Sarbanes-Oxley’s establishment of the the Public Company Accounting Oversight Board or PCAOB, which ended more than 100 years of self-regulation at the federal level by the public company audit profession, is perhaps the most fundamental change made by SOX.
Today, it is the PCAOB, not the profession, which regulates audit firms, establishes auditing and ethics standards, conducts audit quality inspections for the purpose of identifying issues related to audit quality, investigates allegations and disciplines auditors of public companies and broker-dealers.
As of December 31, 2011, over 2,000 audit firms from more than 80 countries were registered with the PCAOB. In 2011, it conducted inspections of 213 registered audit firms, and initiated an interim inspection program for broker-dealers.
The PCAOB’s standard-setting initiatives and inspections have contributed significantly to improvements in audit quality and auditor independence —affording investors significant benefits.
The PCAOB has the authority to set standards governing how auditors conduct audits of public companies and broker-dealers; auditor ethics and independence; and an audit firm’s system of quality control.
From time to time, the PCAOB identifies potential areas to be addressed via standard setting, including review and analysis of information obtained from inspections as well as input received from its Standing Advisory Group, which includes representatives from investor groups, the audit profession and public company board members.
The PCAOB’s inspection process is a significant element of its efforts to drive audit quality. We view the annual inspections as opportunities to further improve audit quality.
The PCAOB inspects registered audit firms at intervals based on the number of public companies that the firm audits. Firms that perform annual audits of more than 100 issuers are inspected annually, while other firms are inspected at least every third year. The PCAOB uses a variety of factors to select the audits that it looks at for each audit firm it inspects, including its assessment of the risk that a public company’s financial statements may contain a material misstatement.
The PCAOB’s enforcement staff actively investigates and sanctions individual auditors and audit firms for violations of laws, regulations and professional standards. The PCAOB’s disciplinary powers include the authority to impose fines on individual auditors or the audit firm, revoke an audit firm’s registration with the PCAOB (which would prevent it from performing audits of public companies and/or broker-dealers) and bar an individual auditor from association with registered audit firms.
It also can punish firms and auditors that do not cooperate with PCAOB investigations and inspections and may refer matters to the SEC and other relevant authorities.
The PCAOB publishes its settled and adjudicated disciplinary orders on its website to alert the public about the actions it has taken and against whom they have been taken.
Effect on audit committees
In a move that significantly strengthened corporate governance, Sarbanes-Oxley greatly expanded the responsibilities of audit committees.SOX required the boards of companies listed on US stock exchanges to establish audit committees made up solely of board members independent from management.
Because of SOX, audit committees, not management, are directly responsible for the appointment, compensation and oversight of the work of external auditors, who are charged with evaluating whether the financial statements prepared by management are fairly presented in accordance with the relevant financial reporting framework.
Evolving audit committee independence - S&P 1500 companies*
While the exchanges and the SEC began to make improvements at the end of the 1990s, SOX transformed the composition of audit committees. The new SOX audit committee independence rules became effective at companies' first annual shareholders meetings after January 15, 2004.
* Source: 2005 through present, Ernst & Young's corporate governance database; prior year data Investor Responsibility Research Center, Board Practices/Board Pay.
With respect to the composition of the audit committee, SOX enhanced and codified changes the SEC and US stock exchanges had begun making in the late 1990s. In 1998, only about half of all public companies had fully independent audit committees.
Many audit committees were reconstituted to meet the new independence requirements outlined by the SEC and US stock exchanges in late 1999.
SOX went further and enhanced independence requirements to require for the first time that all listed company audit committee members be independent, meaning they could not be affiliated with the company or any subsidiaries, and did not directly or indirectly receive any compensation from the company other than in their capacity as members of the board.
« Previous | Next »