on this important issue, as is the linkage of fraud detection and internal controls. The ASB's current proposal to strengthen audit standards for fraud detection is encouraging, but will not likely fully resolve the expectation gap. We believe the public may be holding the auditor responsible for preventing significant fraud as well as detecting and reporting fraud that is material to the financial statements. It also may be holding the auditor responsible for addressing other types of unauthorized behavior resulting from inadequate risk management controls. Therefore, the public expectation gap may be wider than the one currently being addressed by the accounting profession. Another important factor that will likely limit the effectiveness of already issued and proposed auditing standards concerning fraud is that auditors do not evaluate internal controls in a manner sufficient to form an opinion on their effectiveness to prevent and detect fraud and other types of failures in internal risk management systems of the companies they audit. While we support the ASB's current effort to provide more specific guidance to the auditor in planning and conducting the audit to detect fraud, we believe that the auditor would be more successful in preventing and detecting fraud if auditing standards were also revised for the auditor to accept more responsibility for the effectiveness of internal controls as a component of financial statement audits. The proposed guidance emphasizes the need for the auditor to exercise professional skepticism and pursue red flags to detect fraud. We believe such guidance is an important component of assessing risk and, accordingly, planning and conducting the audit. However, understanding and testing the effectiveness of internal controls is also critical in assessing risk and, accordingly, planning and conducting the audit. Control weaknesses are a major contributing cause of many of the notorious cases of management fraud, and good controls have long been recognized as a major line of defense against employee and supplier fraud. As evidenced by our work in reporting on internal controls and compliance with laws and regulations, auditors have the capacity to examine the adequacy of controls to prevent and detect fraud in financial reporting and in the acquisition, use, and disposition of assets. Extending the ASB proposal to include a full evaluation of internal controls to deter or detect significant fraud would provide greater assurance of detecting and preventing fraud and increase the chance of narrowing the expectation gap, but would also add somewhat more cost to the audit. The proposed ASB standard is likely to result in increased audit work, especially if conditions show a higher potential risk of fraud occurring. Likewise, conducting the audit to assess the effectiveness of internal controls will likely further increase costs over the current level of required work to meet auditing standards. For these reasons, the auditors' clients are likely to resist effective implementation of the proposal as well as expanding it as we have discussed. Also, even with the recently enacted Private Securities Litigation Reform Act of 1995, the profession remains concerned about the threat of litigation, impeding the profession's willingness to accept additional responsibilities for fraud detection. However, the public interest should be considered in addressing the issue of whether to extend the auditor's responsibility for internal controls. The savings and loan crisis demonstrated the cost to the public of weak internal controls. More recently, there have been large business losses and failures centering on weak controls over the use of derivatives. We expressed concern that this uncontrolled use of derivatives poses a systemic risk to the stability of the entire financial system. Strong internal controls would not only serve to protect against fraud, but could also serve a broader function of ensuring that important internal risk management policies are likely to be followed. Some bank regulators and managers recognized the value of auditors' examination of controls in implementing the FDICIA requirements for auditors to evaluate and report on the effectiveness of internal controls. The FDICIA reporting model could be extended to apply to all public companies. Although the auditor's client may not see the value of extending the auditor responsibility to assessing the effectiveness of internal controls at the present time, we expect that shifting the auditor/client relationship more toward the board of directors and audit committees, as suggested by the Kirk Panel, would increase the demand for such services. If boards of directors and their audit committees had the responsibility for overseeing risk management and the effectiveness of the controls to ensure that risk management policies were followed, we believe that most boards would call upon auditors to assist them in discharging that responsibility, and public reports on internal controls would likely result. We continue to believe that auditor reporting on the effectiveness of internal controls is necessary when public funds are at risk. Looking to the future, we believe that more pressure to extend the profession's responsibility with respect to the adequacy of internal controls is likely to develop. Business entities are moving into global markets, changing rapidly to meet customer demands, and engaging in complex financial transactions. These trends are causing balance sheet values to change quickly and are decreasing the relevancy of historical financial statements. As a result, safeguarding controls over assets becomes more important and the amount of particular assets at a single point in time becomes less important. This should increase management's interest in maintaining adequate controls as well as the interest of directors and users of financial statements in obtaining more information on the effectiveness of a company's internal controls. In that respect, auditors can better serve their business clients and other financial statement users by having a greater role in providing assurances for the effectiveness of internal controls in deterring fraudulent financial reporting, protecting assets, and providing an early warning of weaknesses that could lead to business failures. We believe that the accounting profession needs to consider how it might enhance the value to management of providing assurances on internal control. The internal control review that auditors make need not be a passive type of assurance. For example, ideas for improvements in controls and systems changes to reduce the cost of effective controls can be part of the product the auditor delivers. The auditor can also review those controls related to the efficiency and effectiveness of operations. Increased involvement in assessing the effectiveness of controls should enable the auditor to suggest improvements in operations. The SEC, the AICPA, and boards of directors are each major stakeholders in achieving audit requirements that are more likely to be able to provide reasonable assurance of detecting material fraud. Each of these parties needs to move toward actively supporting realistic auditing standards for detecting fraud that include assessing the effectiveness of internal controls. The SEC is a key player in providing the leadership to bring these parties together, reach agreement on reasonable auditing standards, and work with the AICPA to have the standards officially adopted by the ASB through the standard-setting process. In the long run, we expect that audits will be expanded to include internal control reporting, either because of market demand or some systemic crisis. COMMENTS AND OUR EVALUATION ---------------------------------------------------------- Chapter 3:7 The AICPA, the SEC Chief Accountant, and the POB provided comments on the major unresolved issue of the auditor's responsibility for reporting on the effectiveness of internal controls. In addition, the AICPA commented on the related major unresolved issue of the auditor's responsibility for detecting and reporting material fraud. The AICPA commented that it has proposed a new auditing standard to assist auditors in meeting their existing responsibility for fraud detection. We support the ASB's effort to provide more specific guidance to the auditor to detect fraud. However, we believe that the auditor would be more successful in preventing and detecting fraud if auditing standards were also revised to require the auditor to accept more responsibility for reporting on the effectiveness of internal controls. Our report also recognizes that significant barriers to achieving that objective exist, such as concerns over added audit cost and legal liability. However, the AICPA commented that it supports management and auditors' reports on internal controls as a means to make a positive, cost-effective contribution to the assurance system and to improve investor confidence in the integrity and reliability of the financial reporting process. Further, the AICPA stated it fully supports the FDICIA management and auditor reporting model that exists for large banks and thrifts. The SEC Chief Accountant recognized that there may be benefits associated with management or auditor reports on SEC registrants' internal control systems. He stated the SEC is currently focused on providing investors with enhanced accounting for and disclosure of market risk, inherent in derivative financial instruments; other financial instruments; and derivative commodity instruments. He further stated that without denying the importance of internal controls over activities involving financial instruments and assurances that those controls are working, focusing on providing more information on market risk may be a more appropriate priority for the SEC at this time. Providing investors with better information on risks and uncertainties is an important component of improved financial reporting as discussed in our report. However, we believe the SEC should continue to assess ways to bring about reporting on internal controls as a mandatory component of a financial statement audit. The POB commented that it was disappointed by the failure of the SEC to take action to mandate issuer and auditor reporting on internal controls. The POB agreed with us that such action would add immeasurably to the ability to prevent and detect fraud and would in general enhance the quality of financial reporting. We believe that SEC leadership is necessary to achieve reporting on the effectiveness of internal controls. The SEC, the AICPA, and boards of directors are major stakeholders in achieving realistic auditing standards for fraud and internal controls. However, the SEC is the key player in providing the leadership and in bringing these parties together. In addressing these issues, the SEC should also carefully weigh the public interest when considering the views of those who oppose reporting on the effectiveness of internal controls. We also believe that if the auditor/client relationship were to shift more toward the board of directors and audit committees, as suggested by the Kirk Panel, the demand for auditor services related to internal controls would increase. Further, if boards of directors and audit committees had the responsibility for the effectiveness of internal controls, we believe that boards would look to the auditors to assist them in discharging that responsibility. INITIATIVES TO IMPROVE AUDIT QUALITY ============================================================ Chapter 4 The audit is an important element in financial accountability because it subjects financial statements to scrutiny by an independent, knowledgeable professional. Problems with audits of public companies focused attention on the need to improve quality control mechanisms to ensure that professional audit standards were being met.\1 The current peer review program was a significant action taken by the profession to improve the quality of audits. While other issues discussed in this report, such as the auditor's responsibilities for fraud and internal controls and auditor independence, relate to the effectiveness of the audit process, the accounting profession's self-regulation program directly addresses audit quality. In addition, the profession's attention to issuing timely audit guidance and strengthening education requirements should assist in enhancing audit quality. Analyses of peer review reports show that the self-regulatory program is improving audit quality and that 90 percent of accounting firms that received a peer review during 1992 through 1994 received unqualified opinions on their quality control systems. Although many of the reports identified weaknesses, for most accounting firms reviewed, these weaknesses were not significant enough to result in a qualified opinion. The reports did show certain types of frequently recurring weaknesses that offer an opportunity for the accounting profession to further improve its quality control systems. -------------------- \1 Refer to table II.2, appendix II (GAO/AIMD-96-98A) for the recommendations made to improve audit quality. SELF-REGULATION ---------------------------------------------------------- Chapter 4:1 Certain aspects of the profession's current program of self-regulation grew out of concerns expressed in the mid-1970s by some members of the Congress, the SEC, and others. Questions, prompted by audit failures or purported audit failures, centered on the credibility of financial statements and related disclosures issued by public companies and the reliability and quality of the independent audit process. More specifically, these groups expressed concern that (1) businesses failed shortly after receiving a "clean" opinion from the auditor and (2) auditors did not adequately pursue red flags, properly report on the auditee's financial condition, and/or adequately document their work. In 1977, the Metcalf Subcommittee and the Cohen Commission called for (1) the establishment of an accounting profession oversight organization with authority to monitor auditor professionalism and independence, (2) the periodic inspections of the work of independent auditors, and (3) the preparation and issuance of quality control reports that are submitted to the SEC and are made available to the public.\2 In addition, recommendations made by several study groups called for more timely and detailed audit guidance and enhanced education and auditor awareness. To address concerns with audit quality, in 1977, the AICPA established the Division for CPA Firms with an SEC Practice Section to administer a voluntary self-regulatory program within the profession. The SEC Practice Section was designed to oversee the activities of independent public accounting firms (CPA firms) that audit companies whose securities are registered with the SEC, with the objectives of improving the quality of accounting and auditing practices by CPA firms and establishing and maintaining a system of self-regulation of member firms. The SEC Practice Section imposes membership requirements and administers two fundamental programs to help ensure that SEC registrants are audited by member accounting firms with adequate quality control systems: (1) peer review and (2) quality control inquiry. Also in 1977, the AICPA formed the POB, independent of the Division, to oversee the activities of the SEC Practice Section and represent the public interest on all matters and developments that may affect public confidence in the integrity of the audit process.\3 For example, the POB represents the public interest when (1) the SEC Practice Section sets, revises, or enforces standards, membership requirements, and rules or procedures and (2) when the SEC Practice Section considers the results of individual peer reviews or the possible quality control implications of litigation alleging audit failure. -------------------- \2 The Metcalf Subcommittee intended for these recommendations to be mandatory for all accounting firms that audit public companies in order to have an effective program of self-regulation. However, the Cohen Commission believed that a voluntary program would provide effective oversight, and, accordingly, stated that its recommendations in this area could be implemented voluntarily by individual firms. \3 The POB is an autonomous body of five members with a broad spectrum of business, professional, regulatory, and legislative experience. The Board ensures its independence by appointing its own members, chairperson, and staff; setting its own budget; and establishing its own operating procedures. PEER REVIEW PROGRAM -------------------------------------------------------- Chapter 4:1.1 To assist the SEC Practice Section in its oversight of the profession, the AICPA in 1977 initially established a voluntary peer review program that in 1990 was made mandatory for all SEC Practice Section members. The objectives of the triennial peer review program are to determine whether a reviewed firm's system of quality control for its accounting and auditing practices is appropriately comprehensive and suitably designed, and whether a firm's quality control policies and procedures are adequately documented, communicated to professional personnel, and complied with so as to provide the firm with reasonable assurance that it is conforming with professional standards and SEC Practice Section membership requirements.\4 The SEC Practice Section Peer Review Committee is responsible for administering the peer review program. Peer reviews are performed by CPA firms that have received an unqualified report on their own peer review, by a team appointed by the AICPA, or by an authorized association of CPA firms. Published standards and guidelines assist those responsible for conducting and reporting on peer reviews. Upon completion of a review, the peer review team issues a report to the reviewed firm containing a statement of the scope of the review, a description of the general characteristics of a system of quality control, and the team's opinion as to whether the reviewed firm's quality control system met the objectives of established quality control standards and was being complied with to provide the firm with reasonable assurance of conforming with professional standards and the SEC Practice Section membership requirements. An unqualified report indicates satisfaction with the firm's quality control system and compliance with standards and membership requirements. A report is modified if the review discloses significant deficiencies in or lack of compliance with the firm's quality control policies and procedures, a significant lack of compliance with membership requirements of the Section; it is also modified if the scope of the review is limited as to preclude the application of review procedures considered necessary.\5 Along with the peer review report, the review team will also issue a letter of comments to the reviewed firm if, during the course of its review, the team discovers quality control matters that require action by the firm. A firm will receive a letter of comments when it has more than a remote chance of not conforming with professional standards. According to the AICPA's quality control guidance, remote means the chances are slight that the reviewed firm would not conform with professional standards on accounting and auditing engagements. It is considered a low threshold for identifying a weakness, and therefore, most peer reviews would be expected to result in a letter of comments to the accounting firm. The letter discusses the matters that require corrective action and provides recommendations for improvement in the reviewed firm's quality control system. The letter of comments is used by the peer review team to address matters serious enough to modify the peer review report as well as less significant matters that require corrective action by the accounting firms. For each item included in the letter of comments, the reviewed firm is required to respond in writing with its actions taken or planned with respect to each recommended improvement, or the reasons the firm disagrees with the conclusions of the review team. The reviewed firm is responsible for providing the SEC Practice Section Peer Review Committee the report, letter of comments, and the firm's responses. The Peer Review Committee evaluates each report, letter of comments, and the reviewed firm's response to determine the appropriateness of the opinion and whether additional corrective action is necessary. These evaluations require mature and thoughtful judgment because there are no quantitative criteria that can be used to measure the significance of perceived deficiencies. Upon final acceptance by the Committee, the peer review report, letter of comments, and reviewed firm's responses are considered official and are made available to the public. Until 1990, membership in the SEC Practice Section was voluntary. As a result, many firms auditing SEC registrants were not members and therefore were not subject to an SEC Practice Section peer review. However, in response to critics of the profession's program and to recommendations made in the mid-1980s by GAO, Price Waterhouse, the Big 7, the AICPA's Anderson Committee, and the Treadway Commission, the AICPA revised its bylaws so that beginning in 1990, all AICPA member firms that audit SEC registrants are required to be members of the SEC Practice Section. This change resulted in an increase in SEC Practice Section membership from 519 firms in June 1989 to 1,257 firms in August 1995, and a corresponding increase in the number of firms undergoing a peer review. These firms audit about 97 percent of SEC registrants.\6 In April 1987, the SEC proposed rules that would have required all SEC registrants to be audited by a firm that had undergone a peer review of its accounting and auditing practices within the last 3 years. However, the SEC decided not to issue any rules because of questions about the SEC's authority to require mandatory peer review, along with cost-benefit considerations and other issues. Also, in line with recommendations from the Treadway Commission, the SEC Practice Section peer review standards were revised to place more emphasis on the audits of a CPA firm's new clients that are SEC registrants. The new standards were effective for peer review years beginning after January 1, 1988. In 1995, the SEC Practice Section revised its concurring partner review requirements to specify that the concurring partner's review should be sufficient to provide the member firm with additional assurances that audit risk has been restricted to a level acceptable to the firm.\7 The revised requirement suggests the extent of inquiry about the conduct of the audit that should be made of the engagement partner and documentation that should be reviewed by the concurring partner. The peer review program has provided both professional accounting and auditing-related organizations, such as the AICPA, the POB, and the SEC, and the individual public accounting firms with critical information on the quality of work performed and the ability of a firm's quality control processes to help ensure compliance with GAAS. These organizations have also said that the SEC Practice Section's peer review program has resulted in a strengthened audit function. For example, statistics indicate that firms that received a modified report on their first peer review are significantly less likely to receive such a report on their second or later reviews.\8 It is also important to note that the number of modified peer review reports (83) was highest in 1991--the year in which the most initial peer reviews (300) were conducted. In addition, statistics developed by the SEC Practice Section show that only about 11 percent of the 1,463 peer review reports issued for 1990 through 1993 were modified. Similarly, our analysis of the 724 peer review reports issued for accounting firms that audited SEC registrants during 1992 through 1994 showed that about 10 percent of the reports issued were modified. Our analysis also showed that no large firms (firms that audit 30 or more SEC registrants received a modified report. According to September 1995 SEC data, the six largest firms (commonly referred to as the Big 6 accounting firms) audit approximately 81 percent of all SEC registrants audited by SEC Practice Section members. The most frequently cited factor contributing to a modified peer review opinion was inadequate concurring partner reviews of the audit work performed and of the related audit report. Other types of problems frequently identified through peer review, the substance of which were usually not serious enough to modify the peer review opinion, included weaknesses in the reviewed firm's quality control policies and procedures; deficiencies in the audit work performed and/or related financial statements; and noncompliance with SEC Practice Section membership requirements, such as auditors of the CPA firm not meeting continuing education requirements. The more serious weaknesses that resulted in a modified report as well as the less significant weaknesses are discussed in a letter of comments along with recommended corrective actions. For example, regarding deficiencies in the audit work performed, the peer reviews found a number of instances of inadequate working paper documentation that involved not clearly documenting the basis for audit decisions or insufficient documentation of audit work performed. Such deficiencies would be included in a letter of comments. However, widespread documentation deficiencies would be considered a significant breakdown in the accounting firm's quality control system and would result in a modified peer review report. We found that, for SEC Practice Section member firms, 553 of the 724 peer review reports issued for 1992 through 1994, or about 76 percent, included a letter of comments. However, 477 of the 553 letter of comments issued, or about 86 percent, only addressed matters that were not significant enough to modify the opinion on a firm's quality control processes. In response to peer review findings, and depending on the significance of the weaknesses identified, a variety of actions have been planned or taken. For example, the audit reports and/or financial statements were recalled or reissued, the subsequent year financial statements were corrected, additional audit procedures were performed, documentation to auditor working papers was added to evidence audit work performed, and other deficiencies were to be corrected in future audits. These actions indicate that the peer review process has helped to ensure that more accurate and appropriate information is available to investors and other third-party users. -------------------- \4 In 1979, the AICPA established quality control standards governing the conduct of a firm's audit practice as a whole (as compared with GAAS, which relate to individual audit engagements). The elements of quality control are currently identified in the AICPA's Statement on Quality Control Standards No. 2, System of Quality Control for a CPA Firm's Accounting and Auditing Practice. Adherence to quality control standards is a membership requirement of the SEC Practice Section. The quality control standards are broad in nature, covering all of the firm's activities that have a bearing on the quality of its accounting and auditing services. \5 A modified report can either be qualified or adverse, or it may include a disclaimer of opinion. A qualified opinion identifies significant deficiencies in the firm's quality control processes or in compliance with the processes. An adverse opinion indicates the processes, or compliance with them, are not adequate. A disclaimer of opinion is issued when limitations on the scope are so significant that the review team cannot form an overall opinion. No disclaimers of opinion were issued through 1994. \6 SEC and SEC Practice Section data as of July and August 1995 show that of the approximately 16,000 SEC registrants, about 460 are audited by accounting firms that are not members of the SEC Practice Section. \7 A concurrent partner review is a review conducted by another partner in the CPA firm, in addition to the review conducted by the partner directly responsible for the audit (the engagement partner). \8 SEC Practice Section Annual Report, AICPA, June 30, 1994. QUALITY CONTROL INQUIRY -------------------------------------------------------- Chapter 4:1.2 The quality control inquiry process, administered by the SEC Practice Section's Quality Control Inquiry Committee (QCIC)\9 and overseen by the POB, supplements the peer review process. Members of the SEC Practice Section are required to report lawsuits made by clients to the QCIC within 30 days of being served. This requirement includes all litigation involving the firm or its personnel, or any publicly announced investigation by a regulatory agency, that alleges deficiencies in the conduct of an audit of an SEC registrant and certain other entities. The QCIC determines whether allegations of audit failure against SEC Practice Section member firms involving SEC registrants indicate a need for those firms to take corrective actions to strengthen their quality control systems or to address personnel deficiencies. In addition, consideration of such allegations may also raise questions that lead to reconsideration or interpretation of professional standards or suggest audit practice issues where practical guidance would benefit practitioners. The QCIC refers such issues to the appropriate AICPA technical bodies and/or to the AICPA Professional Issues Task Force (PITF).\10 The QCIC also occasionally becomes aware of behavior by individual CPAs that warrants investigation. The QCIC refers such matters to the AICPA Professional Ethics Division. According to the POB's 1994-1995 Annual Report, for the period November 1979 through June 1995, the QCIC took 159 actions related to member firms including such actions as a special review by the QCIC or expanding the firm's regularly scheduled peer review. The QCIC also referred 28 individual CPAs to the AICPA's Professional Ethics Division for investigation. For this same period, there were 52 instances in which the QCIC asked either an AICPA technical body to consider the need for changes in, or guidance on, professional standards or the PITF to consider the issuance of a practice alert. Accordingly, the QCIC's analysis has acted as an early warning system, drawing attention to accounting and auditing problems. -------------------- \9 Formerly known as the AICPA's Special Investigations Committee. \10 The PITF was established in response to the POB's 1993 report, In the Public Interest, to accumulate and consider practice issues that appear to present high audit risk and to disseminate relevant guidance (via "practice alerts"). The PITF also refers matters that may require a reconsideration of existing standards to appropriate standard-setting bodies. SEC OVERSIGHT -------------------------------------------------------- Chapter 4:1.3 The SEC also oversees and evaluates the accounting profession's audit quality programs. For example, each year the SEC's Office of the Chief Accountant reviews a random sample of the SEC Practice Section's peer reviews, including a review of peer reviewers' working papers and the POB's oversight files. The SEC reviews the QCIC process and related POB activities and also meets periodically with QCIC staff to discuss matters of mutual interest, including changes that the SEC believes would make the QCIC process more effective. STATE BOARDS OF ACCOUNTANCY -------------------------------------------------------- Chapter 4:1.4 State boards of accountancy also play a role in contributing to improving the quality of audits. State boards of accountancy, established by statute, regulate the practice of public accountancy within their jurisdictions. Each state board has adopted rules of professional conduct, including audit standards, and can take disciplinary action against licensees who violate these rules or standards. This includes the authority to revoke, suspend, or otherwise impair a CPA's license to practice, assess fines, as well as to take actions that are more remedial in nature such as instituting additional continuing professional education requirements and follow-up reviews of subsequent audits. Referrals of alleged poor quality audits to a state board of accountancy can be made by private-sector officials, government officials, or individuals.\11 -------------------- \11 The subject of a referral can be the audit, the individuals performing the audit, or the audit firm. However, once the referral is made, state boards determine the responsible individuals involved in performing the audit. AUDIT STANDARDS AND GUIDANCE ---------------------------------------------------------- Chapter 4:2 Audit standards are necessary to help ensure that audits of financial statements are conducted in a quality manner. As of June 1996, the ASB has issued 79 auditing standards that relate to audit quality, reporting, and related subjects. The ASB also issues attestation standards for CPAs, providing assurances on representations other than historical financial statements and in forms other than the assurance given about financial statements. As of June 30, 1996, the ASB has issued six attestation standards providing guidance on engagements concerning topics such as financial forecasts and projections, pro forma financial statements, reporting on internal controls, agreed-upon procedures, and compliance attestations. The AICPA also issues audit interpretations and audit guides to provide guidance on the application of audit and attest standards. As of June 30, 1996, there were 25 audit guides in use (20 industry audit guides and 5 general audit guides). Auditors and others rely heavily on these audit guides for the specialized accounting and auditing practices of particular industries. While audit interpretations and the audit guidance in the audit guides are not as authoritative as audit standards, auditors may have to justify departures from the interpretations and guides if the quality of their work is questioned. The AICPA has specialized committees that monitor changes in the industries in order to keep audit guides current. However, several of our reports on audit quality found that the AICPA had not done a good job of providing timely, clear, and/or sufficient guidance that adequately reflected the nature of specific industries or the changes in the environment affecting those industries.\12 This was particularly evident in our review of audits of failed savings and loans and employee benefit plans. Since the issuance of our reports, the AICPA has issued revised audit guides that were responsive to our recommendations. In addition, the AICPA has taken steps to improve the timeliness of audit guidance, such as issuing audit risk alerts and audit guides in loose-leaf form, which is a more timely process than, for example, reissuing a particular audit guide. The AICPA has also issued a number of publications that provide the latest developments in auditing, in general, and in a number of specialized industries, and to provide practical assistance. These publications include audit risk alerts, practice alerts, auditing procedures studies, and articles published in the AICPA's CPA Letter and Journal of Accountancy. -------------------- \12 CPA Audit Quality: Failures of CPA Audits to Identify and Report Significant Savings and Loan Problems (GAO/AFMD-89-45, February 2, 1989); CPA Audit Quality: Status of Actions Taken to Improve Auditing and Financial Reporting of Public Companies (GAO/AFMD-89-38, March 1989); and Employee Benefits: Improved Plan Reporting and CPA Audits Can Increase Protection Under ERISA (GAO/AFMD-92-14, April 9, 1992). AUDITOR EDUCATION AND TRAINING ---------------------------------------------------------- Chapter 4:3 The need to expand undergraduate accounting curricula from 4 to 5 years has been a frequent topic of discussion over the years. Some universities and states now require 5 years of study (or 150 credit hours) for accounting majors. The AICPA has supported this expansion and is currently developing strategies to assist states in planning legislation to enact the 150-hour education requirement by the year 2000 for entry into the accounting profession. The AICPA is undertaking this initiative to enhance the quality, appropriateness, and value of the education of accountants. Continuing professional education (CPE) influences the quality of work performed by independent public accountants. CPAs are expected to maintain their professional competence through a regular program of continuing professional education. Continuing professional education requirements for CPAs are set by the state board of accountancy of the jurisdiction licensing the individual professional as well as indirectly through membership in the SEC Practice Section of the AICPA.\13 In January 1995, the SEC Practice Section revised its CPE requirements. These new requirements are designed to ensure that audit professionals obtain a substantial portion of their required hours of CPEs in accounting and auditing subjects. Generally, CPA firm professional staff must obtain at least 20 hours of qualifying CPEs every year and at least 120 hours every 3 years. Under the new rules, professionals devoting at least 25 percent of their time to performing or supervising audits, reviews, or other attest engagements (excluding compilations) must obtain at least 40 percent of their required CPEs in subjects related to accounting and auditing.\14 The AICPA currently is undertaking an initiative to improve the appropriateness, quality, value, availability, and delivery of professional education for CPAs. -------------------- \13 GAGAS, issued by GAO, contain CPE requirements for audits of government organizations, programs, activities, and functions, and of government assistance received by contractors, nonprofit organizations, and other nongovernment organizations. \14 GAGAS require each auditor conducting audits that must adhere to the standards to complete at least 80 hours of continuing education and training every 2 years. At least 20 hours should be completed in any 1 year of the 2-year period. Auditors responsible for planning or directing the audit, conducting substantial portions of the fieldwork, or reporting on the audit should complete at least 24 of the 80 hours in subjects directly related to the government environment and to government auditing. CERTAIN TYPES OF AUDIT QUALITY CONTROL WEAKNESSES ARE CONTINUING PROBLEM AREAS ---------------------------------------------------------- Chapter 4:4 As previously discussed, analysis of peer review results shows that the peer review program has been successful in strengthening the audit function. Peer review results also show that accounting firms are continuing to experience audit documentation and audit reporting problems, areas which have been the concern of past studies of auditor performance. Although the vast majority of these deficiencies are not considered serious enough by the peer reviewers to qualify their reports, repeated finding of these types of deficiencies is troubling. GAAS require auditors to obtain and document in the working papers sufficient evidence to support the auditor's opinion on financial statements and prescribes specific audit report language. GAAP prescribes financial statement form and content. Our analysis of the 553 letters of comments issued in conjunction with peer reviews performed from 1992 through 1994 showed that 402, or about 73 percent, of the letters cited documentation deficiencies, with no major difference regarding the frequency of such deficiencies among the smallest CPA firms (firms that audit fewer than five SEC registrants) and those CPA firms that audit 30 or more SEC registrants. Documentation deficiencies occurred in important areas of the audit, such as the analytical procedures performed, accounts receivable, internal controls, sampling methodologies, risk analysis, and the establishment of materiality levels used by auditors when evaluating the significance of financial statement accounts. In addition, auditors did not always adequately document their consultations with experts on accounting/auditing issues or their communications with company audit committee members. Further, concurring partners did not always document their review in the audit working papers. Of the 402 letters of comments that disclosed documentation deficiencies, in 69 cases, or about 17 percent, documentation problems were considered serious enough to cause a modified opinion on the firm's quality control processes. Our analysis also showed that about 214, or about 39 percent, of the 553 letters of comments issued in connection with peer reviews performed from 1992 through 1994 cited inadequate financial statement disclosures, departure from required audit reporting language, and other reporting deficiencies. This percentage was slightly less for CPA firms that audited 30 or more SEC registrants. Noncompliance with GAAP and/or GAAS occurred in several areas, including related party transactions, income taxes, pension funds, and the concentration of credit risks. In some cases, the reporting deficiencies identified were serious enough to recall and revise the audit report and related financial statements to make them conform with GAAP. Of the 214 letters of comments that disclosed reporting deficiencies, in 47 cases, or in about 22 percent of the letters, reporting problems were considered serious enough to cause a modified opinion on the firm's quality control processes. During a firm's subsequent peer review, the review team evaluates the effectiveness of actions taken by the firm in relation to the prior review's findings. If similar findings reoccur, the subsequent letter of comments will disclose the fact that a particular deficiency was also identified in the firm's prior review. Our review of 553 letters of comments issued for 1992 through 1994 showed that 73, or about 13 percent of the letters, noted that a specific deficiency had been cited in the firm's previous peer review report. Recurring deficiencies raise questions concerning the effectiveness of the firm's corrective actions. The AICPA's general audit risk alerts contain a section that sets forth certain reminders to auditors based on frequently recurring comments noted in peer review letters of comments. Our review of audit risk alerts for the last several years highlights the fact that problems discovered through peer review, even though disclosed in the audit risk alerts, continue to occur. Types of recurring problems reported in recent audit risk alerts include deficiencies in working paper documentation, written audit programs, financial statement disclosures, communication with audit committees, communication of internal control related matters, and obtaining and documenting an understanding of the client's internal control system. OBSERVATIONS ---------------------------------------------------------- Chapter 4:5 The accounting profession has been responsive to concerns about audit quality. The AICPA has instituted and strengthened monitoring and disciplinary mechanisms to improve audit quality. For example, the AICPA established a peer review program, created the QCIC to investigate audit deficiencies, and created the POB to represent the public interest. The AICPA also strengthened concurring partner review requirements to improve audit quality. To address concerns about the timeliness of auditing guidance, the AICPA now issues audit risk alerts and industry accounting and audit guides in a loose-leaf format. The AICPA also restructured professional standards, which, among other things, increased continuing education requirements for its members. The results of peer reviews show that the AICPA's program has had a positive impact on audit quality. Firms that audit the vast majority of SEC registrants are undergoing peer review, and statistics show that the number of modified peer review reports decreased substantially since 1991--the year in which most initial peer reviews were conducted. The percentage of modified peer review reports is now relatively low. These findings show that the peer review program is effective in improving and maintaining audit quality. Generally, the peer review results show that smaller CPA firms (firms that audit fewer than 30 SEC registrants) have more serious problems with the quality of audits than the large firms. However, audit documentation and reporting problems are weaknesses that continue to be frequently found regardless of the size of the firm. Although audit documentation deficiencies are occurring in important areas of the audit, such as risk analysis and setting materiality levels, they may be considered a less serious problem in that sufficient audit work was usually done, but the written evidence of the work having been done was insufficient. These types of deficiencies may be the result of auditors' emphasis on getting the job done at the least cost. Reporting problems are more serious, especially those involving inadequate disclosure, since the public is receiving information that is not fully presented in accordance with standards. The accounting profession's efforts to improve audit quality are impressive. However, continuing reporting and documentation weaknesses can detract from the credibility of the profession and expose the firms in the event of a business failure and resulting lawsuit. Closer attention to audit supervision, which may be achieved in part through the AICPA's enhanced requirements for concurrent partner review, should help to prevent or lessen documentation and reporting deficiencies. COMMENTS AND OUR EVALUATION ---------------------------------------------------------- Chapter 4:6 The AICPA and the POB provided comments on the accounting profession's efforts to improve audit quality through the peer review program. Both the AICPA and the POB were pleased with our positive findings regarding the effectiveness of the peer review program and stated they will continue to seek ways to strengthen audit quality. With respect to the specific audit documentation and reporting deficiencies we noted, the AICPA stated the SEC Practice Section is currently considering what additional steps firms or the SEC Practice Section should take to improve this situation. ACCOUNTING AND AUDITING STANDARD SETTING AND THE FINANCIAL REPORTING MODEL ============================================================ Chapter 5 The structure for setting accounting and auditing standards has evolved since the SEC was established in 1934. The current structure, which has resulted from the recommendations of many studies largely since the 1970s,\1 is designed to include professional expertise and broad participation in setting standards in order to be more responsive to the needs of those who rely on financial statements. Although the accounting profession has taken efforts to encourage public participation in standard setting, these efforts have not been as successful compared with participation by other groups, such as financial statement preparers and accountants. Further, concerns continue over the timeliness of issuing accounting standards and the relevance and usefulness of historical cost-based financial reporting. Pressures from self-interest groups and the difficulties of working with the current financial reporting model that is a complex mix of historical and more current values may be contributing to the accounting profession's difficulty in setting timely and relevant accounting standards for financial reporting. However, standard setting is inherently difficult and controversial. Recent studies have identified the need for a more comprehensive model of business reporting that would include the current mixed-attribute financial reporting, but also provide users with forward-looking information and other financial and nonfinancial information to help users understand the business.\2 The standard setters and the SEC are considering the studies, but major barriers, such as concerns over cost, current financial statement disclosure overload, and litigation, must be resolved. These are reasonable concerns, and it will take strong leadership to improve the relevance and usefulness of financial reporting. -------------------- \1 Refer to tables II.3 and II.4, appendix II (GAO/AIMD-96-98A) for the recommendations made to improve standard setting. \2 Refer to table II.5, appendix II (GAO/AIMD-96-98A) for the recommendations concerning financial reporting. FORMING THE STANDARD-SETTING STRUCTURE AND PROCESSES ---------------------------------------------------------- Chapter 5:1 Since the collapse of the stock market in 1929, the public has looked to the federal government to protect its interests and particularly the interests of the investing community. The Securities Exchange Act of 1934 established the SEC to regulate securities offerings and capital markets. The Act gave the SEC specific authority to establish rules governing financial reports of public companies to ensure full and fair financial reporting. In 1938, the SEC formally delegated responsibility for establishing financial accounting and reporting standards for public companies to the accounting profession and has permitted the accounting profession to set auditing standards for itself.\3 Acting on this delegation of authority, the accounting profession over the years has established several standard-setting bodies to set accounting and auditing standards. In 1938, the AICPA authorized its Committee on Accounting Procedure (CAP) to issue accounting standards. The Committee was active for 20 years and issued 51 accounting research bulletins defining "generally accepted accounting principles." In response to criticisms that the standards issued by CAP allowed for widely divergent alternative accounting practices, and the need for a greater full-time research support, in 1959, the AICPA replaced CAP with the Accounting Principles Board (APB). In its 14 years of existence, the APB issued 31 opinions dealing with particular accounting practices before it was replaced in 1973 by FASB as discussed below. The development of auditing standards can be traced back to at least 1917, when the American Institute of Accountants (predecessor to the AICPA) issued a memorandum on balance sheet audits for the Federal Trade Commission. The movement toward standardization in auditing resulted primarily from the negative findings in the McKesson & Robbins fraud case in the late 1930s, which demonstrated that auditors needed much more guidance to enable them to meet their responsibilities to stockholders and the general public. In response, in 1939, the AICPA established the Committee on Auditing Procedure (CAuP) to provide guidance on the procedures practitioners should follow in auditing financial statements. In 1972, the AICPA shifted its emphasis from providing guidance on audit procedures to defining broad audit standards that practitioners should satisfy. Reflecting this change, the CAuP was replaced by the Auditing Standards Executive Committee (AudSEC). As discussed below, the AudSEC was replaced in 1978 by the current audit standard-setting body, the ASB. In the late 1960s, the rapid expansion of accounting firms, increasingly complex and innovative business practices, and the rise of corporate mergers caused problems that created a wave of criticism of corporate financial reporting. Several study groups, formed to address concerns with the accounting and auditing standard-setting processes, reported that the processes did not adequately serve the public interest because groups outside the profession, such as investors and creditors, did not participate meaningfully in developing standards. The groups also reported that the accounting profession's standard setters did not have the necessary means to develop high-quality standards in a timely manner. Further, several groups reported that auditing standards did not define the auditor's responsibilities in accordance with public expectations of auditors. -------------------- \3 The accounting profession actually began setting accounting standards in 1934 in conjunction with the New York Stock Exchange. The SEC's delegation of authority accelerated the AICPA's movement toward standard setting. STRUCTURAL CHANGES SINCE 1972 AND USER PARTICIPATION IN SETTING ACCOUNTING STANDARDS ---------------------------------------------------------- Chapter 5:2 In 1971, the AICPA appointed a study group on the establishment of accounting principles (Wheat Committee) to make recommendations for improving the process of setting accounting standards. The Wheat Committee's 1972 report concluded that the responsibility for accounting standards should stay within the private sector, but should be removed from the AICPA and vested in a full-time, salaried, independent accounting standards board.\4 Appointments to the board as well as funding for the board and oversight of its operations would be the responsibility of an independent foundation comprising several organizations including those representing the profession, preparers, users, and educators.\5 The Wheat Committee also suggested that an advisory council be created to advise the accounting standards board about its priorities, help it to set up task forces, react to proposed standards, and otherwise assist the board. The Committee believed its suggested structure would allow for a standard-setting board that would be seen as independent and that would be able to attain better results faster. The Committee also noted that such a structure would facilitate broader participation in standard setting by drawing on a number of important groups affected by the standards. In addition, the Committee believed that standards developed under this arrangement would benefit the public interest because they would have a broad base of support and be developed by individuals possessing a wide range of expertise. The accounting profession responded to the concerns and recommendations of the Wheat Committee by revamping the accounting standard-setting process. In 1972, the AICPA and other sponsoring organizations established a three-part independent organization to set financial accounting and reporting standards for private-sector entities, including business and not-for-profit organizations. The organization is composed of FASB, the Financial Accounting Foundation (FAF), and the Financial Accounting Standards Advisory Council (FASAC). FASB, which began operations in 1973, is the private body that establishes authoritative financial accounting and reporting standards. FASB is composed of seven full-time members. The members are required to sever all ties with their former employers upon appointment. According to the FASB members, this has helped them to focus on user needs and the public interest while setting standards.\6 The FASB members are appointed for 5-year terms and are eligible for reappointment for one additional 5-year term. FAF is the parent organization.\7 FAF trustees appoint members to FASB, raise funds for its activities, and exercise general oversight over the standard-setting process. To help protect FASB from undue influence by any one group, FAF's trustees are elected by representatives of FAF's sponsoring organizations.\8 As of June 1996, membership of FAF's 16-member board of trustees included 5 trustees who represented preparers, investment professionals, and other business interests; 4 trustees from the profession; 3 from government; 1 from academia; and 1 who represented the public at-large.\9 By nature of that membership, the public was relatively under-represented. About two-thirds of FASB's funding comes from sales of subscriptions and publications, with most of the remaining contributed by the accounting profession and the preparers of financial statements.\10 FASAC was instituted to provide advice to FASB on technical issues, project priorities, selection of task forces, and other matters likely to concern FASB. FAF trustees appoint FASAC members to 1-year terms (terms are renewable, generally not to exceed four consecutive terms), and, according to FAF officials, the trustees attempt to balance views by appointing as members representatives of users, preparers, auditors, and educators. To increase standard setters' focus on the information needs of users and to encourage users to increase the level of their involvement in the standard-setting process, in 1996, FASAC increased by two the number of seats held by users and decreased by one the number of seats held by preparers. However, users of financial statements still have relatively far less representation which, in part, may be a function of their relatively lesser expertise in the subject. As of May 1996, there were 33 FASAC members of whom 12 percent represented users, 43 percent represented preparers, and 27 percent represented auditors. The remaining 18 percent represented educators and others. Further, although FAF attempts to balance the interests of members in appointing FASAC members, as a member of FASAC, we have observed what appear to be some views expressed at FASAC meetings that do not objectively address the merits of the accounting issue under discussion. Reports of the Moss and Metcalf Subcommittees issued in 1976\11 and 1977,\12 respectively, stressed the importance of public participation in standard setting. For example, the Metcalf Subcommittee's 1977 staff study stated that public participation and strong oversight by the Congress are essential to safeguarding the public interest in any standard-setting procedure adopted. This statement was made based on the theory that in many cases, the problems which led to corporate failures and financial difficulties were caused or aggravated by the use of accounting practices which failed to reflect accurately the substance of corporate business activity. The staff study recommended that the federal government, such as the SEC, GAO, or a federal board, should set accounting standards in order to ensure that the public interest is protected. Similarly, the Moss Subcommittee recommended that the SEC, as part of its role in ensuring an adequate system of corporate accountability, should set accounting standards. The Metcalf Subcommittee, while believing it was acceptable for the private sector to set accounting standards, also felt the SEC needed to more vigorously oversee the standard-setting process to ensure that the public interest is protected. The SEC has taken the position that FASB should continue to set accounting standards for the private sector. The SEC stated that it will act directly to establish proper accounting standards if FASB fails to act within a reasonable time, or when fair presentation of financial information would not otherwise be achieved.\13 To date, one case where the SEC "nullified" a FASB statement occurred in the late 1970s and involved oil and gas accounting. However, the SEC does express its views on standards proposed by FASB and may not always fully agree with final standards adopted by FASB. For example, the SEC believed that a 1994 FASB statement\14 concerning disclosures of financial instruments did not fully satisfy the need for qualitative and quantitative disclosures of derivatives policies and activities. In December 1995, the SEC proposed regulations to expand requirements for financial statement disclosures of derivatives policies and activities. FASB members and their staff told us that they have continued to seek ways to broaden participation in standard setting. These efforts are reflected in FASB's mission statement, its formal standard-setting process, and its strategic planning initiative.\15 FASB's stated mission is to establish and improve standards of financial accounting and reporting for the guidance and education of the public, including issuers, auditors, and users of financial information. To achieve this, the FAF trustees have appointed CPAs, financial statement preparers and users, and educators to FASB. FAF officials and FASB members stated that this has allowed FASB to draw on a broad range of expertise and has encouraged all constituency groups to participate in setting standards. In addition, FASB has developed an extensive deliberative process, which in its view includes more demanding requirements to enable public participation than are included in the Administrative Procedure Act.\16 FASB's rules of procedure require that all its meetings be open to the public. Its deliberative process includes preliminary evaluation of a problem, admission of a project to its agenda, early deliberations, tentative resolution, further deliberations, and final resolution. According to FASB members and their staff, obtaining input from various constituency groups is a key activity, especially during their deliberations. FASB solicits participation by issuing discussion memorandums, invitations to comment, and exposure drafts of proposed standards. FASB members told us that users have not participated in standard setting to the extent of preparers and auditors, and that they have made special efforts to obtain input from this constituency group. Also, as mentioned above, FASB's current strategic planning initiative includes as one of its objectives to build broader acceptance for its process among constituents, including users, preparers, academicians, and auditors. -------------------- \4 Establishing Financial Accounting Standards, Report of the Study on Establishment of Accounting Principles, AICPA, March 1972. \5 At the time the Wheat Committee reviewed the standard-setting process, the APB, composed of 18 part-time volunteer members--all of whom were AICPA members--set accounting standards. \6 Use of the reference to FASB board members in this report refers to the views of individual board members whom we interviewed and does not represent the official position of FASB. \7 FAF is organized as a not-for-profit corporation under Section 501(c)(3) of the Internal Revenue Code. \8 FAF consists of 16 trustees, 13 of whom are elected by representatives of FAF's sponsoring organizations and 3 of whom are elected by the other trustees. The sponsoring organizations are the AICPA; the American Accounting Association; AIMR; the Financial Executives Institute; the Securities Industry Association; the National Association of State Auditors, Controllers, and Treasurers; the Institute of Management Accountants; and the Government Finance Officers Association. \9 At that time, FAF, at the urging of the SEC, was considering the appointment of four additional public representatives to replace two vacant positions previously held by preparers of financial statements and two positions currently held by a preparer and a representative of the accounting profession. A later section of this chapter, "Pressures Challenge FASB's Independence," discusses the agreement reached by FAF and the SEC. \10 According to FAF's 1995 annual report, contributions to FASB, which accounted for 32 percent of FASB's operating revenue in 1995, were received from the following groups: 55 percent from the accounting profession, 37 percent from industry, and 8 percent from other groups. Sales of subscriptions and publications accounted for 68 percent of FASB's operating revenue in 1995. \11 Federal Regulation and Regulatory Reform, Report by the Subcommittee on Oversight and Investigations of the House Committee on Interstate and Foreign Commerce, October 1976. \12 The Accounting Establishment, Staff Study prepared by the Subcommittee on Reports, Accounting, and Management of the Senate Committee on Government Operations, printed March 31, 1977, and Improving the Accountability of Publicly Owned Corporations and Their Auditors, Report of the Subcommittee on Reports, Accounting, and Management of the Senate Committee on Governmental Affairs, November 1977. \13 SEC testimony before the Subcommittee on Reports, Accounting, and Management, Senate Committee on Governmental Affairs, June 13, 1977. \14 Statement of Financial Accounting Standards No. 119, SFAS Disclosure About Derivative Financial Instruments and Fair Value of Financial Instruments, FASB, October 1994. \15 In 1995, FASB undertook a strategic planning initiative to develop a vision to carry the organization into the next century and to identify several strategic directions to achieve that vision. \16 The Administrative Procedure Act governs rule-making by the federal government and exists to ensure that all affected parties have an opportunity to participate in the rule-making process. ACTIONS BY STANDARD SETTERS TO ADDRESS QUALITY AND TIMELINESS OF ACCOUNTING STANDARDS ---------------------------------------------------------- Chapter 5:3 To address concerns about the quality and timeliness of accounting standards, the AICPA Study Group on The Objectives of Financial Statements (Trueblood Committee) in 1973 recommended that FASB consider its findings on the objectives of financial reporting in developing a conceptual framework to improve the quality of accounting standards.\17 The Metcalf Subcommittee in 1977, and FAF\18 at various times, recommended additional staff resources for setting standards. Also, in 1982, FAF recommended that FASB develop a plan to identify and provide timely guidance on emerging accounting issues that have important financial reporting implications.\19 -------------------- \17 Objectives of Financial Statements, Report of the Study Group on the Objectives of Financial Statements, AICPA, October 1973. \18 The Structure of Establishing Financial Accounting Standards, April 1977; Interim Review of the FASB and FASAC, May 1979; and Reports of the Special Review Committee, Financial Accounting Foundation, July and December 1985. \19 Operating Efficiency of the FASB, Report of the Structure Committee, Financial Accounting Foundation, August 1982. ACCOUNTING CONCEPTS DEVELOPED -------------------------------------------------------- Chapter 5:3.1 In response to the recommendation of the Trueblood Committee, FASB developed six Statements of Financial Accounting Concepts that are intended to serve as the theoretical basis for its pronouncements. The purpose of the statements is to set forth the objectives of financial accounting and reporting and provide a conceptual framework for deliberations about accounting matters. The Board believed that the statements would enhance the consistency of its official pronouncements and improve the efficiency of the standard-setting process. However, in developing the statements, the Board recognized that there was significant support for a mixed model of financial reporting that measured some transactions and balances on the basis of historical costs and others on the basis of market values, and expected such mixed model accounting and reporting to continue. As discussed later, acceptance of the mixed model leads to standards which may not always be consistent, and adds complexity and the need to overly supplement financial statements with footnote disclosures. The model also enables what is referred to as "cherry picking" or managed earnings (selectively picking a financial reporting time to recognize gains or losses in financial statements) and has contributed to indecision on some urgent issues and resulting delays in setting needed standards. FASB STAFF RESOURCES -------------------------------------------------------- Chapter 5:3.2 FASB responded to recommendations for more staff resources by establishing and maintaining a staff of 40 to 50 professional individuals to facilitate the standard-setting process. The staff is headed by a director who holds equal status with Board members regarding compensation and participation in the Board's proceedings. FASB attempts to control the quality of its staff by selecting as project managers individuals who have achieved the equivalent of manager status in large accounting firms. According to most Board members and others we interviewed, FASB staff is sufficient. Through our activities with FASAC and through other contacts with the staff, we agree. FASB CREATES EMERGING ISSUES TASK FORCE TO IMPROVE TIMELINESS OF STANDARDS -------------------------------------------------------- Chapter 5:3.3 In 1984, FASB responded to recommendations to improve the timeliness of standards by creating the Emerging Issues Task Force (EITF) to provide timely accounting and reporting guidance for new and different types of transactions, and by relying on the AICPA's Accounting Standards Executive Committee (AcSEC) to set standards for certain issues. FASB established EITF as a permanent task force. FASB selects the EITF's current 13 members primarily from public accounting firms and also from public companies and major associations of financial statement preparers, such as the Financial Executives Institute. Auditors and preparers are selected because FASB believes they are in the best position to identify new accounting issues early and determine the appropriate accounting and reporting treatment before divergent practices become entrenched. The EITF membership terms are not limited. The members of EITF attempt to resolve issues quickly by reaching consensus as to how to account and report for new and different transactions using existing authoritative pronouncements.\20 If the members fail to reach a consensus about how a new or different transaction should be treated, or FASB disagrees with an EITF consensus, FASB may choose to add a project to its agenda to resolve the issue. Proceedings of the EITF are documented in EITF Abstracts. FASB members stated that they are also improving the timeliness of standards by relying on AcSEC to develop standards for specific industries and narrowly focused accounting issues.\21 By relying on AcSEC to set certain standards, FASB attempts to improve its efficiency by focusing on high-priority and broader accounting and reporting issues. To ensure that AcSEC's pronouncements do not conflict with its own, FASB clears all AcSEC proposals and pronouncements before they are issued. In spite of FASB's efforts to address new and emerging issues in a timely manner, several representatives of preparer and user groups told us that FASB is still not proactive enough in addressing emerging accounting questions and takes too long to issue standards. In FASB's 23 years of existence, it has issued over 120 financial accounting standards. According to the FASB records, it has taken on average 2 years to issue specific standards. But for some of the more complex, controversial accounting treatments, such as standards for employers' accounting for pensions, stock options, and derivatives transactions, it has taken much longer. For example, FASB's financial instruments project has been ongoing for about 10 years. Although certain standards related to derivatives have been issued, FASB has not yet issued a comprehensive standard for accounting for derivatives transactions.\22 Several FASB members stated that the deliberative process, which includes public comment on proposed standards, is often very lengthy. Similarly, the SEC Chairman recently stated that FASB's use of lengthy comment periods and public hearings sometimes has caused its rule-making process to drag on for many years. However, according to FASB officials, a lack of timeliness is the price that must often be paid in order to ensure that each of FASB's diverse constituency groups has an adequate opportunity to provide input into the establishment of a specific standard. Further, some current and prior FASB members stated that the 5 to 2 super majority rule, which was reinstated by the FAF trustees in 1990, slows the standard-setting process down.\23 They stated that this rule was backed strongly by the preparer community and is not likely to be changed. Although some prior board members stated that the two-thirds majority rule was reinstated to simply limit the number of new standards, several representatives of major preparer groups stated that it functions primarily to ensure that only standards that will result in long-term improvements in financial reporting will be issued. In 1990, we supported the super majority rule as being beneficial in helping to achieve quality of standards and their general acceptance. However, we recognized that this super majority vote could add to the difficulty and timeliness of obtaining FASB approval, particularly on very complex, critical, and controversial issues. Based on our activities with FASAC, we also believe that the complexities of setting standards using a mixed attribute financial reporting model and the lack of consistency it causes in standard setting adds to the length of time to develop standards. Also, we believe that self-interest pressures brought at times by preparers and their auditors adds to the debate and, accordingly, the time to set standards. For example, discussions related to measurement of some financial instruments at fair market value and the effects of that measurement in preparing financial statements have taken considerable time.\24 Also, as previously mentioned, views expressed at FASAC meetings at times do not objectively address the merits of the accounting issue under discussion. While some bias can be expected, we believe that such views add to the length of time to issue standards, as efforts are devoted by FASB and other FASAC members, as well as staff, to addressing such comments. FAF and FASB have acknowledged the concern over the timeliness of issuing standards. Accordingly, FASB has adopted, as part of its strategic planning initiative, an objective to make standard setting more timely and efficient. FASB's strategic plan states that FASB, "along with the FAF Trustees, are committed to improving independent, private-sector standard setting and providing leadership in shaping the debate over the future of financial reporting." The plan acknowledges that improvements can and should be made to build broader acceptance for FASB's process and make standard setting more timely and efficient. According to FAF, FASB has adopted and is now implementing specific strategies to improve its agenda-setting process, to make FASB standards easier to understand and implement, and to complete projects more rapidly. -------------------- \20 A consensus of EITF is deemed to exist when not more than 2 of the 13 members disagree with the suggested accounting approach. An EITF consensus is considered to be GAAP under SAS No. 69, The Meaning of "Present Fairly in Conformity With Generally Accepted Accounting Principles" in the Auditor's Report, which was issued by the AICPA in 1992. Moreover, the SEC has said that it will question registrants' accounting practices that differ from an EITF consensus. \21 The AICPA established the AcSEC in 1973 to serve as its official voice on accounting matters before FASB. Over time it has assumed the role of a standard setter primarily due to FASB's heavy caseload. According to SAS 69, pronouncements issued by AcSEC, such as Statements of Position and Industry Accounting and Auditing Guides, are GAAP. \22 During its work on financial instruments, FASB has issued Statement of Financial Accounting Standards (SFAS) No. 105, Disclosure of Information About Financial Instruments With Off-Balance-Sheet Risk and Financial Instruments With Concentrations of Credit Risk, 1990; SFAS No. 107, Disclosures About Fair Value of Financial Instruments,1991; and SFAS No. 119, Disclosure About Derivative Financial Instruments and Fair Value of Financial Instruments, 1994. FASB has not yet issued a standard for accounting for derivatives. However, on June 20, 1996, FASB issued an exposure draft seeking comments on proposed accounting standards for derivatives. \23 In May 1990, FAF trustees changed FASB's voting rule to a super majority (5 of 7 members) from the simple majority (4 of 7 members) that had existed since 1978. Before 1978, the 5 to 2 vote had been required. \24 Market value is based on the concept of fair value, which is generally defined as the price that could be obtained in an arms length transaction between willing parties in other than a forced or liquidation sale. PRESSURES CHALLENGE FASB'S INDEPENDENCE ---------------------------------------------------------- Chapter 5:4 In obtaining views of constituency groups as part of FASB's due process, FASB has at times been confronted by strong opposition to draft standards that it is considering. For example, the debate over accounting for stock options produced a great deal of controversy among businesses, the Congress, and FASB's trustees. Such pressures challenge FASB's ability to maintain its objectivity in setting accounting rules that will be generally accepted and provide relevant financial reporting for users. To be successful, FASB must be responsive to the broad public interest, and it must be able to carry out its mandate in the face of strong, honestly held disagreement on virtually every important issue. The SEC Chairman recently stated that "to be effective, FASB must be able to address important, and usually controversial, accounting issues on a timely basis and to resolve those issues with credible, conceptually sound accounting standards that serve the interest of investors, the public, and the numerous constituencies involved."\25 In a recent speech, the SEC Chairman stated that the independence of FASB is of extreme importance and if standards are drawn, or even seem to be drawn, to favor corporate interests over those of investors, faith in our markets will erode.\26 Also, the SEC Chairman recently restated the SEC's support for keeping accounting rule-setting in the private sector--but free of heavy pressures from business.\27 The SEC Chairman suggested that a good way to strengthen both the substance and perception of FASB's independence and the overall effectiveness of the standard-setting process would be to increase public representation among the trustees of FAF. The Chairman requested that FAF have a majority of public representatives as opposed to representatives of various groups with a stake in accounting rules. Further, the Chairman wanted the SEC to have the power to approve the trustees of FAF. In recent correspondence to the SEC, FAF stated its intentions to promptly appoint two at-large public trustees to replace positions previously held by preparers of financial statements.\28 However, as noted in its letter to the SEC, FAF also expressed concern that a controlling majority of public interest trustees would exclude from consideration many dedicated individuals who have the knowledge, experience, and perspective needed to best serve the public interest. The SEC Chairman recently advised us that he is not pressing the issue of the SEC's approval of the trustees, but he believes the public interest could be further enhanced by a public representative being the leader of FAF since a public leader could enhance FAF's ability to increase user participation in standard setting. On July 8, 1996, FAF announced that, in consultation with the SEC, it had named three individuals as public members of the board of trustees of FAF and planned to extend an offer to a fourth public member. With this change in composition, the SEC and FAF reached agreement that the FAF trustee membership will be balanced between constituent and public members. -------------------- \25 Letter from the Chairman, SEC, to the President, Financial Executives Institute, dated February 7, 1996. \26 Speech by SEC Chairman Arthur Levitt on April 24, 1996, before the Economic Club of Chicago. \27 The SEC Chairman made this statement in response to recent recommendations made by the Financial Executives Institute, an organization of corporate financial executives, to reduce the size of FASB and to increase business's influence on FASB's rule-setting process. The Financial Executives Institute, which has recently expressed concern that FASB is too big, moves too slowly, and often reflects an antibusiness bias, felt that these recommendations would strengthen FASB and expedite the standard-setting process. \28 Letter from the President, FAF, to the Chairman, SEC, dated May 20, 1996. EFFORTS TO IMPROVE THE QUALITY AND TIMELINESS OF AUDITING STANDARDS ---------------------------------------------------------- Chapter 5:5 The quality and timeliness of auditing standards have been the subject of congressional reports and studies conducted by the Cohen Commission, the Special Committee of the AICPA to Study the Structure of the Auditing Standards Executive Committee (Oliphant Committee),\29 and the Treadway Commission. These groups found that the resources and structure for the auditing standard-setting process needed to be enhanced to optimize the quality and timeliness of standards. The studies made recommendations for more staff resources and a smaller standard-setting body to improve the efficiency of the process. In 1978, the Cohen Commission recommended that this smaller standard-setting body be composed of full-time members compensated only by the AICPA. In 1987, the Treadway Commission recommended that the chairman and vice chairman of auditing standards should serve full time and that the AICPA should sufficiently compensate both full-time and part-time members in order to draw top talent from firms of all sizes. In contrast, the Oliphant Committee, in 1978, suggested that the standard-setting body be composed of only part-time members and that the AICPA compensate members at their request.\30 -------------------- \29 Report of the Special Committee of the AICPA to Study the Structure of the Auditing Standards Executive Committee, AICPA, May 1978. \30 The Oliphant Committee was established by the AICPA as a result of the Cohen Commission's recommendations concerning the setting of auditing standards. Specifically, the AICPA was not convinced of the soundness of the Cohen Commission's recommendation that AudSEC should be replaced with a full-time board. The AICPA established the Oliphant Committee to study the restructuring of AudSEC. AICPA CREATES THE AUDITING STANDARDS BOARD -------------------------------------------------------- Chapter 5:5.1 In response to the concerns over setting auditing standards, in 1979, the AICPA reorganized the 21-member AudSEC into a smaller standard-setting body, the ASB. The purpose for establishing the ASB was to have a more efficient standard-setting body composed of representatives from firms of all sizes and from nonpublic accounting organizations. The ASB is typically composed of 15 volunteer members all of whom are CPAs but come from a diverse background (6 representatives from large firms, 1 representative from a medium-sized firm, 6 representatives from small firms, an academician, and a government official). The members are appointed by the AICPA's Board of Directors and usually serve for three consecutive 1-year terms. Although the AICPA Board of Directors believes that limited terms encourage participation on the ASB, several ASB members stated that current terms are too short and result in turnover that impedes the effectiveness of the ASB. To encourage small accounting firm practitioners to be involved in the auditing standard-setting process, ASB members can request compensation of up to $40,000 annually from the AICPA. Currently, only members of small firms and the academic representative are compensated. According to ASB members and AICPA officials, the AICPA chose not to implement the Cohen Commission's recommendation to establish a full-time standard-setting board because it believed that it was important for members to continue to practice while serving as standard setters in order to stay on top of important auditing issues. Further, according to several ASB members, part-time membership with limited terms encourages firms of all sizes to contribute time and resources to the standard-setting process. Currently, ASB members contribute substantial amounts of time to standard setting. According to the ASB Chairman and other Board members, the Chairman spends about 70 percent of his time on standard setting, while the other members devote about 25 percent of their time to the process. ASB ESTABLISHES THE AUDIT ISSUES TASK FORCE -------------------------------------------------------- Chapter 5:5.2 To further improve the quality and timeliness of auditing standards, the ASB also created the Audit Issues Task Force (AITF). AITF issues interpretations of auditing standards, monitors the work of the ASB's various task forces, and helps ASB monitor emerging auditing issues. The AITF chairman selects several board members to serve with him or her on AITF. STAFFING FOR AUDIT STANDARD SETTING IS LIMITED -------------------------------------------------------- Chapter 5:5.3 Notwithstanding the fact that several studies specifically called for more staff resources to improve the quality and timeliness of auditing standards, board members stated that staffing levels for auditing standards at the AICPA have decreased over the last 5 years. Currently, there are six staff members (one director and five technical managers), all of whom are CPAs, specifically assigned to the ASB. The director and technical managers each typically supports three or more task forces, and at least two AICPA teams, such as a fraud team or a training team. The ASB staff is also responsible for issuing nonauthoritative auditing guidance such as audit risk alerts and practice aids as well as reports and newsletters on ASB activities. Some board members believe that with additional qualified staff, the ASB could be much more timely in issuing standards. However, members of the AICPA's Board of Directors believe that staffing levels are sufficient at current levels because auditing issues are addressed by other groups within the AICPA, such as the Ethics Committee, the POB, and the specific industry committees. We did not attempt to resolve the question of the adequacy of staffing levels for setting auditing standards. However, we believe there are other factors which may also limit the ability to set standards which are timely and of high quality. Pressures brought by audit clients concerning potentially added audit cost and auditors' concern with additional exposure to unwarranted litigation tend to make it difficult to expand the standards of professional work. USER PARTICIPATION IN SETTING AUDITING STANDARDS IS STILL LOW -------------------------------------------------------- Chapter 5:5.4 As with accounting standards, the Moss Subcommittee and the Metcalf Subcommittee's staff study recommended that auditing standards also be established by the federal government\31 in order to increase public participation in standard setting. The Metcalf Subcommittee felt that participation by all segments of the public is necessary to develop auditing standards that will restore public confidence in the integrity of corporate reports. Other study groups, namely the Cohen Commission, the Oliphant Committee, and the Treadway Commission did not support making the process independent of the profession. In fact, the Cohen Commission felt that removing standard setting from the profession could have an adverse effect on the professionalism and on auditors' motivation to accept and support auditing pronouncements. All three of these groups believed that auditing pronouncements would benefit from the participation of knowledgeable people outside the profession and therefore believed that all affected and interested parties should be encouraged to become more involved in the auditing standard-setting process. The Oliphant Committee specifically recommended that an advisory council, whose members might include preparers, users, academicians, lawyers, and other public representatives, be established to consult standard setters about their agenda and auditing issues. The Treadway Commission went further and recommended that either non-CPAs or CPAs no longer in public practice represent about half of the ASB members. The Treadway Commission recognized that ASB receives input from many sectors, but felt that actual participation would enhance the value and effectiveness of this input. The Commission believed that such a board would look beyond the technical aspects of auditing and set an agenda which reflects a broad range of needs, serving public and private interest. In response to concerns about lack of participation in the standard-setting process, the AICPA took several actions to encourage more participation by individuals outside the profession. For example, all ASB meetings are required to be open to the public. In addition, the ASB issues exposure drafts for all proposed authoritative pronouncements to anyone who requests them and generally allows 60 to 90 days for public comment. The AICPA chose not to fully implement the Treadway Commission's recommendation to have half of the ASB members be nonpractitioners because it believes that auditors' experience places them in a better position to establish standards that can be implemented in the field. Instead, on two separate occasions, the AICPA attempted to encourage public participation in the auditing standard-setting process by establishing advisory committees composed partly of public representatives. The AICPA intended the committees to advise standard setters about priority issues and oversee the functioning of project task forces. However, both committees were disbanded because of low levels of input from the public representatives. According to AICPA officials and one of the public representatives, the committees' agendas focused primarily on technical issues and, consequently, the public representatives were not able to provide meaningful input into the standard-setting process. Subsequent to disbanding the second advisory committee, the AICPA intended to hold periodic symposiums to obtain public input on issues related to auditing standards. Some AICPA officials and members of the ASB stated that because of a lack of resources, few symposiums have been held. -------------------- \31 The Moss Subcommittee recommended that auditing standards be set by the SEC. The Metcalf Subcommittee staff recommended that auditing standards be established by GAO, the SEC, or by federal statute. PRESENT FINANCIAL REPORTING MODEL DOES NOT FULLY MEET USERS' NEEDS ---------------------------------------------------------- Chapter 5:6 Business reporting is critical in promoting an effective allocation of capital among companies. Therefore, financial statements, which are at the center of present-day business reporting, must be relevant and reliable to be useful for decision-making. Standard setters, the SEC, and others have devoted considerable resources to maintaining and improving financial statements. However, despite the continuing efforts to enhance financial reporting, changes in the business environment, such as the growth in information technology, new types of relationships between companies, and the increasing use of complex business transactions, constantly threaten the relevance of financial statements and pose a formidable challenge for standard setters. In addition, financial statements present the business entity's financial position and results of its operations largely on the basis of historical costs, which do not fully meet the broad range of user needs for financial information.\32 Also, decisionmakers are placing more importance on the values of companies' internally-generated intangible or soft assets, which are generally not captured by the current reporting model.\33 As a result, users have turned to other information sources to obtain decision-related information. Further, the current mixed model of financial reporting has had some negative impacts in delaying FASB's decision-making as Board members debate proposed accounting standards. For example, the Board, as it continues deliberations to develop accounting standards for derivatives, has debated the effects on financial statements of mark-to-market accounting for derivatives that are not traded.\34 Mark-to-market accounting for all financial instruments would resolve many of the issues the Board has been confronted with in developing accounting rules for derivatives, but it is a very controversial solution. For example, preparers believe that mark-to-market accounting could result in inappropriate swings in earnings that do not reflect actual transactions or management's intent as to when such transactions would be closed and gains or losses actually incurred. In its 1993 report, the POB recommended that FASB add a project to its agenda to study comprehensively the possibility of requiring the reporting of fair value and changes in fair value rather than historical transaction prices, either as a basis to propose changes to financial accounting standards or to explain publicly why such a change in accounting standards is impractical or otherwise inappropriate. The POB did not take a position on the issue of value-based versus historical cost-based accounting, but warned "as long as a constant flow of criticism directed at the present accounting model appears in journals and is espoused in speeches, the public will remain confused and its confidence in accounting will decrease." In response to the POB's report, FASB stated that it would be beneficial to review the final reports of the AICPA's Special Committee on Financial Reporting (Jenkins Committee) and of AIMR as discussed below before considering whether to add a project on comprehensive measurement. Recently the Wall Street Journal reported that the average price of Dow Jones industrial stocks was 4.3 times the stocks' average book value.\35 Although various factors can affect a stock's market price, we believe the size of the margin between the average book value and stock price is an indicator that some important information used by investors is not in the financial statements and that the historical cost-based values reported in financial statements may not reflect economic reality for some financial statements. In 1991, the AICPA created the Jenkins Committee to address concerns over the relevance and usefulness of financial reporting. Based on its study of the information needs of professional investors and creditors,\36 the Committee identified information gaps resulting from the current reporting model, which focuses on financial statements rather than on a broad range of users' information needs. It also found that users view the current mixed attribute reporting model as a generally satisfactory component of a comprehensive reporting model and concluded that the historical cost benchmarks provided by the current accounting model should continue for measuring core assets and liabilities.\37 The current model provides a reliable information base for analysts and does not have the degree of volatility which mark-to-market accounting would have on reported earnings. Accordingly, in its 1994 report, the Committee recommended that standard setters develop a comprehensive reporting model that includes both financial information and nonfinancial information.\38 In addition to financial statements and related disclosures, the recommended model includes high-level operating data and performance measures that management uses to manage the business, management's analysis of changes in financial and nonfinancial data, forward-looking information about opportunities, risks, and management plans including discussions about critical success factors, information about management and shareholders, and background about the company including a description of the business, its industry, and its objectives and strategies. Although the Jenkins Committee acknowledged that many business entities already provide much of this information in one form or another, it stressed the need to develop a comprehensive reporting package that would promote consistent reporting and the need to have auditors involved in providing some level of assurance for each of the model's elements. The Committee did not address the issue of adding internal control reporting to the proposed comprehensive model. The Jenkins Committee's report also points out that the importance of intangible assets and the competitive advantage they may create for a company appear to be increasing with the growing importance of service companies in the economy, which tend to be intangible-asset intensive. The Committee noted that even tangible-asset intensive businesses appear to be competing in the marketplace by relying more on technology, information, and speed than on heavy investment in tangible assets. Despite the importance of intangible assets, the Committee found that users generally oppose recognizing those assets in the financial statements for several reasons, including that users consider the valuation of intangible assets to be inherently unreliable and their contribution to future cash flows difficult to quantify. However, the Committee found that users would welcome improvements in disclosures about the identity, source, and life of intangible assets. According to the Committee, improved disclosures in this area are consistent with its proposed model, which would provide insight into the identity, importance, and sustainability of a company's competitive advantage. Though the Committee accepted forward-looking information as desirable if there were more effective deterrents to unwarranted litigation, it rejected company-prepared forecasts. Current information, some of it nonpublic information, is available to analysts who have the ability to interpret it and to forecast earnings. With analysts' ability to make earnings forecasts and the accounting profession's long-standing concern about the potential liabilities flowing from forecasts, it is not surprising the Committee did not include company-prepared forecasts as a part of the reporting model. We believe that including such forecasts as a component of the reporting model may result in better information. Company preparers should have a better information base than analysts to construct forecasts and the ability to make those forecasts available to all readers of companies' annual reports. However, on balance, the Jenkins Committee recognized a broad range of information needs, as discussed above, that the current accounting model does not provide. In 1993, AIMR reached conclusions similar to the Jenkins Committee's findings regarding the need for a comprehensive model of business reporting.\39 AIMR's 1993 report recognized that globalization of the capital markets and the spread of free enterprise throughout the world had enormous implications for analysts, and that the rapid accessibility of computing power was placing increasing the demand for and use of financial information. AIMR also reported that the current accounting model was developed to fit enterprises whose economic activity was primarily in manufacturing or merchandising. Today, services of all types--business, personal, and financial--constitute a major portion of economic endeavors. Although AIMR considered the current accounting model to be fundamentally sound, it identified many areas that need improvement to better capture the economic substance of transactions, such as those involving intangible assets, and to meet the data needs of financial analysts. AIMR did not support changing to mark-to-market accounting, although it recognized the need for more current data, particularly for financial services firms whose assets and liabilities are composed almost entirely of financial instruments, such as derivatives. AIMR also recognized the need for users' views in the standard-setting process. It stated the primary purpose of financial reporting is to provide information that is valuable to financial statement users. AIMR stated that financial statement users need much more of a direct voice in the process than they have been given in the past. We agree with the basic findings of both the Jenkins Committee and the AIMR that the financial statement data provided by the current financial model is a valuable component of the more comprehensive model needed to meet users' needs. However, our work also shows the problems that have arisen in the financial services industries from the application of the mixed model where, inappropriately, financial losses have not been recognized under historical cost-based accounting while gains are recognized. For example, our reviews of failed banks showed that flexible accounting rules for debt investment securities allowed management in some cases not to recognize losses in investment securities due to decreases in market values.\40 We also believe that more direct users' input, including more user membership on standard-setting boards and committees, is needed to facilitate achieving an accepted comprehensive reporting model. One of FASB's strategic planning initiatives is to develop and enhance the reporting model as a tool for decision-making in a rapidly changing and technological environment. On February 29, 1996, FASB issued an invitation to comment on the reports of the Jenkins Committee and AIMR.\41 FASB plans on using the responses to this request to assist it in setting its agenda. In our earlier interviews with representatives of preparer groups, they stated that they will likely oppose many of the Jenkins Committee's recommendations, including measuring noncore assets and liabilities at fair value, disclosing forward-looking information about opportunities and risks, and accounting for specific operational performance. They stated that such information would be either too costly to prepare for public dissemination or would put business entities at a competitive disadvantage with foreign competitors. Further, the representatives stated that many preparers are still concerned about liability exposure and would be opposed to requiring disclosure of information not currently disclosed in cases where the facts or premises for their viewpoints could change markedly over time. However, the Private Securities Litigation Reform Act of 1995 provided companies and certain persons acting on their behalf a safe harbor for certain forward-looking information that may help to reduce concerns about such liability exposure.\42 In 1994, in response to a study by the AICPA Task Force on Risks and Uncertainties,\43 the AICPA's AcSEC took action to improve disclosures to help users assess risks and uncertainties that face business enterprises. The new disclosure requirements, issued in a statement of position (SOP), require businesses to disclose in their financial statements (1) the nature of their operations, (2) the use of estimates in the preparation of financial statements, (3) certain significant estimates, and (4) current vulnerability due to certain concentrations.\44 This SOP does not include the controversial requirement, which we supported, to require disclosure of management's expected course of action if it is at least reasonably possible that the entity will not continue as a going concern without taking significant actions (referred to in the exposure drafts of the SOP as a disclosure of "financial flexibility").\45 AcSEC does, however, continue to consider financial flexibility disclosures to be relevant early warnings for financial statement users and believes that disclosure requirements, such as those currently included in auditing standards, should instead be included in accounting standards.\46 This SOP also does not require disclosure of risk associated with any material weaknesses in internal controls known as control risk. As evidenced by the savings and loan crisis and currently by the losses and failures of businesses resulting from weak corporate governance and internal controls over derivatives, significant deficiencies in controls could adversely affect not only the reliability of financial information, but also the viability of the entity itself. -------------------- \32 The accounting and reporting model under GAAP is actually a mixed-attribute model. Although most transactions and balances are measured on the basis of historical cost, which is the amount of cash or its equivalent originally paid to acquire an asset, certain assets and liabilities are reported at current values either in the financial statements or related notes. For example, certain investments in debt and equity securities are currently reported at fair value, receivables are reported at net realizable value, and inventories are reported at the lower of cost or market value. Further, certain industries such as brokerage houses and mutual funds prepare financial statements on a fair value basis. \33 Intangible or soft assets include, for example, brand names, goodwill, technology related to products and processes that provide competitive advantage, intellectual capital (i.e., "know how"), patents, trademarks, franchises, copyrights, and research and development. Most intangible assets that are internally generated are not recognized in the financial statements. Intangible assets that are purchased are generally recognized, such as purchases of goodwill and brand names. \34 Under market value accounting, the values of assets and liabilities would be periodically increased or reduced as their estimated market values changed. \35 Book value is corporate net worth (assets minus liabilities). \36 The Jenkins Committee focused only on the information needs of professional investors and creditors and their advisers. These users follow fundamental approaches that seek to value companies by assessing the amount, timing, and uncertainty of a business entity's future cash flows or income. \37 According to the Jenkins Committee Report, core assets and liabilities result from a company's usual or recurring activities, transactions, and events. Conversely, noncore assets and liabilities for which the Committee recommended fair value measurement result from unusual or nonrecurring activities, transactions, and events. \38 Improving Business Reporting--A Customer Focus: Meeting the Information Needs of Investors and Creditors, Comprehensive Report of the Special Committee on Financial Reporting, AICPA, 1994. \39 Financial Reporting in the 1990s and Beyond, Association for Investment Management and Research, 1993. AIMR comprises the Institute of Chartered Financial Analysts and the Financial Analysts Federation. Its members include financial analysts, portfolio managers, and other investment professionals. \40 Failed Banks: Accounting and Auditing Reforms Urgently Needed (GAO/AFMD-91-43, April 22, 1991). \41 The comment period ended July 31, 1996. \42 The Private Securities Litigation Reform Act of 1995, Section 102, provides a safe harbor protecting certain forward-looking information from liability in private actions under the Securities Act of 1933 and the Securities Exchange Act of 1934. Forward-looking statements protected from liability generally are written or oral statements that project, estimate, or describe future events which are accompanied by a notice that the information is forward-looking and by meaningful cautionary statements that actual results may materially differ from such statements. Forward-looking statements included in the financial statements prepared in accordance with GAAP are not protected under this section. \43 Report of the Task Force on Risks and Uncertainties, AICPA, July 1987. \44 Statement of Position 94-6, Disclosure of Certain Significant Risks and Uncertainties, AICPA, December 30, 1994. \45 The exposure draft's disclosure requirement for financial flexibility was controversial, mainly because of concerns about the cost of compliance. Also, concerns were expressed regarding the overlap between the exposure draft's requirements and the requirements of SAS 59, and the ability of the exposure draft's criteria to highlight meaningful information and to differentiate among entities that have different risks. \46 SAS 59 provides a specific list of information that could be disclosed when there is substantial doubt about the entity's ability to continue as a going concern. FINANCIAL STATEMENT DISCLOSURE OVERLOAD -------------------------------------------------------- Chapter 5:6.1 Over time, the cumulative effect of disclosure standards has resulted in a significant increase in the volume of information disclosed. The Jenkins Committee reported that the expansion in business reporting has been well-received by users. However, the Committee acknowledged that "disclosure overload" is a barrier to achieving acceptance of the Committee's recommended reporting model because of concerns about the cost of preparing and auditing additional disclosures. Accordingly, the Committee recommended that standard setters and regulators expand their efforts to eliminate disclosures that are less useful. The Jenkins Committee believes that eliminating less useful disclosures would (1) reduce the costs of statement preparation and auditing without significant loss of benefit, (2) reduce the need for users to wade through excess material, and (3) make room for what the Committee believes is more useful information, such as that in its proposed reporting model. The Committee also believes that efforts to eliminate less useful disclosures would demonstrate the standard setters' concern for reducing costs associated with business reporting. FASB is studying the issue of disclosure overload, which it calls "disclosure effectiveness." In a May 18, 1995, letter to FASAC, we provided some ideas for designing a study to address the issue by dividing users into two groups: those who have a detailed need for information, such as financial analysts, and a much larger group that relies, for the most part, on the first group, such as small investors in stocks and bonds. We believe that such groups may provide insight into better specifying their data needs and efficiencies in providing necessary data. We also stated that it would be especially important to ensure that information vital for assessing financial condition and performance is not eliminated. Disclosures about risks and uncertainties is an example where progress is being made, but we believe further improvements in disclosures are needed, not fewer disclosures. FASB is currently considering comments received on its prospectus on the subject. The SEC is also attempting to reduce and/or simplify disclosures. In 1995, the SEC issued proposed rules for comment which call for abbreviated financial statements to be included in proxy statements, and other reports issued to shareholders. The abbreviated financial statements would exclude a substantial number of footnote disclosures. The SEC withdrew this proposal based on the negative comments received. The SEC currently is considering comments on another proposed rule that would streamline accounting disclosures through the elimination and/or modification of SEC accounting rules that are outdated or duplicative of the requirements of GAAP. LIMITED PROGRESS IN WORKING TO ACHIEVE A COMPREHENSIVE REPORTING MODEL -------------------------------------------------------- Chapter 5:6.2 Disagreement currently exists among various groups as to who should take responsibility for leading the effort to implement a comprehensive reporting model. Some members of FASB stated that the Board has the authority to develop standards covering all aspects of the model. Other Board members were less certain of FASB's authority to establish standards for the nonfinancial aspects contained in the comprehensive model. Some preparer and user groups believe that the SEC's regulatory role makes it better suited for implementing the nonfinancial elements of the model. The SEC has not stated whether it will take responsibility for implementing any of the Jenkins Committee's recommendations. OBSERVATIONS ---------------------------------------------------------- Chapter 5:7 The accounting profession has been responsive to the recommendations made by various groups over the years in developing a structure and processes for setting accounting and auditing standards that have served our nation well in providing generally accepted standards. This is no easy task since, to be effective, standard setters must be able to address important, and usually controversial, accounting and auditing issues on a timely basis and to resolve those issues with credible, conceptually sound standards that serve the public interest. Today, standard setters are facing significant challenges that must be successfully resolved to ensure the adequacy of standards as a basis for producing relevant financial reports. User participation in setting accounting and auditing standards, timeliness of accounting standards, and pressures brought by groups that attempt to influence accounting standards are significant continuing concerns. Further, changing business operations accelerated by advances in information technology are challenging the standard setters' abilities to efficiently and effectively maintain standards that facilitate relevant and useful financial reporting. In addition, the mixed-attribute reporting model limits the understandability and relevance of financial reports for nonprofessional users and contributes to the time needed to develop, propose, and adopt standards. Overcoming these difficult issues will require a cooperative effort by the standard setters, the accounting profession, and other affected parties, as well as strong SEC leadership. The opportunity for user participation is available as part of the process for setting standards. Both FASB and the AICPA have encouraged increased user participation in standard setting, but these efforts have not been successful relative to other groups' participation. For example, preparers of financial statements, relative to users of financial statements, are heavily involved in accounting standard setting through participation in FASAC and by responding to proposed standards. Also, they informally participate through contacts with others, such as independent public accountants, the SEC, and the Congress. We believe that preparers' interest in having flexible standards and in keeping accounting and auditing costs down has led them to take positions that are not always constructive and objective and at times result in delaying the issuance of needed accounting standards. In practice, audit standard setting has been primarily the domain of the accounting profession. In that respect, auditing standards have been influenced by auditors' liability concerns. However, the scope of audits has also been constrained by preparers' cost-benefit concerns about expanded audits. We believe that the independence of FASB members is critical to achieving acceptance of the standard-setting process. Also, for the standard setters to produce relevant standards that have a balanced perspective in meeting users' needs, the parties affected by the standards, and others who ultimately determine general acceptance, should have a greater influence on the standard-setting process. User under-representation has thrown the standard-setting process somewhat out of balance. The SEC, which has the ultimate authority for standard setting and responsibility to protect the public interest, has not always strongly asserted that role in its relationship with the standard setters. The SEC's recent actions to increase public representation among the trustees of FAF is a step in the right direction. With regard to the SEC Chairman's belief that standard setting would be further strengthened if the leader of FAF were a public representative, we believe the experience in the federal arena, in which the Chairman of the Federal Accounting Standards Advisory Board (FASAB) is a public member, has been positive.\47 We also believe that opportunity exists in setting auditing standards to better meet the public interest perspective through having more ASB members who are knowledgeable of standards but are not public practitioners. SEC intervention to protect the interests of small investors is particularly important because they play virtually no role in the standard-setting process. SEC intervention could take the form of working more closely with FASB to influence the underlying accounting concepts as well as FASB's position on particular issues. We believe that a stronger SEC presence on behalf of users would not take the standard-setting function out of the hands of the private sector. Timeliness of accounting standards is a factor that has been sacrificed by FASB to obtain quality of standards and their general acceptance. FASB's timeliness is problematic, and at times causes serious concern, such as the current need for accounting standards for derivatives. FASB recognizes the urgency of setting such standards and is currently designing strategies to make standard setting more timely, but is cautious to ensure quality and accepted resolution of the complex issues involved. We agree that these are important trade-offs but encourage FASB to continue to seek ways to improve timeliness. We believe FASAC, which was formed to assist FASB, contributes to the time needed to develop standards since objectivity may not always exist for views expressed, and deliberations to deal with those views are time-consuming. FASB has responded professionally to concerns that have been raised over positions it has taken in developing proposed standards. FASB's mixed-attribute financial reporting model and the difficulties perceived by preparers in implementing proposed standards that perpetuate the model contribute to the pressures brought to bear on FASB in developing standards. Resolving issues surrounding the mixed-attribute model would help alleviate such pressures. However, as previously stated, standard setting is inherently controversial, and pressures on FASB can be expected to continue. The SEC needs to carefully monitor the pressures brought to bear on FASB by those groups attempting to influence the setting of standards to ensure that FASB's ability to objectively set accounting standards continues. The SEC can also play an important role in working with FASB to address questions that have been raised about the efficiency of FASB's operations. It is essential that any changes made to improve FASB's efficiency do not adversely affect its independence. The conceptual basis for accounting and the reporting model are becoming increasingly problematic as the nature of business changes. Present-day accounting reflects conflicting concepts of historical cost and market valuation--concepts that do not recognize some important economic values--and lacks forward-looking information that is important to investors and other financial statement users. Reporting historical cost data provides an important foundation for accountability and for auditing with respect to fixed assets and other nonfinancial assets, and liabilities. However, it does not fully serve to provide needed information to users of financial statements in today's world. Analysts and others who can integrate other information, much of which is not public, and interpret the financial statements in light of information from other sources may find historical cost data in financial statements to be less problematic than other users do. How useful such financial statements are to the general public is more questionable, as illustrated by the current wide disparity between the market price of publicly traded stocks and their book values, indicating that economic reality might be lacking in some financial statements. Not requiring all financial instruments to be valued at market values allows values that do not reflect reality to be reported on these assets. In such instances, the mixed-attribute reporting model can facilitate earnings management and, in egregious cases, the model can facilitate manipulation of earnings and cover up of business failures. Requiring extensive and burdensome footnotes and other types of disclosures to supplement information in the financial statements is not an acceptable substitute for adequate accounting. Soft assets, such as trademarks and other similar intangibles, are another example where the accounting model does not provide information about increasingly important business assets. Soft assets are significant assets for many public companies that are generally not recognized under the present conceptual basis of accounting. We believe it should be possible to express these values in an expanded reporting model without losing the historical foundation and auditability of financial statements. Recognizing deficiencies in the current accounting model, the Jenkins Committee and AIMR studies have proposed to broaden the present reporting model to include forward-looking information and other financial and nonfinancial information. We believe that overall, the studies represent a significant step in improving information for users. However, the studies do not address the issue of adding internal control reporting to the financial reporting model. FASB is undertaking further study of the Jenkins Committee and AIMR recommendations. Concerns over disclosure overload and costs of providing additional financial and nonfinancial data are major barriers to achieving a more comprehensive reporting model. Also, it is unlikely that the other concerns over the current mixed-attribute model, such as the need for market value measurement of all financial instruments and expanded disclosures beyond those currently required regarding the reporting entity's risks and uncertainties, will be resolved as the issues surrounding the comprehensive reporting model are considered. FASB needs to continue to focus its efforts on resolving these issues to improve the existing financial reporting model. However, FASB alone should not be expected to resolve these issues. These issues are best resolved by the accounting profession, the SEC, and other interested parties joining together with FASB to address the broad issues of the conceptual basis of accounting and the composition of its reporting model to meet the information needs of the modern financial statement user. The accounting profession has an important role to play in determining a better conceptual framework for accounting and the construction of a new reporting model that better meets users' needs. How the profession handles this issue will affect the nature and extent of its future role in providing business information to users. Continuing concerns about liability may limit the profession's willingness to make the necessary changes to satisfy users' need for reliable as well as informative data. The issues are both fundamental and far-reaching and require a concerted effort by all the major players, including strong SEC leadership, to achieve a comprehensive reporting model that is relevant to today's financial statement users. -------------------- \47 FASAB recommends accounting standards to its principals (GAO, the Office of Management and Budget (OMB), and the Treasury) for adoption by the federal government. COMMENTS AND OUR EVALUATION ---------------------------------------------------------- Chapter 5:8 FASB, the AICPA, and the SEC Chief Accountant provided comments on accounting and auditing standard setting. Each of the entities provided specific comments on certain aspects of the financial reporting model and the related findings of the Jenkins Committee. FASB and the SEC Chief Accountant provided comments on our observations on FASAC. The AICPA also commented that it supported the recent restructuring of FAF, and the SEC Chief Accountant commented on the membership of the ASB. The SEC Chief Accountant also pointed out how the SEC works closely with the standard setters. FASB stated that it agreed with many of our criticisms of the mixed-attribute financial reporting model. However, FASB commented that adopting fair value accounting for all financial instruments would not resolve all major issues and would raise additional issues. Also, FASB stated that its experience suggests adopting fair value accounting would not reduce controversy and speed up the standard-setting process. However, FASB stated that some Board members fully share our interest in fair value accounting for all financial instruments and that the Board is studying that possibility again. We agree that adopting fair value accounting for all financial instruments would still leave some difficult accounting issues, such as the hedging of forecasted transactions with derivatives, how to report unrecognized gains and losses in the financial statements, and how to determine values when market prices are not readily available. However, we believe that the benefit of having more current values recognized in the financial statements outweighs the effort necessary to satisfactorily resolve such remaining issues. Also, we agree that adopting fair value accounting for all financial instruments would be controversial. We believe that in the long term, after such accounting is adopted, the overall time spent in adopting accounting standards may be reduced since studying financial instruments has been a major effort by the Board with much attention focused on the current mixed-attribute model. The SEC Chief Accountant commented on another aspect of the current mixed-attribute financial reporting model: the recognition of soft assets in entities' financial statements. He agreed that this issue is important and recognized that information about these assets may be significant to the investment decision-making process. The SEC Chief Accountant noted that most participants at a symposium it held in April 1996 on this issue thought that intangible assets were important drivers, in many cases, of value for certain companies. He also stated that it was currently difficult to arrive at a consensus on how such information should be presented. The SEC Chief Accountant believes that the symposium has resulted in additional academic research into new ways to present this information. He encourages such research as an important first step in addressing the accounting and reporting for soft assets. We agree with the SEC Chief Accountant and believe that the SEC should work with FASB to ensure the adequacy of the research and to develop specific plans and milestones to appropriately consider how information on intangible assets can best be reported. FASB noted that although our draft report stated that, overall, the Jenkins Committee's comprehensive reporting model represents a significant step in improving information for users, comments it received on the Jenkins Committee's recommendations suggested that not all users agreed with certain specific recommendations. We believe that such comments are consistent with the findings of the Jenkins Committee and the 1993 report of AIMR. The findings of both major studies supported the need for a comprehensive reporting model, but found disagreement on certain specific components. Opposition to certain of the Jenkins Committee's recommendations included measuring noncore assets and liabilities at fair value, reporting forward-looking information about opportunities and risks, and accounting for specific operational performance. The reasons for such opposition included cost, competitive disadvantage, and liability concerns. We believe that FASB needs to carefully consider such concerns, but should explore ways to resolve them. The AICPA commented that it strongly supports FASB undertaking a project to implement the comprehensive reporting model suggested by the Jenkins Committee. The AICPA stated that it has recently urged FASB to accelerate its review of the Jenkins Committee's recommendations and to proceed to the implementation stage of the comprehensive model as promptly as possible. As our report points out, we believe FASB should not be expected to resolve these issues by itself. These issues are far-reaching and require a concerted effort by all the major players, including strong SEC leadership, to achieve a comprehensive reporting model that is relevant to today's financial statement users. FASB also commented on our observation that the FASAC members' comments do not always objectively address the merits of the accounting issue under discussion and that such comments add to the Board's time in resolving issues and reaching consensus on accounting issues. FASB commented that the FASAC members are there to express their views freely and that the Board members can make their own judgments about the merit of FASAC members' comments. We raised this issue for the Board to consider whether it is in fact getting the best professional advice obtainable from a group established to help the Board resolve accounting issues. It is our view that FASAC is not working as effectively as it could and the Board may wish to revisit what it expects from FASAC and whether that is being efficiently and effectively achieved. The SEC Chief Accountant commented that FASAC's membership may not be balanced appropriately to provide guidance to FASB and stated that his office would support a reconsideration of the FASAC membership criteria. The SEC Chief Accountant agreed with our observation that opportunity exists in setting auditing standards to better meet the public interest by having more ASB members who are knowledgeable of standards but are not public practitioners. He recognized the difficulties of attracting qualified, nonpracticing individuals to participate on the ASB, but stated that his office supports increased user and public participation in all private-sector standard-setting processes. The AICPA, in expressing its support for the recent restructuring of FAF, commented that it gave up one of its three seats on FAF to help accomplish the restructuring. We believe the AICPA should continue such support in working to increase user and public participation on the ASB. The SEC Chief Accountant commented that our discussion of the SEC relationship with the standard-setting bodies implied that there has been a transfer of official, statutory responsibility from the SEC to FASB and that SEC oversight has been sporadic. The SEC provided several examples of how it works with the standard setters and stated that its oversight has been vigilant. Our report points out in practice how standard setting has worked. The SEC, through its responsibilities for administering and enforcing the federal securities laws, is the primary federal agency involved in accounting and auditing requirements for publicly traded companies. Our report recognizes that while the SEC has delegated much of its responsibility for setting standards for financial reporting and independent audits under the securities laws to the private sector standard setters, it exercises oversight of the standard-setting processes of both FASB and the AICPA. Our report also points out, as the SEC has noted, that notwithstanding these delegations and practices, ultimate authority for standard setting and the responsibility to protect the public interest rests with the SEC. It is in that respect that we believe the SEC has not always strongly asserted leadership in its relationship with the standard setters. Although the SEC is actively involved in monitoring and overseeing the work of the standard setters, we believe that more progress could be achieved in resolving the major issues facing the standard setters if the SEC would exert more of a leadership role in working with the standard setters. For example, the SEC asserted strong leadership in achieving the restructuring of FAF. Similar leadership is needed in working with FASB and the AICPA to address the major accounting and auditing issues discussed in this report. We believe that such leadership by the SEC can be provided effectively without taking standard setting out of the private sector, since private-sector standard setting has worked rather well. IMPACT OF GROWING BUSINESS COMPLEXITY ON THE TRADITIONAL AUDIT FUNCTION ============================================================ Chapter 6 Audited financial statements are important to our financial markets and a valuable component of our economy, in that they facilitate the allocation of capital among businesses and industries through the independent assurance of the reliability of the financial data presented. Over the years, recommendations have been made to improve financial statements and disclosures and expand the auditor's association with the financial reporting process. However, the limitations of financial statements for making investment, credit, and other decisions are both more widely appreciated and growing as technological innovations have improved the timeliness and accessibility of information, and as businesses engage in more complex business transactions. In addition, decisionmakers are placing more importance on the value of companies' intangible and soft assets, which are often not reflected in the financial statements. As a result of these changes, users are increasingly turning to unaudited information sources to obtain information for making business decisions. This practice in the investment and credit communities is raising important questions for the accounting profession, not only regarding the appropriate reporting model for business, but also the role auditors should have in providing adequate assurances for information beyond that contained in the present, primarily historical cost-based, financial statements. The prominent role of unaudited information in facilitating business decisions in today's economy also raises questions for the SEC about whether the basic audit requirements for financial statements that grew out of the 1930s economic conditions need to be revisited to better protect shareholders in a much different information world. The AICPA is currently taking a critical look at the future of the auditing profession so that the profession can respond to these trends and be able to provide the services necessary to assure the usefulness of information used for decision-making. However, the fear of litigation has restrained the accounting profession from expanding assurance services. Other barriers, such as increased audit costs and related auditor/client relationships, have also tended to discourage the profession from assuming a larger role in providing assurance services. INFORMATION NEEDS AND AVAILABILITY ARE CHALLENGING THE TRADITIONAL AUDIT FUNCTION ---------------------------------------------------------- Chapter 6:1 Early in the century, financial statements represented a large part of the information available to investors and creditors. Today, financial statements are still at the center of business reporting and an audit of the financial statements still fills an important need--audited financial statements provide accountability, reduce information asymmetry between buyers and sellers of capital, and lessen uncertainty, thus reducing the cost of capital. However, as more and more timely information flows outside of them, audited financial statements play more of a role of confirming previously available information and are no longer the primary source of information for the capital markets. As a result, the financial markets and other financial activities, such as stock sales and purchases and business transactions, are operating increasingly on the basis of current information not captured in the reporting model until sometime long after the fact, if the information is included at all. This was confirmed by the recent work of the Jenkins Committee and AIMR, which revealed that in today's economy, users have considerable information needs beyond the information provided in historical cost-based financial statements. Accordingly, users have become increasingly critical of certain aspects of financial statements. As reported in 1994 by the Jenkins Committee, more than ever before, business entities are providing services in volatile global markets, streamlining and segmenting their business activities, developing product lines that must change rapidly to meet customer demands, and creating complex financial instruments. In addition, decisionmakers are now relying much more than in the past on information concerning human resources, research, and innovation. Information that adequately portrays and measures these activities and the resultant intangible and soft assets, such as the value of brand names and patents, is often not captured in traditional historical cost-based financial statements. To satisfy their need for more relevant, complete, and current information about business entities, many users, particularly professional investors and creditors, are turning to alternative information sources, which are becoming more available as a result of the growth of information technology and electronic commerce, such as the Internet, and accessibility of computing power. Advances in telecommunications have also enabled business entities to send decision-related information to analysts in a more timely way. For example, analysts and other professional investors and creditors are turning more and more to corporate conference calls to obtain management's most current perspective on earnings trends and other key developments that influence corporate performance. Such forms of communication are controlled by management, and information provided through them is not subject to audit or other independent verification. In addition, a vast array of financial and operating statistics about industries and specific companies is now available, although not necessarily on a real-time basis, through on-line public databases.\1 The availability of this information, coupled with advances in analytical software, has assisted analysts in forecasting company earnings and trends and in estimating stock prices. In the future, investors, creditors, and others with a valid interest may be allowed real-time access to key financial information, operating statistics, and performance measures directly from companies' databases. Currently, many business entities are already directly linked with their major suppliers and customers through electronic data interchange, which enables them to hold down costs and manage obsolescence risk by monitoring the physical flows of products and services on-line. It may be only a matter of time before capital suppliers are similarly linked to business entities to track their cash needs and liquidity in real time. It is important to note that most information obtained through database access is not the traditional financial data associated with financial statements and therefore is not covered by the annual independent audit of financial statements. Thus, suppliers and others might be interested in real-time assurance from the auditor that either the information in the company's database is reliable or the system itself is highly likely to produce reliable data. Federal securities laws and regulations first enacted in the 1930s to protect the public's securities transactions required independent audits of public companies' financial statements to ensure companies disclosed information that accurately depicted the financial condition and results of company activities. However, as discussed above, information that is not contained in financial statements and therefore not audited is increasingly flowing into the markets and influencing investment and other business decisions. Further, since much information that is now reported in financial statements is accessible earlier than the release of the financial statements, an audit of the financial statements is basically serving as a validation of previously released data. Because the audit function is tied to a financial reporting model that is no longer fully meeting users' needs for relevant information, the accounting profession's role in providing a value-added service may be declining.\2 The AICPA recognizes that the accounting profession must provide its services in a fashion that responds to users' needs, or, as recently stated by the AICPA Chairman, the profession will not survive.\3 The AICPA also recognizes that in addition to the traditional audit of financial statements, users may also have a need for assurances pertaining to the reliability of data, both financial and nonfinancial, beyond that provided in financial statements. The question is what role the auditor can play to provide assurance with respect to this flow of current or real-time information. -------------------- \1 One such public database is Compustat, which contains financial statistics of more than 10,000 U.S. companies. The statistics are organized by industry and arranged in a standard financial statement format. \2 The CPA Letter, AICPA, January/February 1996. \3 "AICPA Chairman Lays the Foundation for the Future," Journal of Accountancy, AICPA, November 1995. EMERGING ENVIRONMENT FOR ASSURANCE SERVICES ---------------------------------------------------------- Chapter 6:2 The 1990s have seen a dramatic shift in power from producers of information to consumers of information.\4 Information technology has allowed consumers to decide for themselves what information is important instead of producers deciding what information would be available. Accordingly, technological innovations, coupled with complex business structures and other economic forces, are impacting the traditional audit function. These developments have already resulted in demands for a wide range of nonaudit services, such as management consulting services. These developments are also creating opportunities for the profession for new value-added assurance services that go beyond the traditional audit of historical cost-based financial statements. As users become dependent on information systems that rely on little or no human intervention, the issues surrounding system integrity and security will become even more important. The Jenkins Committee found that professional investors and creditors want auditors to be substantially more involved than at present with the functioning of the business entity's systems that produce financial data for external consumption. In its 1993 report on users' needs, AIMR stated that auditors pay too much attention to the numbers and too little to the process that produces them. AIMR advocated continual auditor involvement in the process that generates financial information rather than verification of only output or results, and envisioned independent auditors being substantially more involved than at present with the functioning of the internal systems that produce financial data for external consumption. Former SEC Chief Accountant John C. Burton once put forth the notion of an "auditor of record," a firm that would take responsibility for the quality and content of an enterprise's publicly released financial information well beyond the mere annual blessing of management's representations in the financial statements. The impetus for these views was that business entities have the technology to produce significant amounts of information beyond what is contained in their financial statements and annual reports, and users have the computing power to access it. As users of various types get more and more of their decision-related information from systems grounded in the latest technology, they will need to know that the systems are reliable. Another future role of the auditor stems from the sheer volume of available data. Decisionmakers are increasingly connected to on-line information sources that can overwhelm them in data--making it difficult to sort out which data are relevant and to be certain the most relevant data have been obtained. Auditors could assist these users, particularly those who are not professional investors or creditors, in identifying information that is relevant to their specific needs. Some users will also likely need to have some of the data interpreted for them because the presentation format may be very broad and general. Further, the attest function can be applied to an array of information broader than just financial information. For example, the Jenkins Committee recommended that enterprises increase their disclosures of forward-looking information about risks and opportunities facing the company and management's plans, and other nonfinancial information, such as performance measures, operating data, and information about directors and management. The Jenkins Committee also recommended that auditors be prepared to provide assurances on this information. Other assurance services that CPAs might provide include interpreting financial statements and adding qualitative information about an enterprise and its prospects. For example, the Jenkins Committee found that a majority of the professional investors and creditors it surveyed supported expanding auditor reporting to include some form of analytical commentary on areas that would assist them in evaluating the quality of a company's earnings. Such areas would include the audit scope and findings, the business entity's use of accounting standards in relation to alternative standards, the reasonableness of significant assumptions and estimates used by management in the preparation of financial statements, and the risks related to realizing recorded assets. The AICPA Special Committee on Assurance Services (Elliott Committee), appointed in 1994, is exploring new ways, such as those described above, for auditors to provide value to their clients and the public they serve. The Committee has been studying the audit and attestation field and the trends shaping the profession's environment, focusing on the changing needs of users of decision-making information. In its interim report, the Elliott Committee discussed the economic, political, and social trends that will affect the need for information and assurance in the future. For example, the Committee identified trends in information technology, corporate structure, accountability, investment capital, the aging of America, and globalization, which suggest new service opportunities for the profession.\5 The Elliott Committee plans to identify these new service opportunities, determine what barriers stand in the way of providing these services, and develop recommendations. The Committee expects to issue its final report in the fall of 1996. In the meantime, the AICPA Chairman is encouraging all members of the profession to focus on making themselves better competitors; more highly skilled; more well-known to the public for personal objectivity, integrity, competence, and independence; more attuned to users needs; and more relevant in an increasingly complex economic environment.\6 -------------------- \4 The CPA Letter, AICPA, January/February 1996. \5 The CPA Letter, AICPA, January/February 1996. \6 The CPA Letter, AICPA, May 1996. LITIGATION CONCERNS HAVE HINDERED AUDITORS' WILLINGNESS TO EXPAND RESPONSIBILITIES ---------------------------------------------------------- Chapter 6:3 The auditor's role in the financial reporting process has been the subject of many studies over the past 20 years. To better meet public needs and expectations for reliable information, many recommendations have been made to expand auditors' association with financial reporting.\7 For example, as discussed in chapter 3, recommendations have been made to expand auditors' responsibilities for detecting and reporting fraud, to require auditor reporting on the effectiveness of a company's internal control systems, and to expand auditor reporting in areas such as risks and uncertainties facing the company. In addition, recent work of the Jenkins Committee suggests that auditors should also be prepared to be associated with forward-looking and other nonfinancial data reported by management. However, primarily because of fear of litigation, the accounting profession has been unwilling to expand its responsibilities in these areas. According to the Kirk Panel, the fear of litigation has resulted in detailed auditing standards regarding the auditor's responsibilities and standards that create highly standardized auditor reporting. Such standards narrow the scope of professional judgment that might be questioned by a litigant alleging a loss due to a negligent audit. However, we believe these limited standards and responsibilities, coupled with the decrease in the usefulness of traditional cost-based financial statements, have also resulted in missed opportunities to enhance the value of the audit function. The Congress recently passed the Private Securities Litigation Reform Act of 1995, which generally limits each defendant's liability for fraud, under the Securities Exchange Act of 1934, to the defendant's percentage of responsibility for the violation if the violation was not knowingly committed. The 1995 Act also provides a safe harbor for certain forward-looking information. While it is not clear yet what effect this legislation will have on the accounting profession's willingness to provide additional assurance services or to expand auditor reporting, it is clear by the appointments of the Jenkins and Elliott Committees that the leaders of the profession want to do something to deal with the profession's diminishing role in providing users with relevant, reliable, and timely information. -------------------- \7 Refer to table II.5, appendix II (GAO/AIMD-96-98A) for the recommendations made to expand auditor's association with financial reporting. EXPANDED ASSURANCE SERVICES WILL REQUIRE FOCUS ON SYSTEMS AND PROFESSIONAL STANDARDS ---------------------------------------------------------- Chapter 6:4 If auditors are to provide timely assurance services on financial data as well as nonfinancial data, auditors will need to focus on the reliability of the systems producing the data. Our own belief and that of the Jenkins Committee is that the auditor's work on financial statements and the related system of internal control provides the foundation on which other work is based. The Jenkins Committee concluded that the level of assurance on elements outside the financial statements could be no stronger than that foundation. For example, the Committee believes that if auditors did not report on financial statements, they could not report on any of the other elements of information presented in business reporting. However, as noted by the Jenkins Committee, auditors rarely report publicly on internal controls even when management does. Currently the auditor, in conducting a traditional financial statement audit, obtains an understanding of internal controls over financial reporting, but only thoroughly tests those controls necessary to efficiently conduct the audit, except in audits of certain financial institutions in which internal control reporting is mandatory.\8 We have advocated that auditor reporting on internal controls should be a mandatory component of a financial statement audit. Reviewing the effectiveness of internal controls can be done through management's assessment of controls and auditor reporting on management's assertion, or the board of directors can report on the effectiveness of internal controls. Under the latter method, the board of directors could use the independent public accountant to assist it in obtaining the necessary understanding and testing of controls. In 1993, the AICPA Board of Directors publicly supported an auditor's report on management's assertions on the effectiveness of a company's internal controls over financial reporting, recognizing that such a report would provide further assurance to the investing public. The AICPA urged the SEC to establish such a requirement; however, to date, no action has been taken by the SEC on auditor reporting on internal controls. According to the Jenkins Committee, current audit standards and guidance are not sufficient for auditors to attest to the varying nature of information outside of the financial statements that is considered by users to be relevant.\9 For example, some of the information that would be included in a comprehensive reporting model proposed by the Jenkins Committee is composed almost entirely of management's beliefs, intentions, and predictions. There will likely be less empirical evidence than the auditor is accustomed to having to support those assertions, such as opportunities and risks, including those resulting from key trends; management's plans, including critical success factors; broad objectives and strategies; and the impact of industry structures on the business entity. Further, the Jenkins Committee believed that auditors could have difficulty in determining whether the disclosures are complete. In such situations, the Jenkins Committee explained that the auditor may need to focus on the reliability of the processes that management used to arrive at this information as well as the reasonableness of management's underlying assumptions. Accordingly, the Jenkins Committee noted that auditing standards and guidance would need to be developed to provide for an adequate level of assurance or verification on this type of "soft" information. However, as we previously discussed, the fear of litigation has deterred the profession from issuing auditing standards that place less emphasis on verification and more emphasis on judgment, or that expand auditor's responsibilities. Even if the profession were to endorse this change in assurances, there is some question as to whether the SEC would encourage auditing standards that would permit the auditor to include all soft asset valuations in an overall opinion on the fairness of the financial statements. For example, a recent SEC proposal for disclosure of qualitative and quantitative information about market risk inherent in derivative financial instruments would put such disclosure outside the financial statements. The Jenkins Committee recommended, in the elements of its proposed reporting model, a different level of assurance for subjective information, concluding that the need to reach for an opinion of "fairness" on all information may be unnecessary. Under this approach, the auditor would report that the element is presented in conformity with the respective standards of presentation and that management has a reasonable basis for the underlying assumptions and analyses reflected in that element. In contrast, the audit of more objective information states that the element is fairly presented, in all material respects, in conformity with applicable standards. Given adequate implementation time, the Committee believes that users will be able to understand the inherent differences in the nature of the information being audited. In the federal arena, FASAB has adopted this approach to separating out judgmental values from transaction-driven and more easily verifiable values. For example, federal government investments in research and development, intellectual capital, and state and local infrastructure, cannot be valued on the basis of potential future cash flows. Instead, the values of these investments can be measured by the outcomes of the federal expenditures. FASAB's solution to this accounting problem is to accumulate expenditures by type of investment project over an appropriate period of time and try to correlate the expenditures over time with the outputs and outcomes of the projects. For human capital expenditures, for example, this might be the years of education added to the overall population of the United States every 5 years. To separate out these very judgmental values, federal investments were designated as "stewardship information" and presented separately in the financial statements.\10 GAO and OMB will try to set auditing requirements appropriate for such information. -------------------- \8 FDICIA requires that audits of large banks and savings and loans include an auditor's report attesting to management's assertions on the institutions' internal controls. \9 According to the AICPA's Vice President for Professional Standards and Technical Services, the AICPA attestation standards that are applied by CPAs for engagements involving reporting by auditors on information outside the financial statements, such as financial projections and forecasts and pro forma financial information, are relevant to reporting on the types of information discussed by the Jenkins Committee. \10 Statement of Recommended Accounting Standards, Number 8, Supplementary Stewardship Reporting, FASAB, 1996. OTHER CONSTRAINTS ON EXPANDING ASSURANCE SERVICES ---------------------------------------------------------- Chapter 6:5 It is not clear whether there is a market demand for expanded assurance services, or, if there is, whether these new services will undercut the economic value of the current audit function. Audit costs are cited by preparers as a reason for not expanding the auditor's scope of work. More auditor involvement with the functioning of the internal systems that produce financial data could be costly. However, AIMR points out that while audit costs may increase, the risk of audit failures would decrease. Therefore, AIMR contends that the increased audit costs would be offset, at least partially, by the decreased cost of capital resulting from higher quality and more reliable information being made available to the financial markets. The Jenkins Committee found that users are divided over the usefulness of expanding the scope of audits to include new types of information not now audited.\11 In fact, the Jenkins Committee pointed out that creditors are concerned that companies may reduce the extent of auditor involvement to offset increased costs if accounting requirements are increased. Although users are not enthusiastic about expanding the scope of audits, one exception relates to internal controls. Both the Jenkins Committee and AIMR reported that users believe business reporting would benefit from increased auditor involvement in internal controls. We believe that shifting the auditor/client relationship more toward the boards of directors and their audit committees, as envisioned by the Kirk Panel, may result in requests for assistance in meeting the boards of directors' responsibilities to shareholders. One area of assistance could be internal control. For example, if boards and their audit committees had the responsibility for overseeing risk management and the effectiveness of the controls to ensure the risk management policies were followed, we believe the boards would likely call upon the independent auditor to assist them in discharging that responsibility. As previously discussed, the Jenkins Committee also found that a majority of users support expanding the auditor's reporting to include some form of analytical commentary on areas that would assist them in evaluating the quality of a company's earnings. However, many preparers, who like to control the information that is provided, may not welcome either extending audit coverage to information outside the financial statements or including an independent view in the auditor's report. Also, the fear of litigation has resulted in standardized reporting, which discourages auditor commentary. As mentioned earlier, an expanded role of the auditor will need to encompass a sufficient level of involvement in the business entity's information systems to satisfy the needs of users. However, according to the Jenkins Committee, users are already concerned about pressures on auditor independence. The Committee reported that users believe the need to maintain a good business relationship with clients in a competitive audit environment could, over time, erode auditor independence. The Committee also reported that users are concerned that auditors may accept audit engagements at marginal profits to obtain more profitable consulting engagements from the client, and that auditors may be reluctant to irritate management to protect the consultant relationship. However, "continuous involvement," as used by AIMR, implies that auditors will need to have a greater presence at their clients' business sites and cooperate more with their clients' own professionals. If this happens, the fine line between consulting-related assignments and independent verification assignments will likely grow more blurred. Further, with increased auditor involvement in systems, users may come to expect auditors to ensure the reliability of the data as opposed to providing more limited assurances regarding management's assertions. Having the auditor report to the board of directors versus corporate management as envisioned by the Kirk Panel may help to alleviate independence concerns that may arise. -------------------- \11 Only 57 percent of those who participated in the Committee's survey agreed that auditors should provide some level of assurance about disclosures of forward-looking information. Further, only 52 percent agreed that auditors should provide some level of assurance on nonfinancial business information disclosed by management. AUDITOR SKILLS AND EXPERTISE FOR EXPANDED SERVICES ---------------------------------------------------------- Chapter 6:6 Both the Jenkins Committee and Elliott Committee have indicated that auditors may not have the skills and expertise to be associated with some types of information outside the financial statements. Some of the information on which auditors may be asked to provide assurance, such as management's beliefs and predictions that may concern technological achievements or expectations, may be beyond the ability of current auditors to evaluate. In addition, many of the new services that may present an opportunity to the profession, such as providing assurances about the reliability of real-time information, require expertise in information systems. The AICPA Chairman recently stated his intention to get more accounting faculty involved in the AICPA committee structure to better integrate education and practice.\12 The AICPA Chairman also stated that he wants a technology focus on all AICPA initiatives and that the AICPA must see to it that its members acquire the skills, knowledge, and support they need to be "empowered--not overpowered--by technology." -------------------- \12 "AICPA Chairman Lays the Foundation for the Future," Journal of Accountancy, AICPA, November 1995. OBSERVATIONS ---------------------------------------------------------- Chapter 6:7 Changing business operations and the tremendous advancement of information technology are greatly influencing users' needs for data that are more real-time and comprehensive than those provided by current financial reporting. Users need audited financial information because it provides independent assurance of the reliability of amounts reported that are not otherwise verifiable by third-party users. The attest function is already being challenged by the increase in the use of market values for financial instruments, which are at times difficult to determine. Demands for increased auditor services will likely present even more difficult challenges for the accounting profession as it is called upon to attest to nonfinancial data that may involve forward-looking information and soft business assets that are not currently reflected on the financial statements or in related disclosures and that are difficult to value. Extending the financial statements to include a company's soft assets would change the present balance between reliability and relevance of the information presented. With such a shift, the auditor would need to have professional standards governing auditor assurance concerning data that are not susceptible to traditional methods of verification. Therefore, successfully responding to this market for expanded assurance services will require the accounting profession to effectively address some difficult issues affecting the culture of the accounting profession. The SEC will also be challenged in fulfilling its responsibilities to protect investors under the securities laws. The long-standing, difficult issues for the accounting profession concerning auditor independence and the auditor's responsibilities for internal controls and fraud detection are barriers that could limit expanded assurance services if not successfully resolved by the accounting profession. Also, the value of the traditional annual financial statement audit in attesting to the reliability of data used by investors is more limited relative to its origin in the 1930s, considering the widespread use today of nonaudited data in commerce. This is an important issue for the SEC as its responsibilities for protecting investors are being challenged by current trends in the use of nonaudited data and the future role of the traditional annual audit. The accounting profession operates in a liability risk aversion mode that has been a barrier to offering services that increase auditor responsibility. For example, until 1993, the accounting profession has been reluctant to evaluate and report on the effectiveness of internal controls. Internal control evaluations are now being provided by auditors for large banks and thrifts as required by law. The envisioned expanded assurance services are likely to focus auditing services more on the condition of information systems and related internal controls in order to provide timely assurances on the reliability of the systems, and less on the specific data provided by that system, which are the focus of a traditional financial statement audit. We believe auditor knowledge of internal controls is an essential foundation for the future expansion of assurance services. Some relief from liability, coupled with diminishing demands for traditional attest services and new opportunities for services stemming from changing business and advances in technology, may change the accounting profession's posture with regard to expanded responsibilities. We believe the current auditor/client relationship and the perception of independence concerns that it raises is worth examining very closely because it is a significant barrier to having auditors accept more responsibility for internal controls and the quality of decision-related information and soft asset values provided by management. Auditor independence may become a greater issue for the accounting profession if auditors are not fully trusted by potential consumers of an expanded attest function. The auditor's traditional values of being objective, skeptical, and even critical are important aspects to providing assurance services. The accounting profession needs to be attentive to the concerns over independence to ensure that services are not expanded into new areas where these critical auditor assets may be diminished in value. Further, as emphasized by the Jenkins Committee, auditor commentary on the appropriateness of management's use of accounting standards and other nonfinancial information would require a substantial change in the relationship between management and the auditor because the presence of such commentary in today's environment may be considered intrusive by management. Accordingly, we support the Kirk Panel's suggestions regarding the current auditor/client relationship and the need for a more direct auditor relationship with the business entity's board of directors and audit committees in order to strengthen auditor independence and enhance the auditor's role in these areas. Expanded auditor assurance services may actually help to facilitate this more direct relationship because, in addition to management, the board of directors should be attracted to the expanded assurance service since it will enable the board to do a more effective job of overseeing management's operations and running the business. While the present limitations on skills and expertise need attention, we do not believe that they are a major constraint to providing expanded assurance services. We believe CPAs are capable of analyzing businesses' financial operations. We also believe large accounting firms, which have more capital and training capacity relative to other firms, should assume a leadership role to deal expeditiously with any limitations. Accounting firms have developed groups of individuals with skills other than accounting and auditing, such as actuaries and operations research analysts, whose skills are already being applied in unique audit situations. Accounting firms have also trained individuals to meet the increasing market demands for consulting services. Many of the skills used in consulting services are similar to those needed for other assurance services. The AICPA and state societies also have a large education and training infrastructure to provide any needed professional education in these areas. Full, fair, and accurate disclosure of financial information is a cornerstone of our system of public securities markets. The rules and regulations established in the 1930s for public disclosure and independent audits were put in place to protect the public in their securities transactions. However, much of the information used today for business decisions is outside the traditional financial statements and therefore is unaudited. In the future, the SEC will need to play a dominant role in deciding whether auditors' assurances about systems integrity are needed to help the SEC discharge its responsibilities for full and fair disclosure in the securities markets. The demand for expanded assurance services should not only be a function of management demand. Users' needs are also important. It is clear that the future of the accounting profession is not all in its own hands. We support the Elliott Committee's efforts to explore the auditor's ability to accept more responsibilities for decision-related information and internal controls. The profession's strategies need to be carefully thought out and expressed in terms of the quality of information needed by investors, creditors, and others for decision-making. The accounting profession has not effectively resolved public expectations in key areas, such as internal controls and fraud, and auditor independence still remains a concern. The accounting profession must effectively resolve such fundamental concerns if it is to be successful in providing expanded assurance services. COMMENTS AND OUR EVALUATION ---------------------------------------------------------- Chapter 6:8 The AICPA and the SEC Chief Accountant provided comments on the role of the auditor in further enhancing of the financial reporting process. The AICPA commented that it expects its Elliott Committee to complete its work and report to the AICPA in October 1996. The AICPA stated the Elliott Committee studied, among other things, recent trends in information technology, corporate structures, accountability, investment capital, the aging of Americans, and globablization of markets that suggest a growing evolution in the way CPAs will serve the public in the future. The SEC Chief Accountant stated that the concerns over auditor independence discussed in our report must be resolved if the accounting profession is to be successful in providing expanded assurance services. We would add that public expectations in the key areas of auditor's responsibilities for reporting on the effectiveness of internal controls and detecting material fraud must also be resolved. *** End of document. *** What is the SEC and how is it involved with accounting standard setting?Instead of issuing standards itself, the SEC is primarily concerned with enforcing accounting and auditing standards in the context of financial statements it receives from public companies under the federal securities laws. It also oversees the Public Company Accounting Oversight Board.
Who are required to file audited financial statements in the Philippines SEC?Under the Bureau of Internal Revenue (BIR), corporations, partnerships, or individuals earning gross sales of more than P3,000,000 per year must submit an Audited Financial Statement to the BIR each year. The AFS should be filed as an attachment to the company's annual income tax return or AITR.
Why does the SEC require audited financial statements?Arthur Young: "The SEC requires the filing of audited financial statements in order to obviate the fear of loss from reliance on inaccurate information, thereby encouraging public investment in the Nation's industries." That has important implications for investors making investment decisions, for banks and financial ...
Does the SEC require audited financial statements?Complete audited financial statements of the operating company (as predecessor of the registrant) must be provided.
|