In a nod to opponents and critics who complained about the costs of internal controls audits, the Public Company Accounting Oversight Board last month voted unanimously to circulate a proposal that would scale down the amount of testing necessary to evaluate internal controls over the financial reporting process.The board's proposal, a rare regulatory about-face for a standard-setter, calls for replacing the PCAOB's existing Auditing Standard No. 2 with a new "principles-based" standard on internal control "designed to focus the auditor on the most important matters, increasing the likelihood that material weaknesses would be found before they cause material misstatement of the financial statements."
Under Sarbanes-Oxley Section 404, executives at publicly traded companies have been required to evaluate their internal controls and have them reviewed by their outside auditors. SEC issuers, particularly smaller companies, have complained that the process has been exorbitantly expensive and time-consuming.
According to various research reports, public issuers were expected to dole out roughly $6 billion to comply with SOX 404.
The proposed standard is about one-third the length of the original, which was drafted in 2002. The proposal will be circulated for comment during a 70-day period. After that it will go to the Securities and Exchange Commission for a vote. If adopted, the new standard would be titled AS 5.
Under that timetable, the PCAOB will accept comments until the end of February, and is unlikely to issue a final standard until the latter part of 2007.
THUS FAR, AND NO FARTHER
More significantly however, the plan stops well short of an outright exemption from the internal control audit and reporting requirements for smaller companies - a key demand of SOX critics both in the business community and on Capitol Hill.
Instead, the PCAOB decided to provide accountants with detailed instructions on how to scale the audit for "a smaller and less complex company" - an approach that the board believes will result in faster and less expensive internal control audits for public companies with market capitalizations under $700 million.
"We believe the new standard will result in audits that are more efficient, risk-based and scaled to the size and complexity of each company," PCAOB chair Mark Olson said.
The proposed change does not call for a "different audit standard for different sized companies," but it "will result in significant cost savings" for all public companies, board member Kayla J. Gillan said.
During a conference call held to explain the proposed changes, PCAOB officials said that they were expecting pressure from SOX critics, who are likely to regard the plan as insufficient to address the high cost of complying with the original standard.
But, by the same token, they conceded that the proposal may also draw fire from some consumer and investor groups who support the original standard and see no reason to relax SOX protections to accommodate businesses.
In urging interested parties to provide input on the plan, Gillan stressed that the board's proposal is far from final, and that it "can be improved upon."
In addition to providing aids to help accountants scale back internal control audits for smaller companies, the proposal aims to reduce confusion by shortening and simplifying the text of the standard, and by eliminating "audit requirements that are unnecessary to achieve the intended benefits," the board said.
Specifically, the proposal would:
A Revise the definitions of significant deficiency and material weakness, as well as the "strong indicators" of a material weakness;
* Clarify the role of materiality, including interim materiality, in the audit;
* Remove the requirement to evaluate management's process;
* Permit consideration of knowledge obtained during previous audits;
* Direct the auditor to the most important controls and emphasize the importance of risk assessment;
* Direct the auditor to tailor the audit to reflect the attributes of smaller and less complex companies;
A Refocus the multi-location testing requirements on risk, rather than coverage; and,
* Recalibrate the walk-through requirement.
ACKNOWLEDGING THE COST
"A principal focus in developing this proposal was to retain and strengthen the substantial benefits investors have received from improved internal control over financial reporting," said Tom Ray, PCAOB chief auditor and director of professional standards. "I believe we have proposed a standard that will achieve that objective while reducing audit effort, especially for smaller companies."
By same token, however, the audit watchdog acknowledged that the benefits of internal control auditing have come at an unnecessarily high cost.
"Over the last two years, the board has heard a consistent message that compliance with the internal control provisions of the act has required greater effort and resulted in higher costs than expected. The board agrees that auditors should perform internal control audits as efficiently as possible for companies that are required by the SEC's rules to obtain an audit report on internal control."
In drafting the changes, the PCAOB said that it evaluated every significant aspect of the audit of internal control to determine whether the existing standard encourages auditors to perform procedures that are not necessary to achieve the intended benefits.
Earlier in December, the SEC proposed a similar standard, where executives would evaluate the design of only those controls that might carry the risk of having a material impact on financial statements.
