April 12, 2005
The views I express are my own personal views.
I am confident one change to Auditing Standard #2 will hasten the recovery from the existing quandary. Prior to recommending this change, I want to recognize:
Senator Sarbanes and Representative Oxley for leading the effort to adopt very important and much needed legislation;
The 99 +/- of members in the 107th United States Congress for having the foresight and common sense to focus Section 404 on FINANCIAL REPORTING; specifically, the language contain an assessment of the effectiveness of the internal control structure and procedures of the issuer for FINANCIAL REPORTING.
The SEC and its staff for successfully interpreting and understanding the law and congressional intent;
The PCAOB and its staff for the hard work and effort responding to a very important mandate; and
It appears that thousands of auditors may have unfairly taken advantage of an auditing standard that needs additional focus, may not adhere to congressional intent, and may not absolutely agree with the SECs definition of internal control over financial reporting.
The most important change to Auditing Standard #2 should be to abandon the current paragraph fifteen 15 and replace it with the precise, verbatim definition of internal control over FINANCIAL REPORTING which was adopted by the SEC. Even though a literal interpretation of the existing paragraph appears to be consistent with the SEC definition, thousands of auditors may have leveraged Auditing Standard #2 to branch out into areas that do not have a direct and material impact on financial reporting. It is not worth trying to rationalize or modify the existing paragraph, it needs to abandoned and replaced with the SEC definition.
The new paragraph fifteen 15 should read as follows:
THE PCAOB ADOPTS THE SECS DEFINITION OF INTERNAL CONTROL OVER FINANCIAL REPORTING. IN SITUATIONS WHERE CONFLICTS ARISE, THE FOLLOWING DEFINITION OF INTERNAL CONTROL OVER FINANCIAL REPORTING WILL TAKE PRECEDENCE.
The SEC final rules define internal control over financial reporting as:
A process designed by, or under the supervision of, the registrants principal executive and principal financial officers, or persons performing similar functions, and effected by the registrants board of directors, management and other personnel, to provide reasonable assurance regarding the reliability of financial reporting and the preparation of financial statements for external purposes in accordance with generally accepted accounting principles and includes those policies and procedures that:
1 Pertain to the maintenance of records that in reasonable detail accurately and fairly reflect the transactions and dispositions of the assets of the registrant;
2 Provide reasonable assurance that transactions are recorded as necessary to permit preparation of financial statements in accordance with generally accepted accounting principles, and that receipts and expenditures of the registrant are being made only in accordance with authorizations of management and directors of the registrant; and
3 Provide reasonable assurance regarding prevention or timely detection of unauthorized acquisition, use or disposition of the registrants assets that could have a material effect on the financial statements.
We recognize that our definition of the term internal control over financial reporting reflected in the final rules encompasses the subset of internal controls addressed in the COSO Report that pertains to financial reporting objectives.
Our definition does not encompass the elements of the COSO Report definition that relate to effectiveness and efficiency of a companys operations and a companys compliance with applicable laws and regulations, with the exception of compliance with the applicable laws and regulations directly related to the preparation of financial statements, such as the Commissions financial reporting requirements.