La réforme de l’audit professionnel | Problèmes persistants et changements suggérés


Voici un excellent article de Lynn E. Turner, ex-comptable en chef à la Securities and Exchange Commission (SEC) des États-Unis, et actuellement conseillère principale chez Hemming Morse LLP.

Dans cet article, l’auteur constate les problèmes persistants de la mauvaise qualité de l’audit. Il identifie de nombreux cas problématiques affectant la crédibilité et la confiance dans la profession d’audit.

Également, l’article présente des avenues de réformes pour rétablir les responsabilités de la profession envers les investisseurs et améliorer la transparence et l’imputabilité.

Il y a toujours des problèmes avec la qualité des audits effectués par les CPA. En octobre 2008, un comité du Trésor américain sur la profession d’audit (ACAP) a publié un rapport contenant de nombreuses recommandations pour la SEC, le PCAOB et la profession d’audit.

Ce comité de chefs d’entreprise, d’investisseurs, d’anciens régulateurs de la SEC et de CPA a étudié la profession pendant un an avant de publier son rapport. Pourtant, aujourd’hui, dix ans plus tard, peu de recommandations ont été suivies par les cabinets d’audit ou leurs régulateurs. En conséquence, il semble que les quatre grands cabinets d’audit soient devenus « Too big to fail ».

Plusieurs comptables qui réglementent les cabinets d’audit à la SEC ou au PCAOB ont rejoint les régulateurs de ces « Big 4 »,  puis ils sont revenus en cabinet, comme l’a souligné la récente action du ministère de la Justice contre les auditeurs de KPMG.

Je vous invite à lire le texte au complet.

Bonne lecture !

Reforms of the Auditing Profession: Improving Quality Transparency, Governance and Accountability

 

Is audit fit for purpose? | Financial Times

Continuing issues affecting the credibility and trust in the auditing profession includes:

  • Lack of Independence—Auditors view management of companies they audit as their “client” not the public. It is important to audit partners that they maintain the “annuity” received from the annual audit fees. Losing an annuity from a large company can impact a partner’s career. As a result, the need to maintain a lack of bias and professional scepticism runs head on into, and conflicts with, the need to maintain the annuity for the firm.
  • Management provides them business opportunities to grow their revenues/profits.
  • Management writes their check.
  • Too often, in reality, audit committee’s delegate hiring and oversight of the auditor to management. Management and Audit Committees have often retained the same auditor for decades, even centuries, continuing to pay the annuity, and receiving “clean” audit reports.
  • Auditors have testified under oath in court, that they do not have an obligation to detect material financial statement fraud and serve the public interest.
  • Management provides the independent auditor with the accounting records and financial statements (numbers) to be audited. Then upon request from the independent auditor, management also provides the auditor with the evidence to support the numbers. When auditors talk of using “Big Data” in an audit, it too often is testing data in a data base created and maintained by management. As such, the numbers, and evidence and support the auditor examines, comes from the party that is the subject of the audit. It is doubtful that management is going to provide evidence that does not support the numbers they have created. Unfortunately, Generally Accepted Auditing Standards (GAAS) do not specifically address the need for the auditor to consider publicly available information that contradicts the information management has provided. And time and time again, it is this type of information that has resulted in analysts and other outside researchers bringing to light errors in financial statements and disclosures. And it is this information that auditors have failed to address in their audits.
  • The government mandates management and the company MUST buy audits, rather than those who actually own the company. In this respect, auditing of publicly listed companies is like a publicly mandated utility.
  • Lack of Transparency with respect to Audit Firm Performance and Audit Quality. Investors are not provided information necessary to inform them as to the quality of the audit of the financial statements and disclosures of the company they invest in and own. In that regard, investors are being asked to vote and ratify the auditor without information necessary to making an informed decision. Investors are consistently told in the audit report that audits have been done in compliance with GAAS set by the Public Company Accounting Oversight Board (PCAOB), a misleading statement in light of the very high deficiencies in compliance with GAAS reporting by the PCAOB and other audit regulators around the globe.
  • Lack of Independent Governance of Audit Firms. The large audit firms, which audit the vast majority of publicly listed companies in the US as well as around the globe, all lack meaningful independent governance. This lack of governance, which is required for publicly listed companies, has resulted in a lack of quality, accountability, transparency, and governance when it comes to audit quality and performance.
  • Very poor audits quality based on inspection reports from around the globe—so bad that the International Forum of Independent Audit Regulators (IFIAR) called senior leadership from each of the six largest firms in to discuss the poor audit quality. IFIAR’s Global Audit Quality (GAQ) Working Group and the GPPC networks undertook an initiative aimed to reduce the frequency of inspection findings. In accordance with a target established by the GAQ Working Group, the GPPC networks seek to improve audit performance, reflected in a decrease of at least 25%, on an aggregate basis across the GPPC networks over four years, in the percentage of their inspected listed PIE audits that have at least one finding. (See https://www.ifiar.org/)
  • The 2016 Inspection report of IFIAR stated: Inspected audits of listed public interest entities (PIEs) with at least one finding remained unacceptably high at 42%.” (See here.)
  • Audit firms often state the deficiency rates are high because the regulators are picking “High Risk” audits which in some, but not all instances, is true. However, one would expect the audit firms to assign these audits to their very best auditors, and as a result, there would be fewer deficiencies.
  • And finally, audit reports have failed to convey to investors—as well as audit committees—concerns of the auditor, even when they know management and companies are violating laws and regulations. Such reports are required for auditors of governments that receive federal funds, but are not required in instances such as seen in recent years, for audits of companies such as Wells Fargo.

Reforms to establish accountability to investors as owners of the company, enhance transparency and accountability

Below are ideas to address the issues with poor audit quality on audits of publicly listed companies. Some of these ideas or recommendations were put forward ten years ago by the U.S. Treasury ACAP.

  • Remove the current requirement in the Securities Laws that a Company must have an audit by an independent auditor, thereby eliminating the federal government mandate.
  • Replace it with a market based requirement, that every 5 years, a shareholder proposal be included in the annual proxy, asking if the investors want an independent audit of the financial statements by the independent auditors. Accordingly, it would be made clear that independent auditors work for, and serve the public interest of the owners of the company—the investors. I would expect that investors most often would vote for an independent audit, unless they saw little value in having one.
  • If the stockholders do approve the independent audit requirement (and again, I think they almost always would):
    • The audit committee, not management, would select and nominate the auditor. This responsibility could not be delegated to management;
    • The stockholders would then be asked to vote on and approve the auditor;
    • The audit committee, not management, would then be tasked with and responsible for negotiating the fee to be paid to the auditor;
    • The audit committee would submit a bill for the audit fee to the PCAOB as necessary during the course of the audit.
  • The PCAOB would collect a fee from each public company to cover the bill of the auditor for the audit. The PCAOB already has a mechanism in place for collecting fees it is required to get from public companies
  • The PCAOB could require a company to tender their audit for proposal, if the PCAOB found the auditors had engaged in improper professional conduct as defined in SEC Rule 102(e), or had a material weakness in their own internal audit quality controls; or had significant deficiencies on an audit in which the auditor had failed to comply with GAAS as set by the PCAOB.
  • In no event, could the audit firm serve as auditor for a publicly listed company for a period longer than what is permitted today by the EC which is 20 years.
  • The new auditor report adopted by the PCAOB should be required on all audits of public companies. This new audit report will require the auditor to state and discuss in this new form of audit report, “critical audit matters” (commonly referred to as CAMS). The new audit report also requires the auditor to state: “A statement that PCAOB standards require that the auditor plan and perform the audit to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether due to error or fraud.”
  • However, the PCAOB exempted a wide swath of public entities and did not require communication of critical audit matters for audits of emerging growth companies (“EGCs”), brokers and dealers reporting under the Securities Exchange Act of 1934 (the “Exchange Act”) Rule 17a-5; investment companies (e.g., mutual funds), other than business development companies; and employee stock purchase, savings, and similar plans (“benefit plans”).
  • If auditors through their audit work, become aware of a company or management breaking a law or regulation, that could have a material impact on the financial statements or operations of a company, they should be required to disclose it in their report, just as an auditor of a governmental agency subject to the GAO Yellow Book auditing standards is required to do so.
  • In August, 2000, The Panel on Audit Effectiveness (O’Malley Panel) chaired by the former Chairman of PW recommended that each audit include a forensic segment of the audit. Consideration should once again be given to this recommendation including establishing within GAAS, the need for auditors to consider publicly available information that contradicts the evidence management has provided them.
  • Require disclosure of audit quality indicators for each audit on which an opinion of the auditor is provided to investors in the company. These indicators should be disclosed in the Company’s proxy as part of the Company’s audit committee report to investors. Audit committees should also be required to disclose either in the proxy, or in the Charter of the Committee, the committees procedure for periodically tendering the audit. Audit firms should already be measuring audit quality on individual audits if in fact they are managing audit quality. But the audit inspection results from around the globe provide some evidence, that has not be occurring.
  • Improving the transparency of the PCAOB. The PCAOB inspects a very small percentage of the audits of publicly listed companies each year, and provide a public inspection report for each firm with their findings. For those audits inspected, the PCAOB inspection reports are perhaps the best indicator of audit quality today. Yet the PCAOB has refused to provide the name of companies being audited, stating the Sarbanes-Oxley Act of 2002 (SOX) prohibits this. But that is false as there is not language in SOX that prohibits the disclosure of the name of the companies whose audits are inspected. What SOX does prohibit is disclosure of investigations and enforcement actions taken by the PCAOB with respect to a poor audit. Senator Sarbanes agreed to an amendment of the then draft of SOX (May 2002), to include a prohibition on public disclosure, until the PCAOB enforcement action is final, at the request of the audit firms and Senator Enzi who was negotiating on their behalf. Harvey Goldschmid, who would shortly thereafter become an SEC Commissioner, and I, pleaded with the Senator not to make this change, as enforcement actions taken by the SEC are not private, but are in fact public. Senator Jack Reed (D-Rhode Island and Grassley (R-Iowa) have introduced subsequently introduced legislation, supported by the PCAOB in the past, to reverse this change and make the actions public. Unfortunately, in the meantime, the audit firms have used this provision of SOX to hide and appeal and delay the actions until many years have gone by. Then the audit firm always makes a public statement that in essence says a final PCAOB action is years old and should be ignored.
  • Currently the law requires that an audit partner be rotated off as the lead audit partner for a company, after no longer than five years. This is to provide a “fresh set” of eyes to the audit according to the congressional record. Yet there can be a number of audit partners on an audit, and it is not uncommon, to find the lead partner rotated off, and one who has been on the audit in the past, rotated into the lead audit partner position. As a result, there are incentives for partners not to bring up new problems from the past. Given the reforms cited above, this requirement, which has significant costs associated with it, could be eliminated.
  • Require each auditor of public companies to issue an annual report, just as the companies they are required to audit must, containing its:
    • Financial statements prepared in accordance with generally accepting accounting principles (GAAP). This is important to assessing the financial health of these firms as they have become “too big to fail” as demonstrated by actions of law enforcement agencies and regulators.
    • A discussion of the firms quality controls regarding all aspects of the audit including independence, human resources such as hiring, training and supervision, performance of audits, selection and retention of companies they audit, and testing and enforcement of the quality controls.
    • A discussion of the firm wide, as opposed to individual audit engagement, audit quality indicators.
    • A discussion of the firm’s governance structure, process and procedures.
  • The European Commission already requires each of the large audit firms to provide a report with some of this information. The US audit firms do publish an annual report on their own, but it discloses very limited financial information, and limited information on governing structures, accountability of executives, and performance measurement and improvement.
  • Audit firms that audit more than 100 public companies should be required to have independent directors or members on the firm’s governing board.
  • Audit firms need to abandon the “Pyramid”scheme they use for staffing today, and adopt a paraprofessional model used in law firms. The pyramid structure has resulted in talented, but young and inexperienced staff assigned to perform audit procedures, with respect to business transactions the staff are ill prepared to examine and challenge.
  • All CPA’s should be required to have a master’s degree in accountancy. I believe the master of professional accountancy program is sorely needed. The actions of the large audit firms in which they encourage students to leave school and begin their careers before the student receives their master is disappointing in that it Highlights the lack of commitment to education by those firms. Actions speak louder than words.
  • The SEC should revise its definition of what is a financial expert on the audit committee and adopt its initial proposal. The SEC should clarify the audit committee MAY NOT delegate this responsibility to the management of the Company, which is often done today.

Auteur : Gouvernance des entreprises | Jacques Grisé

Ce blogue fait l’inventaire des documents les plus pertinents et récents en gouvernance des entreprises. La sélection des billets, « posts », est le résultat d’une veille assidue des articles de revue, des blogues et sites web dans le domaine de la gouvernance, des publications scientifiques et professionnelles, des études et autres rapports portant sur la gouvernance des sociétés, au Canada et dans d’autres pays, notamment aux États-Unis, au Royaume-Uni, en France, en Europe, et en Australie. Chaque jour, je fais un choix parmi l’ensemble des publications récentes et pertinentes et je commente brièvement la publication. L’objectif de ce blogue est d’être la référence en matière de documentation en gouvernance dans le monde francophone, en fournissant au lecteur une mine de renseignements récents (les billets quotidiens) ainsi qu’un outil de recherche simple et facile à utiliser pour répertorier les publications en fonction des catégories les plus pertinentes. Jacques Grisé est professeur titulaire retraité (associé) du département de management de la Faculté des sciences de l’administration de l’Université Laval. Il est détenteur d’un Ph.D. de la Ivy Business School (University of Western Ontario), d’une Licence spécialisée en administration des entreprises (Université de Louvain en Belgique) et d’un B.Sc.Comm. (HEC, Montréal). En 1993, il a effectué des études post-doctorales à l’University of South Carolina, Columbia, S.C. dans le cadre du Faculty Development in International Business Program. Il a été directeur des programmes de formation en gouvernance du Collège des administrateurs de sociétés (CAS) de 2006 à 2012. Il est maintenant collaborateur spécial au CAS. Il a été président de l’ordre des administrateurs agréés du Québec de 2015 à 2017. Jacques Grisé a été activement impliqué dans diverses organisations et a été membre de plusieurs comités et conseils d'administration reliés à ses fonctions : Professeur de management de l'Université Laval (depuis 1968), Directeur du département de management (13 ans), Directeur d'ensemble des programmes de premier cycle en administration (6 ans), Maire de la Municipalité de Ste-Pétronille, I.O. (1993-2009), Préfet adjoint de la MRC l’Île d’Orléans (1996-2009). Il est présentement impliqué dans les organismes suivants : membre de l'Ordre des administrateurs agréés du Québec (OAAQ), membre du Comité des Prix et Distinctions de l'Université Laval. Il préside les organisations suivantes : Société Musique de chambre à Ste-Pétronille Inc. (depuis 1989), Groupe Sommet Inc. (depuis 1986), Coopérative de solidarité de Services à domicile Orléans (depuis 2019) Jacques Grisé possède également une expérience de 3 ans en gestion internationale, ayant agi comme directeur de projet en Algérie et aux Philippines de 1977-1980 (dans le cadre d'un congé sans solde de l'Université Laval). Il est le Lauréat 2007 du Prix Mérite du Conseil interprofessionnel du Québec (CIQ) et Fellow Adm.A. En 2012, il reçoit la distinction Hommage aux Bâtisseurs du CAS. En 2019, il reçoit la médaille de l’assemblée nationale. Spécialités : Le professeur Grisé est l'auteur d’une soixantaine d’articles à caractère scientifique ou professionnel. Ses intérêts de recherche touchent principalement la gouvernance des sociétés, les comportements dans les organisations, la gestion des ressources humaines, les stratégies de changement organisationnel, le processus de consultation, le design organisationnel, la gestion de programmes de formation, notamment ceux destinés à des hauts dirigeants et à des membres de conseil d'administration.

Qu'en pensez-vous ?

Entrer les renseignements ci-dessous ou cliquer sur une icône pour ouvrir une session :

Logo WordPress.com

Vous commentez à l’aide de votre compte WordPress.com. Déconnexion /  Changer )

Photo Google

Vous commentez à l’aide de votre compte Google. Déconnexion /  Changer )

Image Twitter

Vous commentez à l’aide de votre compte Twitter. Déconnexion /  Changer )

Photo Facebook

Vous commentez à l’aide de votre compte Facebook. Déconnexion /  Changer )

Connexion à %s

Ce site utilise Akismet pour réduire les indésirables. En savoir plus sur la façon dont les données de vos commentaires sont traitées.