Since 2019, the Public Company Accounting Oversight Board’s annual inspections program has included a “target team.” The target team examines how auditors handled specific issues on a cross-firm basis. The team “executes in-depth reviews across audit firms using information-gathering inspection procedures that extend beyond traditional inspection procedures.” The target team inspectors focus on emerging audit risks and topics that the PCAOB staff believes could have important implications for audits.
In Spotlight: Observations From the Target Team’s 2021 Inspections, the staff summarizes the target team’s work in 2021, including deficiencies observed and good practices identified. The 2021 target team reviewed 40 public company audits in nine industry sectors. The team looked at four core areas – fraud risk, interim reviews of special purpose acquisition companies (SPACs), going concern, and cash and cash equivalents.
The potential for fraudulent financial reporting (e.g., as a result of aggressive assumptions and estimates, improper revenue recognition, and misleading disclosures) is elevated in the current economic environment. Under the PCAOB’s standards, the auditor has a responsibility to consider the possibility of fraud and how it might be committed and to obtain reasonable assurance about whether the financial statements are free of material misstatement, whether caused by error or fraud. (Regarding the auditor’s responsibility for fraud, see SEC Chief Accountant Issues a Reminder on Fraud in this Update.)
The target team observed various types of deficiencies in auditors’ responses to fraud risk, including:
Failure to perform sufficient procedures to understand the company’s whistleblower program.
Failure to properly consider company-specific factors when identifying and selecting journal entries for testing and performing other fraud procedures.
Failure to sufficiently document the assessment and evaluation factors used to select journal entries for testing, the performance of procedures to test such entries, and the understanding of individuals empowered to initiate general ledger entries.
The target team also identified certain procedures that may have enhanced audit quality with respect to fraud risk. These included querying a database of registered businesses to determine whether any were associated with company employees; asking open-ended questions to solicit employees’ views on the company’s financial reporting process; and involving the audit firm’s forensic staff in the engagement team’s fraud risk-assessment procedures in high-risk industries.
Interim Review of SPACs and De-SPAC Transactions
In light of the increased level of initial public offerings and merger and acquisition transactions involving SPACs, the target team focused on auditor interim reviews of financial statement accounts for SPACs and de-SPAC transactions. The objective of an interim review is to provide the auditor with a basis for communicating whether he or she is aware of any material modifications that should be made to the interim financial information. The target team observed three types of deficiencies:
Failure to identify that the company’s equity statement did not agree with its accounting records.
Failure to consider whether presentation and disclosures of the interim financial statements conformed to GAAP.
Failure to recognize that public warrants were incorrectly included in the Level 3 fair value roll-forward.
The target team also observed three types of good practices with respect to SPAC interim reviews:
Use of auditor-employed specialists to review the work of the company specialists in determining valuations, such as of warrant liability and intangible assets.
Required consultation when evaluating quantitative factors for establishing materiality for start-up entities.
National office participation in discussion of whether engagement teams should involve financial instrument specialists in de-SPAC transaction reviews.
Under the PCAOB’s standards, the auditor has a responsibility to evaluate whether there is substantial doubt about the entity’s ability to continue as a going concern for a reasonable period of time, not to exceed one year beyond the financial statements date. If the auditor concludes there is substantial doubt, he or she should consider the adequacy of disclosure about the entity’s possible inability to continue as a going concern and include an explanatory paragraph in the audit report.
The target team observed multiple audits where engagement teams either did not perform procedures at all or the procedures performed were insufficient to evaluate aspects of going concern risk. For example, in some cases engagement teams did not perform sufficient procedures to evaluate the reasonableness of forecasted cash outflows, perform procedures to assess the reasonableness of forecasted available borrowings, or evaluate the relevance and reliability of information from external sources used in earnings projections.
Good practices in going concern assessments included requiring consultation in connection with managements’ going concern evaluation and related assumptions, assigning experienced staff members to the going concern assessment, and collaboration among members of audit firm industry groups.
Cash and Cash Equivalents
In light of recent high profile frauds involving cash, the target team focused on arrangements for holding cash and cash equivalents that could result in elevated audit risk. The team observed deficiencies relating to the use of third-party cash confirmations, including failure to perform sufficient procedures to support the validity of confirmations received. The team also detected situations in which work papers did not adequately document confirmation procedures. Audit quality-enhancing practices in this area included updated firm guidance on bank account confirmations and use of service providers to facilitate direct electronic transmission of confirmations.
Comments: The target team report may be useful to the audit committee in performing the committee’s own analysis of financial reporting risk and in understanding auditor risk assessment and resource allocation decisions. The report’s descriptions of deficiencies and good practices observed by the target team may also provide the audit committee with insights that can facilitate discussion of audit planning with the engagement team. Finally, the target team report may be helpful to the audit committee in understanding what aspects of the company’s future audits are likely to attract PCAOB inspection staff attention.