Where there is smoke, there tends to be fire.
But where there exists the repeated appearance of deficiencies in the audit process of a business, there often tend to be deeper issues across internal controls, financial reporting, governance or compliance — issues that can ultimately pose risks to the financial health, reputation and operational viability of a company.
In the United States, ensuring that the auditing profession fulfills its duty as a gatekeeper for accurate and complete financial statements from public companies is the responsibility of the Public Company Accounting Oversight Board (PCAOB).
The PCAOB implemented Monday (Sept. 9) a new set of quality control (QC) standards that were approved by the U.S. Securities and Exchange Commission (SEC) in a 3-2 vote that overrode industry and trade group objections from the U.S. Chamber of Commerce and firms including EY and PwC.
Under the new QC standards, accounting firms that audit more than 100 public companies will have to set up an oversight board and include in it at least one independent outsider to help oversee audit quality.
“An auditing firm is ultimately a professional services firm, and it needs to ensure the quality of the services it provides,” said SEC Chair Gary Gensler. “I am pleased to approve this standard because it will improve the quality control systems of auditors, and thus better protect investors.”
“[T]he PCAOB found that 46% — nearly half — of the auditing engagements it reviewed in 2023 fell short of obtaining sufficient, appropriate audit evidence,” Gensler added in a separate statement.
Each of the Big Four accountancies, as well as around eight other firms, will be subject to the new standard.
Read also: Beyond the Horizon: How to Identify Unexpected Threats That Could Impact Your Business
The three biggest takeaways for the firms subject to the new standard are that, first, they must design a quality control system to guard against risk; second, firms must annually evaluate their own accountability and continuous improvement of their audit practice; and, third, larger auditors issuing more than 100 audit reports annually must establish an external quality control function (EQCF) that can exercise “independent judgment related to the firm’s QC system,” the SEC said.
The PCAOB initiative introduces several changes aimed at improving audit quality. The rules require auditors to provide a detailed breakdown of their findings in areas of risk and judgment. The move is expected to give investors a deeper insight into the financial health of companies, enabling more informed decision-making.
“QC 1000, ‘A Firm’s System of Quality Control,’ establishes an integrated, risk-based quality control standard that will require all registered public accounting firms to identify specific risks to their practice and design a quality control system that includes appropriate responses to guard against those risks,” the SEC said. “Registered firms that perform engagements under PCAOB standards will be required to implement and operate the QC system.”
The QC standards are designed to serve as a revamp of quality control rules that the accounting industry itself wrote almost 30 years ago, before the PCAOB was created in the wake of the Enron scandal.
QC 1000 and the related amendments to other PCAOB standards, rules and forms will take effect Dec. 15, 2025.
The U.S. Chamber of Commerce indicated that it would consider suing to halt the new governance arrangements.
See also: Bankruptcy Filing Highlights Deep-Rooted Issues in Big Lots’ Business Model
Traditional methods of compliance management often fall short due to their reliance on manual processes and retrospective analysis, highlighting the role that future-fit advances like artificial intelligence can play in securing and streamlining the global business landscape by helping firms enhance their anti-money laundering (AML) compliance and detect suspicious activity in real time.
Sedric AI raised $18.5 million in a Series A funding round Thursday (Sept. 5) to continue developing and promoting its AI-powered compliance platform, for example.
“Compliance has traditionally been a cost center designed to avoid risk…,” Sovos CEO Kevin Akeroyd told PYMNTS in April. “It has not been a force for growth — but now, it’s turning that corner, and it really can be a force for growth.”