“When you are a hammer, the world is a nail” – SEC and PCAOB Senior Staff Signal Increased SEC and PCAOB Gatekeeper Enforcement
Key Points
- SEC Enforcement and PCAOB Enforcement both are pursuing more significant sanctions against auditors, particularly with respect to civil money penalties.
- Expect 2023 enforcement against auditors to focus on quality control, culture, ethics and integrity.
- SEC and PCAOB coordination on enforcement matters will continue, and there are hints that the coordination will result in more joint enforcement actions, which is a significant departure from the historical approach by the SEC and PCAOB.
On May 4 and 5, the American Law Institute hosted its annual Accountants’ Liability conference in Washington, D.C. Leadership from the enforcement staff of the Securities and Exchange Commission (SEC) and the Public Company Accounting Oversight Board (PCAOB or the “Board”), as well as key stakeholders and practitioners, gathered from around the country to discuss emerging issues and current trends in the field of accountants’ liability. (One of the authors of this alert, Claudius Modesti, is a former Director of Enforcement at the PCAOB and moderated a panel at the conference.)
SEC
Natasha Guinan, Chief Counsel of the SEC’s Office of the Chief Accountant, provided the keynote address and emphasized the accountant’s critical role and responsibility as trusted gatekeeper and watchdog that, first and foremost, serves the public, creditors and investors. After recounting the legal developments in the nearly 40 years following the Supreme Court’s ruling in United States v. Arthur Young & Co. and the 20 years since the passage of the Sarbanes-Oxley Act, Guinan provided comment on two current areas of emphasis: firm culture and independence. According to Guinan, a culture of compliance and ethics must remain a top priority for firms and be reflected in the tone of senior firm leadership. Otherwise, Guinan explained, firms can be ensnared by cheating and integrity issues reflected in multiple settled actions brought by SEC and PCAOB in 2022. Guinan stressed the importance of an approach to independence that avoids “checklist compliance” and prioritizes analysis of the “general standard” of independence from the perspective of a reasonable investor. Guinan elaborated that her outlook, as well as the outlook of PCAOB Chair Erica Williams, can be captured by the expression “when you’re a hammer, the world is a nail.” Guinan added that she looks forward to more joint SEC and PCAOB actions.
Guinan later moderated a panel titled “Holding Auditors Accountable” that featured Melissa Hodgman, Associate Director, Laura Josephs, Assistant Director and Carolyn Welshans, Associate Director, of the SEC’s Division of Enforcement. The panelists discussed the SEC’s focus on gatekeepers (both domestic and international), audit firm liability based on quality control deficiencies and shortcomings in national office procedures, as well as the SEC’s ongoing coordination with the PCAOB. In terms of specific trends, the panel discussed an uptick in settlement undertakings as a way to reduce recidivism and repeat firm violations, the significance of a firm’s quality control and firm integrity and a focus on using data and metrics to identify misconduct. The panel covered the importance of bars and suspensions and promoted the broad applicability of SEC Rule 102(e) beyond CPAs and CFOs. Notably, Hodgman encouraged audit firms to raise issues with SEC enforcement staff, pointing out that about 50% of her investigative portfolio does not result in enforcement actions. The panel reiterated both the availability of cooperation credit for respondents that provide information quickly and the possibility that non-cooperation will be referenced in SEC orders.
Looking ahead, the audit profession can expect substantial enforcement of auditing and accounting issues to continue in 2023, with particular focus on addressing and deterring violations involving quality control, independence, firm culture, ethics and integrity.
PCAOB
The conference also included two panels featuring PCAOB leadership staff—one on the PCAOB Division of Registration and Inspections (DRI) and the other on recent objectives and trends on the part of the PCAOB Division of Enforcement and Investigations (DEI).
First, George Botic, Director of DRI, and Timothy Sikes, Deputy Director in DRI, highlighted the increase in inspection comment forms in 2022. Like Guinan, they referred to the role of auditors as gatekeepers as key to bolstering investor confidence. Botic explained that audit quality is moving in the wrong direction. Botic compared audit quality to “oxygen,” opining that both are noticeable when lacking. According to Botic and Sikes, PCAOB inspections have and will continue to focus on complex areas, such as cryptocurrency, the financial services industry, SPACs and de-SPAC transactions, as well as scrutinize the robustness of an audit’s risk assessment. Finally, the PCAOB will continue to inspect China-based audit firms.
John Abell, Deputy Director, Melissa Handrigan, Associate Director and Bill Ryan, Deputy Director of DEI, spoke about recent objectives and trends and provided tips for interacting with DEI staff. First, on the personnel front, the DEI panel noted that the Board recently appointed a new Director of DEI, Robert Rice. The panel emphasized that, in 2022 and moving forward, they have been and will continue to “use all tools in the toolbox” for “rigorous enforcement,” including by seeking significant sanctions, particularly higher civil money penalties. DEI will seek revocations and bars of a firm’s registration, as well as remedial sanctions such as independent monitors and limitations on activities. DEI plans to conduct more sweeps and focus on “increased transparency,” which may include naming issuers in orders and utilizing admissions for intentional or egregious misconduct. The enforcement panel also referenced the significance of PCAOB inspections as a source of its investigations. DEI is and will be collaborating with DRI, Office of the Chief Accountant and other regulators (the SEC and FINRA) in bringing concurrent investigations. DEI will also continue to prioritize parties who fail to cooperate with inspections (e.g., by improperly altering documents or misleading inspectors) and firms that utilize unregistered firms in a substantial role.
Overall, DEI plans to “build on the successes of 2022,” in which the number of orders doubled compared to 2021 and the Board imposed the highest total amount of penalties in PCAOB history ($11 million). In 2022, the Board imposed sanctions in 42 public orders involving 30 firms and 26 individuals—one-half of which related to non-U.S. firms or associated persons. The Board also sanctioned firms for the first time for failure to supervise under Section 105(c)(6) of the Sarbanes-Oxley Act and sanctioned a number of firms for quality control failures. The panel emphasized that DEI is not only focused on audit failures and the conduct of individuals on the engagement team, but also will investigate quality control issues when warranted.
Finally, the DEI panel provided the following tips:
- Self-report.
- Seek early resolution if desired.
- Engage in extraordinary cooperation (self-reporting, remedial or corrective actions, substantial assistance).
- Produce documents and workpapers in a timely manner.
- Seek streamlining of investigations where appropriate (which may include presentations on relevant issues).
Key Takeaways
The SEC’s and PCAOB’s increased scrutiny of auditors requires a pivot by audit firms, which will result in more significant demands on their personnel and systems of quality control. In this more assertive enforcement environment, audit firms should consider the following measures:
- Firms should continue to assess how to best emphasize audit quality and ethical cultures.
- The more significant issues in a firm’s quality control system should be remedied promptly, and firms need to be able to substantiate implementation of the remediation.
- Audit clients, particularly audit committees, need to appreciate how current regulatory pressures on gatekeepers will drive more defensive auditing.