Public Policy and Technical Alert | March 2022

As part of the Center for Audit Quality’s (CAQ) ongoing effort to keep members and stakeholders informed on significant public policy and accounting matters, we are pleased to offer the Public Policy and Technical Alert (PPTA). Each month, the PPTA highlights and examines the regulatory, standard-setting, legislative, and broader financial reporting developments impacting the public company audit profession. Please note that the PPTA is intended as general information and should not be relied upon as being definitive or all-inclusive. The CAQ encourages member firms to refer to the rules, standards, guidance, and other resources in their entirety at the hyperlinks provided below. All entities should carefully evaluate which requirements apply to their respective organizations.

SEC proposes rules on cybersecurity risk management, strategy, governance, and incident disclosure by public companies

The SEC proposed amendments to its rules to enhance and standardize disclosures regarding cybersecurity risk management, strategy, governance, and incident reporting by public companies. The proposed amendments would require, among other things, current reporting about material cybersecurity incidents and periodic reporting to provide updates about previously reported cybersecurity incidents. The proposal also would require periodic reporting about a registrant’s policies and procedures to identify and manage cybersecurity risks; the registrant’s board of directors’ oversight of cybersecurity risk; and management’s role and expertise in assessing and managing cybersecurity risk and implementing cybersecurity policies and procedures. The proposing release will be published on SEC.gov and in the Federal Register. The comment period will remain open for 60 days following publication of the proposing release on the SEC’s website or 30 days following publication of the proposing release in the Federal Register, whichever period is longer.

Statement from the Acting Chief Accountant: Assessing materiality: Focusing on the reasonable investor when evaluating errors

SEC Acting Chief Accountant Paul Munter issued a statement on assessing materiality, including the importance of considering the “reasonable investor.” Munter urged “those who assess the materiality of errors, including registrants, auditors, audit committees, and others,” to “do so through the lens of the reasonable investor.” He asserted that “registrants, auditors, and audit committees need to thoroughly and objectively evaluate the total mix of information,” taking into consideration “all relevant facts and circumstances surrounding the error, including both quantitative and qualitative factors, to determine whether an error is material to investors.”

SEC proposes rules to enhance and standardize climate-related disclosures for investors

The SEC proposed rule changes that would require registrants to include certain climate-related disclosures in their registration statements and periodic reports, including information about climate-related risks that are reasonably likely to have a material impact on their business, results of operations or financial condition, and certain climate-related financial statement metrics in a note to their audited financial statements. The required information about climate-related risks also would include disclosure of a registrant’s greenhouse gas emissions, which have become a commonly used metric to assess a registrant’s exposure to such risks. The proposed rules would include a phase-in period for all registrants, with the compliance date dependent on the registrant’s filer status. The proposing release will be published on SEC.gov and in the Federal Register. The comment period will remain open for 30 days after publication in the Federal Register, or 60 days after the date of issuance and publication on sec.gov, whichever period is longer.

SEC Division of Corporation Finance updates CD&Is

The SEC’s Division of Corporation Finance updated the following Compliance and Disclosure Interpretations (CD&Is):

• Exchange Act Form 8-K
  • Question 102.04
  • Question 102.05
• Proxy Rules and Schedules 14A/14C
  • Question 101.02
  • Question 132.01
  • Question 132.02
• Tender Offers and Schedules
  • Question 166.01

SEC proposes rules to enhance disclosure and investor protection relating to special purpose acquisition companies, shell companies, and projections

The SEC proposed new rules and amendments to enhance disclosure and investor protection in initial public offerings by special purpose acquisition companies (SPACs) and in business combination transactions involving shell companies, such as SPACs, and private operating companies. The proposed new rules and amendments would require, among other things, additional disclosures about SPAC sponsors, conflicts of interest, and sources of dilution. They also would require additional disclosures regarding business combination transactions between SPACs and private operating companies, including disclosures relating to the fairness of these transactions. If adopted, the proposed rules would more closely align the required financial statements of private operating companies in transactions involving shell companies with those required in registration statements for an initial public offering. The public comment period will remain open for 60 days following publication of the proposing release on the SEC’s website or 30 days following publication of the proposing release in the Federal Register, whichever period is longer.

SEC publishes Staff Accounting Bulletin No. 121 related to crypto-assets

The SEC published Staff Accounting Bulletin No. 121. The bulletin expresses the views of staff in the Division of Corporation Finance and the Office of the Chief Accountant regarding the accounting for obligations to safeguard crypto-assets an entity holds for platform users.

PCAOB releases Spotlight on the use of a service provider in the confirmation process

The PCAOB released a new Spotlight publication, “Observations and Reminders on the Use of a Service Provider in the Confirmation Process.” Many audit firms rely on a service provider to send and receive electronic audit confirmations to and from “confirming parties,” such as financial institutions, investment and brokerage firms, and law firms. The PCAOB observed diverse practices related to the procedures auditors perform to support such reliance. In some cases, audit firms were not giving any consideration to support whether, as required by PCAOB standards, the auditor maintains control over the confirmation requests and responses in audits where a service provider is used to send and receive confirmations. The spotlight shares observations and suggested procedures for auditors, who may find this information valuable as they plan and perform audits.

PCAOB shares perspective from 2021 Conversations With Audit Committee Chairs

The PCAOB released a new Spotlight publication, 2021 Conversations With Audit Committee Chairs. Each year, the PCAOB reaches out to audit committee chairs at U.S. public companies whose audits it inspects, inviting them to connect with staff from its Division of Registration and Inspections for substantive conversations covering a range of topics related to oversight of external auditors. In 2021, the PCAOB conducted more than 240 conversations with audit committee chairs. The Spotlight presents high-level observations and takeaways from those conversations.

PCAOB adopts charters for its two new advisory groups

The PCAOB approved new charters governing the membership and activities of the Investor Advisory Group (IAG) and the Standards and Emerging Issues Advisory Group (SEIAG). The IAG will advise the PCAOB on matters concerning the PCAOB’s mission to oversee the audit of companies that are subject to the securities laws, and related matters, in order to protect the interests of investors and further the public interest in the preparation of informative, accurate, and independent audit reports, including investors’ perspectives on key areas of concern and potential emerging issues related to the PCAOB’s oversight activities. The SEIAG will advise on existing standards, proposed standards, potential new standards, and on matters other than standards, such as emerging issues, that are of significance to the PCAOB in order to protect the interests of investors and further the public interest in the preparation of informative, accurate, and independent audit reports.

PCAOB highlights key considerations for auditors related to the Russian invasion of Ukraine

The PCAOB released a staff Spotlight document, “Auditing Considerations Related to the Invasion of Ukraine.” The Spotlight highlights important considerations for auditors of issuers and broker-dealers as they plan and conduct audits in this evolving environment. The document covers a range of audit-related matters, including identifying and assessing risks, planning and performing audit procedures, possible illegal acts, reviews of interim financial information, and acceptance and continuance of clients and engagements. For audits nearing completion, the Spotlight focuses on subsequent events, other information, and auditor reporting.

SEC accepts 2022 GAAP Financial Reporting Taxonomy and SEC Reporting Taxonomy

The FASB announced that the SEC has accepted the 2022 GAAP Financial Reporting Taxonomy and the 2022 SEC Reporting Taxonomy (collectively referred to as the “GAAP Taxonomy”). The 2022 GAAP Taxonomy contains updates for amendments to accounting standards and other recommended improvements to the following topics and disclosure areas: credit losses, balance sheet offsetting, pledging and recourse, and deprecations from superseded guidance.

FASB improves and expands hedge accounting

The FASB issued an Accounting Standards Update (ASU) intended to better align hedge accounting with an organization’s risk management strategies. The ASU pertains to a hedging standard introduced in 2017 to better align the economic results of risk management activities with hedge accounting. Since issuing that standard, stakeholders have told the FASB that the ability to elect hedge accounting for a single layer is useful, but hedge accounting could better reflect risk management activities if expanded to allow multiple layers of a single closed portfolio to be hedged under the method. The ASU expands the current single-layer method to allow multiple hedged layers of a single closed portfolio under the method.

FASB expands disclosures and improves accounting related to the credit losses standard

The FASB issued an ASU intended to improve the decision usefulness of information provided to investors about certain loan refinancings, restructurings, and writeoffs. Specifically, the amendments in the ASU eliminate the accounting guidance for troubled debt restructurings by creditors that have adopted CECL while enhancing disclosure requirements for certain loan refinancings and restructurings by creditors made to borrowers experiencing financial difficulty. They also require that a public business entity disclose current-period gross writeoffs by year of origination for financing receivables and net investment in leases.

IESBA Technology Experts Group members appointed

The Technology Working Group of the International Ethics Standards Board for Accountants (IESBA) announced the members of the recently-established IESBA Technology Experts Group (TEG). TEG members will strive to be a “sounding board” to the IESBA’s Technology Working Group, providing advice and other input to help inform the Working Group’s fact-finding work and deliverables. The TEG will be chaired by IESBA member and Chair of the Technology Working Group Brian Friedrich.

IAASB Digital Technology Market Scan: Artificial intelligence A Primer

The Disruptive Technology team of the International Auditing and Assurance Standards Board (IAASB) published a Market Scan pertaining to artificial intelligence (AI). AI is used in a broad range of technologies across the audit and assurance value chain. The Market Scan seeks to provide a high-level primer on AI, classifying it as one of the most significant and potentially disruptive technologies in audit and assurance.

IOSCO explains how decentralized finance is cloning financial markets

The International Organization of Securities Commissions (IOSCO) published a detailed report setting out how decentralized finance (DeFi) is quickly evolving to mirror conventional financial markets. The report provides a detailed review of the fast-evolving DeFi market, its new products, services, and principal participants. It identifies some products and services that are novel to DeFi, but that replicate more traditional financial services and activities, only with weaker regulation and increased risks for investors.

IFRS Foundation publishes IFRS Accounting Taxonomy 2022

The International Financial Reporting Standards (IFRS) Foundation published the IFRS Accounting Taxonomy 2022. The IFRS Accounting Taxonomy 2022 is based on IFRS Accounting Standards as of January 1, 2022, including those issued but not yet effective. It includes changes to the IFRS Taxonomy 2021 resulting from:

• Disclosure of Accounting Policies, which amended IAS 1 Presentation of Financial Statements and IFRS Practice Statement 2 Making Materiality Judgements, issued by the IASB in February 2021 (IFRS Accounting Taxonomy 2021—Update 1);
• Definition of Accounting Estimates, which amended IAS 8 Accounting Policies, Changes in Accounting Estimates and Errors, issued by the IASB in February 2021 (IFRS Accounting Taxonomy 2021—Update 1); and
• Initial Application of IFRS 17 and IFRS 9 Comparative Information, which amended IFRS 17 Insurance Contracts, issued by the IASB in December 2021 (IFRS Accounting Taxonomy 2021—Update 3).

IFIAR releases 2021 report on annual survey of audit inspection findings

The International Forum of Independent Audit Regulators (IFIAR) released its tenth annual survey of inspection findings arising from its member regulators’ individual inspections of audit firms affiliated with the six largest global audit firm networks.

ISSB delivers proposals that create comprehensive global baseline of sustainability disclosures

The International Sustainability Standards Board (ISSB) launched a consultation on its first two proposed standards. The first standard, IFRS S1 General Requirements for Disclosure of Sustainability-related Financial Information, sets out the overall requirements for disclosing sustainability-related financial information about all its significant sustainability-related risks and opportunities, to provide the market with a complete set of sustainability-related financial disclosures. The second, IFRS S2 Climate-related Disclosures, sets out the specific requirements for the identification, measurement, and disclosure of climate-related financial information. The ISSB is seeking feedback on the proposals over a 120-day consultation period closing on July 29, 2022. It will review feedback on the proposals in the second half of 2022 and aims to issue the new Standards by the end of the year, subject to the feedback.

ISSB communicates plans to build on SASB’s industry-based Standards and leverage SASB’s industry-based approach to standards development

After releasing two exposure drafts, ISSB Chair Emmanuel Faber and Vice-Chair Sue Lloyd communicated plans for building upon the Sustainability Accounting Standards Board (SASB) Standards and for embedding SASB’s industry-based standards development approach into the ISSB’s standards development process. SASB’s industry-based standards development approach identifies the sustainability disclosure topics most relevant to enterprise value for the typical company in an industry, enabling companies to provide decision-useful information about a range of sustainability-related risks and opportunities to investors and other capital market participants. The ISSB will build on and support SASB Standards in the following ways:

• Taking an industry-based approach to standards development;
• Including SASB Standards in the exposure drafts;
• Committing to improving international applicability of SASB Standards;
• Serving as the starting point for ISSB industry-based requirements;
• Supporting current SASB projects; and
• Encouraging preparers and investors to use SASB Standards.

AICPA & CIMA announce suspension of services in Russia and Belarus

The AICPA, along with the CIMA, announced it will indefinitely suspend services in Russia and Belarus. In the announcement, the AICPA and CIMA said the suspension includes “the provision of in-market membership activities for AICPA and CIMA members and the following CIMA examinations: Professional Qualification; Certificate in Performance Management in Russian; Advanced Diploma in Performance Management in Russian; and Certificate in Business Accounting.” They expressed desire for peace and said their “thoughts are with members, students, and staff devastated by the Russian military invasion.”

Putting CPAs in TPAs

The AICPA posted a blog emphasizing the importance of cybersecurity in all organizations. To obtain insights related to organizations’ security efforts, industry groups, regulators, governmental entities, standard-setting bodies, or other organizations (collectively referred to as sponsoring organizations) often develop third-party assessment programs (TPAs). TPAs generally establish requirements or instructions for organization management to evaluate and provide certain information to the sponsoring organization. Qualified CPAs can act as third-party assessors and help clients obtain certifications from sponsoring organizations.

The value of an effective vendor risk management program

The AICPA posted a blog emphasizing the importance of an effective vendor risk management program. In it, the AICPA points out that the pandemic has highlighted the importance of identifying and managing supply chain risks, and that implementing an effective vendor risk management (VRM) process and related controls is the key to managing those risks. CPA firms can develop an effective VRM process for clients.

Demonstrating the value of public company auditors

The CAQ published a report on the audit outlook for 2022. The report included a letter from CEO Julie Bell Lindsay looking back on the state of audit in 2021 and identifying areas of priority for the CAQ in 2022. The report also included sections on audit quality, Environmental, Social, and Governance reporting, fraud risk, and Diversity, equity and inclusion.

CAQ alert 2022-01: Addendum to November 6, 2021 International Practices Task Force Document for Discussion: Monitoring Inflation in Certain Countries

The CAQ issued an addendum to the November 6, 2021, International Practices Task Force Document for Discussion: Monitoring Inflation in Certain Countries. The addendum provides an update regarding recent increases in Turkey’s inflation rates.

​​​​The Center for Audit Quality is an autonomous, nonpartisan, nonprofit organization dedicated to enhancing investor confidence and public trust in the global capital markets by fostering high-quality public company audits; collaborating with other stakeholders to advance the discussion of critical issues; and advocating policies and standards that promote public company auditors’ objectivity, effectiveness and responsiveness to dynamic market conditions. Based in Washington, D.C., the CAQ is affiliated with the American Institute of CPAs. 

The CAQ Public Policy and Technical Alert (PPTA) is intended as general information and should not be relied upon as being definitive or all-inclusive. As with all other CAQ resources, this is not authoritative and readers are urged to refer to relevant rules and standards. If legal advice or other expert assistance is required, the services of a competent professional should be sought. The CAQ makes no representations, warranties, or guarantees about, and assumes no responsibility for, the content or application of the material contained herein and expressly disclaims all liability for any damages arising out of the use of, reference to, or reliance on such material. This publication does not represent an official position of the CAQ, its board, or its members.

Questions and comments about the Public Policy & Technical Alert can be addressed to Matt Sickmiller, Senior Manager, Professional Practice (msickmiller@thecaq.org).