SEC’s August 20 Open Meeting: Commissioners Approve Updated Audit Rules

Yesterday, the SEC held its third open meeting of the 2024 calendar year, at which the commissioners considered several proposals regarding auditors and the audits of public companies. 

Two of the proposals may be of interest to public companies as they consider auditor engagements:

1. Amendment to PCAOB Rule 3502, Responsibility Not to Knowingly or Recklessly Contribute to Violations.

   In a 3-2 vote along party lines, the commissioners approved an amendment to PCAOB Rule 3502, which governs the contributory liability of an individual person associated with a registered public accounting firm in the event the registered public accounting firm is found to have violated applicable rules and regulations. 

   The amendment tightens the standard of care with which an associated person of an audit firm must act, moving from the “knowing, or recklessly not knowing,” standard to a standard of negligence in the determination of liability of such associated person for actions or omissions that “directly and substantially” contribute to an audit firm’s violation of the laws, rules and standards under the purview of the PCAOB. 

   Commissioner Peirce, one of the two dissenting votes, voiced concerns that the amendment could (a) have a chilling effect on attracting, recruiting and retaining people to work in the audit industry, an industry that has struggled to recruit talent in recent years, and (b) lead to junior auditors being found liable for an audit firm’s violations in circumstances that would otherwise not lead to culpability by the junior auditor. 

2. Amendment to AS 1105, Audit Evidence, and AS 2301, The Auditor’s Responses to the Risks of Material Misstatement. 

   The commissioners unanimously voted to approve amendments to AS 1105 and AS 2301, related to audit procedures that involve technology-assisted analysis of information in electronic form. The PCAOB’s adopting release for the rules summarized the need for these amendments:

   "Using technology-assisted analysis may enhance the effectiveness of audit procedures. For example, analyzing larger volumes of information and in more depth may better inform the auditor’s risk assessment by providing different perspectives, providing more information when assessing risks, and exposing previously unidentified relationships that may reveal new risks. At the same time, inappropriate application of PCAOB standards when designing and performing audit procedures that involve technology-assisted analysis has the potential to compromise the quality of audits where the procedures are used. For example, PCAOB oversight activities have found instances of noncompliance with PCAOB standards related to evaluating the relevance and reliability of company-provided information and evaluating certain items identified in audit procedures involving technology-assisted analysis."
   
   During the open meeting, there was extensive discussion of the scope of the auditor’s responsibilities for evaluating the reliability of external information provided by companies in electronic form and used as audit evidence. Specifically, there was concern that the amended standards could be read expansively to require significant data verification steps. Ultimately, the commissioners approved the rule but called on the PCAOB to provide further implementation guidance.