Auditors’ Reactions to Sarbanes-Oxley and the PCAOB

By Nancy T. Hill, John E. McEnroe, and Kevin T. Stevens

E-mail Story Print Story

Reactions to SOA

When auditors had worked under SOA for two years, the authors surveyed 1,200 CPAs, which included seniors, managers, and partnerships from large (the Big Four), medium, and small firms, and received 336 responses (28%). Auditors were asked which key provisions of SOA they agreed or disagreed with. The survey identified the areas of disagreement where auditors believe the provisions of SOA should be revisited and revised.

Perhaps the most controversial aspects of SOA are the change from industry self-promulgation and self-enforcement of standards relating to auditing, accounting, quality control, ethics, and independence, to, in effect, government regulation and promulgation of standards through the Public Company Accounting Oversight Board (PCAOB), and the limitations on the nonaudit services a company can provide to its audit clients. (Although the PCAOB is not directly empowered to establish accounting standards, SOA section 108 allows the SEC to recognize “generally accepted” accounting standards set by private entities.)

SOA established the PCAOB, under SEC oversight, to be responsible for establishing or adopting standards for quality control, ethics, independence, and anything relating to the preparation of audited financial statements. The PCAOB also conducts investigations and disciplinary proceedings, and imposes sanctions on individuals or audit firms. Under SOA, an auditor is prohibited from providing nonaudit services to a current audit client, including the following:

• bookkeeping or other services related to the accounting records or financial statements of the audit client;
• financial information system design and implementation;
• appraisal or valuation services, fairness opinions, or contribution-in-kind reports;
• actuarial services;
• internal-audit outsourcing services;
• human resources services;
• broker-dealer, investment advisor, or investment banking services; and
• legal services and expert services unrelated to the audit.

The Role of the PCAOB

Should the PCAOB establish standards that include accounting, auditing, and ethics? The Exhibit shows the survey respondents’ answers to that question. In general, practitioners from firms of all sizes favored PCAOB authority over quality control, ethics, and independence standards. Furthermore, a larger percentage of respondents from large firms (versus small and medium-sized firms) favored the PCAOB as the proper venue for establishing these standards: 74% favored it for quality control, 83% favored ethics, and 85% favored independence.

When asked about the PCAOB’s setting auditing and accounting standards, however, approximately one-third of respondents agreed that the PCAOB should set auditing standards, and 31% agreed that the PCAOB should set accounting standards.

Respondents commented that it was not the lack of auditing and accounting standards that led to corporate accounting scandals and audit failures, but rather a lack of vigilant monitoring and vigorous punishment of unethical behavior:

Even though we are a small firm, we have been damaged by Enron and other scandals. As CPAs, we work hard to obtain our licenses and work hard to develop a reputation. As a result, we feel that the PCAOB should place harsh discipline on those that tarnish CPAs’ reputations, especially stemming from independence/ethical issues.

Overall, there was widespread agreement (73% of respondents) that an independent third party, the PCAOB, should conduct investigations and impose sanctions upon auditors.

Composition of the PCAOB

Two SOA provisions regarding the make-up of the PCAOB are condemned by a majority of the profession. Over 70% of the respondents objected to the requirements that only five members can serve on the PCAOB and only two can be CPAs, and that the PCAOB chair must not have practiced as a CPA for at least five years. Many comments decried the limits on the number and experience of CPAs allowed on the PCAOB:

• “I do not believe that anyone other than practicing CPAs truly understands the significance of the scope of the work performed.”
• “If you have two or fewer CPAs on the board, what assurance do we have that the board understands the issues?”
• “The ban on practicing CPAs implies that CPAs in practice cannot be trusted. This is a political standard, not a practical one. Auditors would be more apt in designing auditing standards than lawyers.”
• “Can you imagine an oversight board created for the legal profession comprised of a majority of nonlawyers?”

Of those respondents who disagreed with the limit of two CPAs serving on the PCAOB, 23% recommended the board be entirely comprised of CPAs, 17% recommended that it include four CPAs, and 60% recommended three CPAs. On a related note, over 80% of respondents said that a break of no more than one or two years from practice as a CPA was sufficient for the PCAOB chair.

Recordkeeping and Internal-Control Disclosures

The CPAs surveyed agreed that better recordkeeping is important. Eighty-six percent of the respondents recognized the value of maintaining workpapers for no fewer than seven years. Only half agree on the requirement, however, to disclose internal-control testing and finding.

Prohibited Services

SOA prohibits the contemporaneous provision of both audit and nonaudit services, such as bookkeeping or other services related to the accounting records or financial statements of an audit client. CPAs reviewed eight of these services, and while the majority of auditors agreed that four services should not be allowed, they were split on the other four.

Over 80% of respondents said that broker-dealer, investment advisor, and investment banking services should not be provided along with audit services. Similarly, respondents thought that auditors should also provide internal audit outsourcing services (69% agreed), bookkeeping or other services related to accounting records (63%), and appraisal or valuation services (59%). Interestingly, an overwhelming 96% of respondents from large firms agreed on the prohibition of bookkeeping or other services related to accounting records along with audit services, whereas only about half (53%) of those from small firms agreed. There was less consensus on whether auditors should perform human resource services, legal or expert witness services, actuarial services, or financial information system design and implementation services. Only about half of the respondents thought that these services should be prohibited for audit clients. Furthermore, CPAs from small and mid-size firms have different views than those from the national firms on the prohibition on financial information system design and implementation. While nearly two-thirds (64%) of the respondents from the national firms agreed that such services should not be provided, fewer than half from both small and mid-size firms agreed with the ban (44% and 46%, respectively).

Outlook on the PCAOB

It may come as a surprise that many CPAs agree with the provisions of SOA that are most directly aimed at their work. The vast majority of CPAs surveyed supported the PCAOB’s role as an independent watchdog that, they hope, will punish those who violate independence and ethics standards. Respondents also agree that the PCAOB should set standards in quality control, ethics, and independence. There also appears to be widespread agreement that providing internal audit services or investment advising services to audit clients is no longer acceptable

The CPAs surveyed, however, were vehement and united in their opposition to the PCAOB’s responsibility for setting auditing and accounting standards. This opposition stems largely from the severe limits on the number of CPAs serving on the PCAOB. The message is clear: Trained and experienced CPAs from both industry and public practice should have a greater voice on the PCAOB and be held accountable to professional standards through the PCAOB.