Skip to main content

The IAASB's Work to Enhance Audit Quality

IAASB Chairman Prof. Arnold Schilder Presentation to the US PCAOB Standing Advisory Group on Matters of Mutual Interest to the IAASB and PCAOB and Ongoing Coordination between the Two

Prof. Arnold Schilder | IAASB Chairman
May 18, 2016 | PCAOB Standing Advisory Group Meeting | Washington, D.C. | English

Thank you very much for that introduction. Just by way of introduction for those of you who are not so familiar with the IAASB, we are an independent auditing standard-setting board, with 18 members. Nine of those members are non-practitioners, including myself, and the other nine are practitioners, so it's really a mixed composition. It's also very mixed because the members come from all over the world. All continents are represented. I'm the only full-time member, the others are part-time, spending over 700 or 800 hours on the Board’s activities.

As Marty Baumann [PCAOB Chief Auditor and Director of Professional Standards] mentioned, we also have an advisory group – the Consultative Advisory Group (CAG) [The PCAOB is an observer to the IAASB CAG. The IAASB is an observer to the PCAOB SAG]. The current chair is Matt Waldron of the CFA Institute, and it’s much appreciated that we have an investor chairing the CAG. Marty’s contribution as a PCAOB observer is much appreciated as well.

We are also overseen by what is called a Public Interest Oversight Board. Our standards –the International Standards on Auditing (ISAs) – were thoroughly revised during 2003–2008, just before my term as Chairman started. We refer to them as the clarified ISAs, and they have been adopted currently in 111 jurisdictions around the world, and are used in the US for audits of private entities – with the US Auditing Standards Board (ASB) also following the clarity approach.

As an introduction, I thought it would be appropriate to state that we see our objectives also much as to serve the public interest like you do, by developing high-quality standards, and also facilitating convergence. Any why is that? Well, global auditing standards should result in quality and consistency of practice throughout the world, and strengthening the public confidence in the auditing assurance profession. And that's therefore underpinning audit quality and the confidence that investors and other users may have in this audit and the related financial reporting.

That confidence, of course, is very important, but it can only arrive if users believe that the auditor has worked to suitable standards, and as a result, a quality audit has been performed. But here it becomes interesting; of course, users cannot often directly evaluate audit quality. So they are depending on other forms of information to a large extent – that's why the auditor's opinion and the enhanced auditor's report are very important. So are external oversight bodies and their inspection findings, not only globally but also nationally and at the individual firm level, and many other important elements of the financial reporting chain. When we met with the PCAOB members and senior Staff a couple of weeks ago, Steve [Harris, PCAOB member] emphasized the importance of investor protection, and I hope that you see the echo of that in these slides because of course we agree whatever we can contribute from that perspective is very important.

We have published our Framework for Audit Quality two years ago, and this is the key diagram in that [see slide 4 of the presentation]. We have described five categories of effective steps we think play an important role. It's the inputs that go into the audit process, but these of course are not very well-observable for users, who look to the output. Then we emphasize the importance of interactions between the various stakeholders (auditors, management, those charged with governance, regulators and users) – and now with the new auditor reporting, much more output and interaction. And finally, we highlight contextual factors, which have the potential to impact the nature and quality of financial reporting and, directly or indirectly, audit quality.

Of course the primary responsibility for performing quality audits rests with auditors, but each stakeholder can play an important role in supporting high-quality audits and financial reporting. I think Marty earlier today used the term improved engagement, and then I think that's basically a very good notion that’s very relevant to standard setting.  

We have, by the way, not chosen to develop audit quality metrics or indicators because that's quite difficult on a global level, but our Framework for Audit Quality has proved very helpful as a starting point for many further discussions on audit quality with our stakeholders. Our current strategy covers 2015–2019, accompanied by a work plan for 2015-2016. Our most important strategic objective, not surprisingly of course, is to ensure that the ISAs continue to form the basis for high-quality, valuable and reliable audits. Importantly, we cannot let auditing standards or the process to set them inhibit innovation or stifle the potential best practices of the future, and that's becoming more and more of a challenge I would say, especially in the context of discussions about the use of audit data analytics. And related, we are very focused on engaging our stakeholders in dialogue about public interest matters, and we have a lot of outreach everywhere with all kinds of stakeholders. It’s very encouraging to listen to those comments and to see how we can address them.

There is an expectation that we have to use our voice as the global auditing standard setter – backed by a robust due process overseen by the PIOB – to develop globally relevant solutions in coordination with others. That's really our passion as a Board, which I see so much with all my Board members and staff, as well as the CAG and the PIOB.

And of course the coordination with national regulators – other stakeholders often stress doing so with the PCAOB is very important. It's an integral part of our process, and as we have heard today already, the topics of mutual interest are so many. As to how the PCAOB and the IAASB interact, there's so much actually, and it's growing, and I see more and more positive interactions as we heard today as well, and as we also can see the ongoing linkages highlighted in the PCAOB’s recently issued proposals. As mentioned, we participate in each other's advisory groups; if I cannot make it because of conflicting schedules, then you will see a deputy. You have seen [IAASB Deputy Chair] Chuck Landes, you have seen [IAASB member] Megan Zietsman, because we feel it is a very important dialogue.

But we also have meetings with PCAOB board members – just two weeks ago, IAASB leadership had a meeting with the full PCAOB Board, and with Marty and the team. And in between, there are many further meetings, including much engagement on the topic of auditor reporting. There are other examples as well, as Marty mentioned some of these examples. Our ISA 540 [Auditing Accounting Estimates, Including Fair Value Accounting Estimates, and Related Disclosures] accounting estimate/financial institutions Task Force is actually meeting today in Amsterdam, and [PCAOB Associate Chief Auditor] Barbara Vanich is the PCAOB observer there, and is very active in the discussions of the Task Force. We also have a quality control working group, which [PCAOB Deputy Chief Auditor] Keith Wilson will soon join as an observer, and there may be further coordination in the future on other auditors/group audits, another topic of common interest.

The IAASB also has of course increased engagement with the International Forum of Independent Audit Regulators (IFIAR), which was chaired by [PCAOB member] Lew Ferguson for a couple of years. In particular, I should mention IFIAR’s Standards Coordination Working Group (SCWG), which is a focus group of some 10 leading regulators. Often, [PCAOB Deputy Division Director / Deputy Chief Auditor] Jennifer Rand is there for the PCAOB, and that allows for a very hands-on discussion on the many projects that we have, including feedback on the various jurisdictions’ inspection findings. We are increasing the dialogue with the SCWG all the time. It's now not just at that their biannual meetings, but also through direct dialogue with our Working Groups that prepare our agenda papers.

And a few more touch points with the PCAOB – last year [Director of the PCAOB Division of Registration and Inspections] Helen Munter participated in the IAASB’s discussions on professional skepticism. We had liaisons on the PCAOB’s Audit Quality Indicators project. I would also note the IAASB’s annual national standard setters’ meeting, which is upcoming in June, attended by with leading national auditing standards setters including Marty on behalf of the PCAOB and Mike Santay, Chairman of the US ASB.

So indeed, there is a lot of interaction, active participation, dialogue, and we enjoy it, and we think it's very, very important. A key project on our agenda right now is what we call our ITC, the Invitation to Comment addressing enhancing audit quality, which is referred to in the PCAOB’s Other Auditors proposal. It's a very comprehensive consultation about three core topics in auditing: Professional Skepticism, Quality Control, and Group Audits. Originally, we had these as three individual topics, and the fourth one was financial institutions. But we have since decided that we need to accelerate our ISA 540 / estimates project given the imminence of [International Financial Reporting Standard] IFRS 9 [Financial Instruments].

So we brought together the consultation on professional skepticism, quality control and group audits in our ITC publication, and just this week it's the deadline for comments to be received. We already got 64 comment letters, with at least 12 more to come and maybe a few more. Regulators like IFIAR or the International Organization of Securities Commissions (IOSCO), and large firms or member bodies may send only one letter – but there's a lot of comments behind one comment letter, and they are fairly lengthy, so we have to analyze all of that and bring the feedback together. That's what we'll do in the remaining part of the year. I should mention here two of my colleagues: [IAASB member] Megan Zietsman, who represented the IAASB at the November 2015 SAG meeting, is leading this overall work on enhancing audit quality, but also chairing our Group Audits Working Group. And our Technical Director Kathy Healy – they are in the heart of this project.

The results of the feedback will have a big impact on our standard-setting efforts, and we are currently in a listening mode. We also do a lot of outreach around the world. We have had a number of roundtables in Europe recently, but also in Kuala Lumpur. We have had conversations here in the US recently as well. In addition to the PCAOB, we also met with the US Securities and Exchange Commission with [Deputy Chief Accountant] Brian [Croteau] and his team, the Center for Audit Quality Governing Board, and also a conversation with Mike Santay of the ASB. So there will be more outreach via a session at the International Corporate Governance Network conference in June, and more to come. We are really listening to what people tell us, given that we have published this consultation.

Overall, you see a number of bullets on slide 7: what is it that we want to achieve; what is it that we want to address; and why do we do that? We learned from the post-implementation review of the clarified ISAs, we learned from inspection findings, we learned from all the dialogues that we have, including with the PCAOB. I’d also like to highlight some of the key issues coming forward, in particular the importance of the auditor having an independent and challenging skeptical mindset. But then of course the interesting question is what is that exactly and what is expected of auditors? We are also looking at how to enhance audit documentation in a more and more judgmental and subjective role: what is fair to require? Other areas of focus include keeping the ISAs fit for purpose, and encouraging firms to have a more proactive quality management approach, as well as actions related to transparency and monitoring and remediation. And then of course the need for robust communication and interaction during the audit; that's kind of an overall summary. In the end it should result and continue to result in the auditor being a very critical challenger of what he or she is confronted with.

Let me briefly mention the three individual topics addressed in the consultation. Professional skepticism is a very challenging one topic. We are exploring key questions like what is it, what skills and competencies are needed of auditors, what are the impediments to exercising professional skepticism? We have a joint working group supporting these efforts. It's chaired by one of the IAASB members, Professor Annette Köhler from Germany, but we also have a collaboration here with the International Ethics Standards Board for Accountants (IESBA) and the International Accounting Education Standards Board (IAESB), who have members in the group so we can approach the topic from a number of different angles. Professional skepticism is an attitude; it's resulting in judgments; it's prompting actions; you have to document it.

But then how should we address these elements? Should we have more in the standards, for example? The concept of professional skepticism is defined and described in ISA 200 [Overall Objectives of the Independent Auditor, and the Conduct of an Audit in Accordance with International Standards on Auditing], the overarching auditing standard, but should it more be specifically addressed in, for example, the accounting estimate standard (ISA 540)? And in the current drafts that the Board is considering, there is indeed more specific language on applying professional skepticism in the context of fair value estimates and all the judgments and forward-looking assumptions, et cetera.

It's about behavior; how can you stimulate behavior? If that's really by having more in the standards, or is there other forms of guidance possible to, for example, make people aware of biases and anchoring that they have as human beings? We have heard a lot of feedback already that the standards are not wrong and while it may be helpful if the IAASB can include a bit more guidance within them, but also that the IAASB and other boards should explore what they could do to help auditors learn how to better apply professional skepticism in practice. And this is linked to issues like the tone at the top where people are adding that the tone at the middle on an audit engagement is also very important. So very broad questions, and it's a fascinating project, and each time that we discuss it, we're short of time. Research plays an important part in our process, and on this topic we are also looking to academics as well.

And then the second topic, quality control. In her May 5 speech, [PCOAB member] Jeanette [Franzel] said, "Also, in my optimistic view, we could see a time when a large firm improves its quality control system so that it prevents audit deficiencies. In such a scenario, a PCOAB inspection could change its focus from the current detailed level of inspecting aspects of individual audits to looking more deeply at that quality control system that is so critical for supporting and maintaining high audit quality. Such an approach could be highly efficient and effective at catching quality control weaknesses early, with a focus on preventing audit deficiencies. This is an aspiration at this point, albeit a worthy and achievable one."

I think it's a very important quote, and you see that's reflected in what I have here. We have our quality control standards, [International Standard on Quality Control] ISQC 1 [Quality Control for Firms that Perform Audits and Reviews of Financial Statements, and Other Assurance and Related Services] and ISA 220 [Quality Control for an Audit of Financial Statements], but they could be viewed as a bit reactive, given the focus on compliance with standards and programs. But as we have seen in many industries, we are asking ourselves whether changes to the quality control systems and quality control approach at the engagement level could be made to make sure things are done right the first time. So that when audits are done, the result is of a high quality, and it’s not necessary to “double check” that. We refer to this as a quality management approach (QMA) – which is exploring a more proactive approach to quality, not only a robust response to managing quality, but also one that is scalable.

Although it is early days, we are already getting a lot of feedback. On the one hand, people find the QMA interesting, and note that some firms are already approaching their quality control systems in this way – recognized in Jeanette’s comments. On the other hand, certainly for mid-sized networks, concerns that the approach could go too far and be overly complex. In the end, auditors and firms have to deliver high-quality audits, and the more sure you are about your process, the better the result may be.

In terms of specific issues related to quality control, we are exploring many elements: the roles and responsibilities of the engagement partner, transparency reporting, and audit delivery models, as well as the question of other auditors and component auditors, networks, monitoring, remediation, and root cause analysis, and finally engagement quality control reviews. We have a lot of questions on those issues in the ITC, and we expect very lively discussion later on.

And finally in the ITC, group audits. We have raised many of the same questions as the PCAOB has in its Other Auditors proposal. We believe ISA 600 [Special Considerations—Audits of Group Financial Statements (Including the Work of Component Auditors)] is certainly not broken, but nevertheless, the group audits are changing. The role of group audits is demanding more and more. We see many business developments that have to be addressed, so the standard may need to take much more of a “top-down” approach to adapt to these developments. While ISA 600 does not allow for divided responsibility, we have asked a specific question in the ITC whether it should. What we’re seeing so far in the responses is that there's still a lot of sympathy for the undivided responsibility, but also recognition that sometimes it can be very complicated because of the equity method investments or other specific circumstances. Also in the context of transparency, as we already see in the UK, auditor’s reports are explaining more how individual audits have been organized. So again, very interesting topics that we will certainly study going forward.

And then ISA 540, accounting estimates and fair values. As Marty mentioned, we first started thinking specifically about financial institutions, as a result of much push from financial regulators, audit committees and others in light of IFRS 9 and the expected credit loss model. We previously had conversations with [former International Accounting Standards Board Chairman] Sir David Tweedie about more forward-looking approaches.

However, in thinking through the effects of IFRS 9, the IAASB realized a more holistic review of ISA 540 would be preferable, so we have accelerated our work and are ambitiously planning to approve an exposure draft in December of this year. We have issued a project publication earlier this year to share preliminary thoughts on issues that we hope to address in revising the standards – which is further promoting transparency in our standard setting by keeping our stakeholders aware of our direction.

To wrap up on our initiatives, we have started work to explore how to enhance a very key risk assessment standard, ISA 315 [ISA 220, Quality Control for an Audit of Financial Statements]. It will basically follow a similar phased approach as Marty explained the PCAOB is pursuing – first to understand what issues the IAASB needs to address. Of course we are also looking at data analytics and the effects of technology on the audit – as previously mentioned during this meeting, we are all listening to the experts, understanding what is being done or explored in practice by firms around the world. Our oversight board is also keenly interested. We do not want the standards today to restrict innovation, and many have already told us they are not, but at the same time, they were not written with data analytics in mind. Some examples – sampling, analytical procedures – but more broadly internal control and risk assessment.

So data analytics poses a key question about the future of auditing, as well as the timing of when might be the right time to consider revising the standards – balancing being too early or too late and having to ask the question   what actually needs to be “standardized." We have a working group led by [IAASB member] Bob Dohrer, with experts directly participating in that group. We intend to publish a brief paper later on this year, highlighting key issues and showing the IAASB’s involvement, the feedback to date. This topic looks like another great candidate for a lot of cooperation with the PCAOB and others of course – we will discuss at our upcoming meeting with national auditing standard setters.

We issued a brief publication on integrated reporting and other forms of emerging external reporting, and in the third quarter of this year we anticipate a more in-depth discussion paper, exploring into questions about assurance of integrated reporting, whether the current standards are suitable for these types of engagement or if more IAASB actions are needed. We also have an innovation working group led by the IAASB Deputy Chair, Chuck Landes, where topics like corporate governance and cybersecurity are being explored at an early phase.

Finally, a brief overview of the IAASB’s auditor reporting enhancements, which were covered in the earlier session.

With that, let me thank the SAG members for their attention; The brief summary is that I see, and we enjoy, an increasing collaboration between the PCAOB and the IAASB, and maybe might I say, thereby respectful convergence as well.

Thank you very much.