Center for Professional Education, Inc.
2011 SEC Conference
Cynthia Fornelli, Executive Director
Center for Audit Quality
NI-HAO. Thank you for inviting me to Shanghai as your keynote speaker.
This is my first time in Shanghai, and I cannot be more overwhelmed by the warmth of the reception and graciousness of your culture. Today I would like to discuss how financial reporting promotes confidence in capital markets – with a focus on U.S-traded companies. Many of the points I want to make, though, are relevant to all capital markets. Moreover, auditors of publicly traded companies across the globe, while subject to differing regulatory regimes, all share a common purpose: to test the fairness and accuracy of financial statements of publicly traded companies for compliance with accounting standards and for evidence of material error or fraud. Investors everywhere rely on auditors. Conversely, an audit failure, while pertinent of course to the affected company and its investors, can also have a cascading effect on markets and investor confidence, and also to the profession as a whole.
About the Center for Audit Quality (CAQ)
Let me start by telling you about the Center for Audit Quality. The CAQ is a public policy organization based in Washington, D.C. We are dedicated to enhancing investor confidence and public trust in the global capital markets: by fostering high quality performance by public company auditors; by convening and collaborating with other stakeholders to advance the discussion of critical issues; and by advocating policies and standards that promote public company auditors’ objectivity, effectiveness and responsiveness to dynamic market conditions in the United States and globally.
Founded in 2007, the CAQ is a self-supporting nonprofit organization with approximately 650 U.S. public company auditing firms that are registered with the PCAOB as our members. The CAQ serves as the profession’s liaison with policymakers, which includes writing and submitting comment letters, and assisting our member firms’ pursuit of audit quality by providing alerts, publications, white papers and webcasts on technical matters. The CAQ also provides international subscriptions, providing non-U.S. firms with access to the professional practice, policy and educational materials available to U.S. member firms. However, you don’t have to be members – a majority of the CAQ’s research and publications is accessible publically via the CAQ’s website, and we urge one with an interest in public company auditing to access this information free of charge.
Attraction to the U.S. Markets
As you all know, the United States and China have become important trading partners. China’s interest in investing in the U.S. capital markets is evident by the large holdings of U.S. securities, estimated by the Department of the Treasury at $1.6 trillion, as of June 30, 2010;1 similarly the U.S. has become an important source of capital for Chinese companies.
Foreign private issuers and investors continue to be attracted to the U.S. capital markets due to numerous financial considerations such as increased liquidity, potentially lower cost of capital, and a desire to increase their U.S. investor base. The United States has a long history of innovation and growth, fueled by investor capital, and supported by strong regulatory oversight. As such, many investors see an issuer’s willingness to list in the United States as a signal of confidence about its reporting and earnings quality.
Investor confidence is vital to the success of the global capital markets. The CAQ annually surveys individual investors to determine their confidence in the capital markets, U.S. public companies and audited financial statements. Our fourth annual Main Street Investor Survey performed in July 2010 found for the third year in a row 75 percent of respondents said they have confidence investing in U.S. public companies. Similarly, investor confidence in audited financial information released by public companies remained strong at 70 percent, unchanged from the year before.
This is powerful information. The four years that we have surveyed investors have coincided with the economic crisis, yet American investor retained their confidence in public company audits and this validates the important work that auditors do.
Among other significant findings from the 2010 investor survey, confidence in the U.S. capital markets dropped slightly, from 73 percent in 2009 to 68 percent in 2010. Confidence in capital markets outside the United States, which stood at 64 percent in 2008, fell to 47 percent last year. The decline in confidence could be related to the credit crisis Europe was experiencing last summer – although I think that was only one input into investors’ thinking. We’ve already begun planning for our 5th Annual “Main Street Investor Survey,” the results of which will be released in September.
SEC in Global Markets
Besides auditors, what else made for strong investor confidence? A robust regulatory environment plays an important part in building and maintaining investor confidence. As most of you are aware, a majority of the U.S. financial reporting regulatory environment is governed by the Securities and Exchange Commission (SEC), whose statutory mission is to protect investors, maintain fair, orderly and efficient markets and facilitate capital formation.
SEC Whistleblower Program
As one example of how the SEC fulfills its mission, the SEC recently adopted rules to establish a whistleblower program, which rewards individuals who provide the SEC with original information leading to the successful enforcement action.
The program encourages whistleblowers to report possible securities law violations to corporate compliance programs but does not require internal reporting to receive the so-called “bounty.”
Dodd Frank Act (Extraterritorial Provision)
On July 21, 2010, in response to the economic crisis, President Barack Obama signed into law the Dodd- Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank), a sweeping reform legislation that fundamentally changes the U.S. capital market’s regulatory landscape and includes certain provisions that immediately apply to foreign private issuers. Although I will not review in detail every provision effecting foreign participants, I will quickly note that the extraterritorial provision expanded the SEC’s ability to pursue enforcement actions against non-U.S. companies.
This extraterritorial provision grants jurisdiction to U.S. courts over actions brought by the SEC or the U.S. Department of Justice:
(1) for conduct within the United States that constitutes a significant step in furtherance of a violation, even if the transaction occurs outside the United States and involves only foreign investors, or
(2) for conduct occurring outside the United States if it has a foreseeable substantial effect within the United States
While untested, this is a considerable broadening of the United States’ regulatory authority over foreign companies.
Global Accounting Standards
Efforts are underway at the SEC to bring more global consistency to accounting. We support adoption of one set of global standards and as much consistency in financial reporting as possible. The SEC has been examining adoption of international financial reporting standards or IFRS for several years. Just recently, the SEC’s Office of the Chief Accountant issued a Staff Paper seeking feedback on a possible method of incorporating IFRS into the U.S. financial reporting system. A decision by the SEC is expected this year.
The framework proposed in the SEC paper would combine the two approaches taken by other countries in incorporating IFRS into their financial reporting systems: converging national standards and IFRS, and incorporating, or endorsing, IFRS into the existing financial reporting system. The proposed framework will allow an issuer compliant with U.S. GAAP to also represent that it is compliant with IFRS. The framework would retain the Financial Accounting Standards Board (FASB), the U.S. accounting standard setter, but would alter FASB’s role in developing accounting standards. The SEC has requested that stakeholders submit comments on the proposed framework by July 31.
Reverse Merger Transactions
I’d like to spend a moment talking about reverse merger transactions. On June 9, the SEC issued an Investor Bulletin stating that there have been instances of fraud and other abuses involving reverse merger companies and warning investors to be especially careful when considering investing in the stock of reverse merger companies. Investors are told to thoroughly research the company, including reviewing the company’s most recent SEC filings, in an effort to ensure that accurate and up-to-date information is publically available before making a decision to invest.
While reverse merger registrations are legally permissible, concerns stem in part from the fact that these transactions allow a formerly private company to raise public capital in U.S. markets without participating in the underwriting due diligence process associated with a traditional IPO.
Reverse mergers have been available for years, but they have recently grown increasingly popular. Since January of 2007, there have been over 600 reverse merger transactions with over 150 originating from companies within the China region. Over the past few months, an estimated 40 Chinese companies listed on the U.S. markets have either acknowledged accounting problems or seen the SEC or U.S. exchanges halt trading in their stocks because of accounting questions.
The SEC has set up an internal task force to investigate the large growth in reverse merger transactions involving foreign companies from around the globe and have been collaborating with other organizations, including the PCAOB, to uncover situations that could pose a risk to investors.
In auditing these companies I urge auditors to redouble efforts to assess the risk of fraud at the company, and continue to be mindful of the SEC’s auditor independence rules, which prohibit firms from providing certain non-audit services to the companies they audit. And I would encourage investors to remain vigilant in assessing the risks of making an investment, and to consider the commentary included within the SEC’s Investor Bulletin.
Financial reporting in the United States is strengthened by laws and requirements designed to assure that public companies meet their obligations to the investing public. The SEC and state securities regulators prescribe the reporting requirements for public companies and have enforcement authority for violations of securities laws by companies and their employees and advisors. Enforcement is a key indicator of the regulator’s expectations and provides a powerful incentive to improve.
In order to be publicly traded in the U.S. capital markets, a company has to agree to provide information about its business strategies, operations and financial results to the public, and to comply with federal and state laws and requirements designed to protect investors and promote confidence in the U.S. capital markets.
Companies publish annual and quarterly financial results and are expected to announce, on a real time basis, special events or information that are of importance to investors. The annual financial statements contained in the company’s annual report (the 10K filed with the SEC) are required to have an independent external audit for consistency with U.S. GAAP – but other information, including financial information provided in other areas of the financial report or provided by management to investors throughout the year are not required to be audited.
Securities law (specifically the Sarbanes-Oxley Act of 2002) also requires the company’s CEO and CFO to certify in the financial statements that the annual financial results are correct and that the company has effective internal controls over the financial reporting process.
Company management is overseen by the Board of Directors. Boards of Directors of public companies must establish an Audit Committee that is responsible for overseeing the company’s financial reporting and public disclosures, and for recommending that the Board of Directors review the audited financial statements. The Audit Committee also is responsible for hiring the auditor and monitoring its independence. It also must be satisfied that the audit is sufficient.
The Audit Committee must be made up of independent individuals that are not company employees and do not have a controlling interest in the company – at least one Audit Committee member must have financial expertise. In the United States, the Audit Committee is a hub for coordinating many financial reporting communications because it has primary reporting lines from management and the external auditor. There needs to be regular dialogue between the Audit Committee and external auditors about financial accounting issues – including how the company’s reporting practices compare to other companies – so that the auditors can fulfill their obligations to oversee financial reporting that they owe to investors.
The independence of both the Audit Committee and the external auditor means that each will take an objective and skeptical approach to its review of the financial reports of the company.
Many public companies have internal auditors that perform their own assessments and tests on the financial reporting process and monitor for indications of fraud. While there are many different reporting structures, internal auditors typically are overseen by the Audit Committee. Whether or not a formal function, prudent companies often have some type of internal function dedicated to assuring that internal controls and the code of conduct and ethics are being met throughout the company.
Investors may not always read financial statements, but they know that the statements have been audited by an independent external auditor who performed tests and other procedures to form a written public opinion on whether the financial statements as a whole are free of material misstatement. They also look at whether the company has put the right financial reporting controls in place. As you know, the auditor cannot test every figure. As a result, the audit team tests and samples accounting and transactions/records to assess the risk of where a financial error or fraud is most likely to occur, and focuses its efforts in order to provide reasonable assurance to support its opinion.
As noted, for investors to have confidence in traded companies, the regulatory and reporting regimes overseeing financial reporting and fraud detection have to be effective. A jurisdiction that does not have an oversight program cannot expect to have the same level of quality as a jurisdiction that regularly inspects and monitors for compliance with the law.
Accounting firms that audit U.S.-traded public companies and their employees are regulated by the Public Company Accounting Oversight Board. The PCAOB sets auditing standards and independence rules, and inspects auditing firms and reviews their audits on a regular basis. If the PCAOB finds serious violations, it can fine, suspend or bar a firm or individual from public auditing. The PCAOB has brought a number of enforcement actions against auditors for failure to comply with its auditing and independence standards – and for failing to cooperate in an inspection or investigation.
Importance of Cooperation Between Audit Regulators
All of you that audit U.S.-traded companies must be registered with the PCAOB and are providing annual and special reports to the PCAOB as appropriate. I think you are all aware that the PCAOB is charged with inspecting all public accounting firms-even those that are domiciled outside of the United States. The PCAOB has performed over 197 inspections of non-U.S. firms in over 35 jurisdictions, including such countries as Brazil, India, Japan, and the Russian Federation.
Until recently the PCAOB has not been permitted to share inspection information with other audit regulators outside the United States. With the passage of the Dodd-Frank Act, that law has been changed, and as a result the European Union will now permit inspections in its member countries. Earlier this year the PCAOB announced agreements with the UK and Swiss oversight authorities to facilitate inspection coordination.
It is vital that all regulators be permitted to satisfy their respective statutory obligations. The CAQ strongly supports cross border cooperation and information sharing by regulators. We also support consistency and quality of oversight and encourage regulators to strive toward common oversight frameworks. We hope that through cooperation, regulators will build trusted relationships that allow for greater reliance on the work of the home country regulator. This also would help to eliminate unnecessary regulatory burdens associated with having multiple regulators and promote consistency of quality across jurisdictions – an important goal for global markets.
We encourage the PCAOB to work with other EU countries to arrange for inspection agreements. In China, there also are issues of sovereignty to address. It is very encouraging that U.S and Chinese authorities announced as part of the U.S.-China Strategic and Economic Dialogue that took place in Washington last month that: “The United States and China welcome continued dialogue between the bilateral competent authorities on the oversight of accounting firms providing audit services for public companies in the two countries, so as to enhance mutual trust and strive to reach agreement on cross- border oversight cooperation.”
Bilateral cooperation would benefit both countries’ regulatory regimes. It would help to promote audit quality here in China and investor confidence in Chinese companies traded here and in the United States.
Moreover, in our global markets, the standard setting and regulatory actions of one regulator often can have an impact outside of its country. Therefore the CAQ strongly encourages audit standard-setters and regulators around the globe to collaborate in order to avoid creating requirements in one jurisdiction that diverge from those in other major markets.
Evolving Role of Auditors
The regulatory system is changing. In the wake of the global financial crisis, there have been extensive examinations by panels and commissions to identify the root causes of the crisis. While none of the panels or commissions found that auditing was a root cause, auditors, like all participants in the capital markets, have a responsibility to examine their role in light of lessons learned.
The PCAOB has been examining the need for changes to the current auditor reporting model, and the CAQ has suggested a number of areas to the PCAOB where the auditor’s report could be clarified or expanded, including association with portions of management’s discussion and analysis (MD&A). Later this month, the PCAOB will be publishing a concept release on changes to the auditor’s reporting model. Similar discussions are going on in the UK, of which I commend its consultation on Stewardship and Auditing; and the EU, which published a green paper consultation on Audit Policy and a summary of comments received.
Even more broadly though, members of the public company auditing profession in the United States are asking how they can contribute further to market integrity and investor protection and whether their role should evolve beyond the audit of the financial statement. The CAQ believes that this broader question of whether the auditor’s role should be expanded beyond the boundaries of the financial statement audit should be explored fully by a wide range of stakeholders, including investors, regulators, policymakers, preparers, boards and Audit Committee members, academics and the profession.
Accordingly, the CAQ initiated a “Role of the Auditor” roundtable discussion series to include the full range of financial reporting stakeholders. Some of the issues we’ve raised include identifying the information most needed by investors and asking who can best provide that information. We also are exploring the potential for providing some level of assurance around nonfinancial disclosures in annual reports, and association with, or some level of assurance on, disclosures made by management outside of the annual report.
We know that users of financial reports see value in the standardized audit opinion. However, a number of users are suggesting that additional communication from the auditor could be useful in evaluating the financial results and future prospects of a company.
Our hope is that these discussions will expose stakeholders to these potentially paradigm-changing issues, encourage hard thinking around the costs and benefits of various proposals, whether they require modification to current standards and regulatory frameworks, and, hopefully, find consensus. The result could be short and longer-term actions that would have a positive impact on the capital markets and the public’s perception of the value of the audit.
To date we have held discussions in Dallas, TX, New York City and San Francisco, CA – with one planned for Chicago, IL in July. We also are considering holding additional sessions outside the United States. We plan to share a summary of the roundtable discussions once they have been completed. We think the initiative will be able to inform regulator efforts in the United States, and abroad. We do believe however that any modifications to the role of the auditor should take into consideration the appropriate and legally-required roles of management and boards.
Role in Deterring and Detecting Fraud
An important part of the auditor’s work on which the public relies is its role in detecting fraud in financial reporting. Fraud is often hard to find because it is intentionally hidden by the perpetrators. Moreover, CEOs and/or company financial managers are often implicated in financial frauds. Enron and Worldcom, in the United States, Parmalat in Italy, – and more recently Satyam in India and Longtop Financial Technologies here in China are all examples of management-led frauds.
The external auditor is required to conduct a risk assessment on the potential for the financial statements to contain a material misstatement in one or more areas due to error or fraud on the part of the company’s personnel or reporting systems. As part of the risk assessment, auditors specifically consider the risk of fraud. This includes identifying how and where the company's financial statements might be susceptible to misstatement due to fraud and to make appropriate adjustments to the audit plan. Often this requires being alert to potential red flags within the company such as related party transactions – and in particular – instances where management intervenes in the confirmation process for cash or receivables.
External auditors are required to discuss with the Audit Committee their evaluation of the risk of financial reporting fraud, and because of their experience with a variety of companies, external auditors also are often in a position to provide useful perspectives on best practices in financial reporting and controls, including the mitigation of fraud risks.
The CAQ recognizes that financial reporting fraud is a serious concern for investors and other capital market stakeholders. Last fall, we published a report called Deterring and Detecting Financial Reporting Fraud – A Platform for Action. A key finding of the report is that all members of the financial reporting “supply chain” – that is, company management, the Audit Committee and auditors – have an important role to play in deterring and detecting fraud. Each group needs to coordinate and communicate with the other to learn how to better discharge their responsibilities and to eliminate any gaps in controls and monitoring.
The CAQ report focuses on the important role that tone at the top, skepticism and communications play in mitigating the risk of fraud. We have an ongoing commitment to assisting all those involved in financial reporting in reducing the risk of fraud. Accordingly, in partnerships with other organizations, the CAQ is working on a number of projects aimed at improving our collective ability to deter and detect financial reporting fraud.
As an example, we are developing a series of fraud scenarios – hypothetical instances of fraud that can be used as teaching tools. They will be customized for five industries or sectors – financial services, manufacturing, retail, telecommunications, and technology – and will depict different types of frauds. We hope to complete it later this year and to conduct webcasts and possibly training sessions or seminars based on the content. Another project is to develop tools to improve the application of skepticism – an objective mindset – such as training on how to ask tough, penetrating questions without creating an unproductive and hostile atmosphere.
In closing, I sincerely appreciate the opportunity to come to your welcoming and beautiful country and meet with you to share our experiences. The global economic recovery seems to be on a slow path, but the CAQ is determined to do what we can to bolster investor confidence through activities aimed at promoting audit quality. Thank you so much for your generous hospitality and attention.