The standards we are proposing today "raise the bar" for what
auditors are required to do in auditing related party transactions
and other transactions deemed to be significant and unusual.
Investors have been harmed in the past by frauds perpetuated in
connection with related parties as well as surprised by the
significance of related party transactions and significant unusual
transactions not disclosed to them. These proposed standards are
intended to address both problems.
Many years ago, as a young audit senior, I was responsible for
detecting a fraud at a client. As it turned out, the fraud went to
the highest level of the organization. The business was struggling
to meet its cash needs and found "creative" ways to obtain more
money from its asset based lender. The creative ways ultimately
crossed the line. In reviewing the audit results, it became clear
that too many things failed to add up. Several related parties had
been identified and disclosed in the past, and as I dug deeper into
these related parties, I encountered more questions than answers.
The simple question, "where is this related party located?" was met
with evasive answers. The answer to the question of how many
employees the related party had — zero — was troubling and created
serious doubt about whether the related party was actually providing
any services. As I began to understand the flow of transactions, or,
rather, the flow of funds, it became clear how the lender was being
defrauded. Unfortunately, the business did not have an audit
committee, and the CEO was deeply involved in the fraud. Ultimately,
the CEO pled guilty to charges against him and died in prison.
This is but one example of many similar scenarios, some of which
are not discovered until great harm has been done to investors. In
some cases, related party transactions involve difficult measurement
and recognition issues that pose a risk of material misstatement in
the financial statements; in other cases, related party transactions
have been used — as in the situation I encountered — to engage in
fraud.
The auditing standard addressing related parties dates back
almost 30 years to 1983, and the standard we are proposing today is
the result of a fresh look at this important topic. It is intended
to strengthen the existing audit procedures for identifying,
assessing and responding to the risks of material misstatement
associated with a company's related party transactions.
Complementing this proposed standard are proposed amendments to
strengthen the auditor's identification and evaluation of
significant unusual transactions, along with a series of amendments
to standards addressing related matters, such as transactions and
relationships with executive officers.
The changes we are proposing today attempt to apply a
comprehensive and common sense approach to the auditor's work to
identify and understand related party transactions, significant and
unusual transactions, and their respective implications.
The proposed related party standard requires auditors:
- to consider the fraud risks posed by the relevant
transactions;
- to conduct procedures to identify related parties, including
by asking management to identify such relationships and the
resulting transactions;
- to discuss relevant relationships and transactions with the
audit committee, including inquiring about any concerns that audit
committee members may have about any related party relationships;
- to conduct specified procedures to understand the
transactions, including their business purpose and the company's
accounting and disclosures; and
- to consider all other evidence revealed during the auditor's
work that may be relevant to the auditor's evaluation.
Similar to the proposed standard on related parties, the proposed
amendments to AU sec. 316 are intended to focus auditors on the
identification and evaluation of significant unusual transactions.
Identifying such transactions — broadly defined in the proposed
amendments as significant transactions outside the normal course of
business or that otherwise appear to be unusual due to their timing,
size or nature — may be difficult. However, it is a procedure that
is vital to protecting the interests of investors. The proposed
amendments would require auditors to inquire about such transactions
with a variety of parties, to understand and consider the
implications of the company's internal controls related to such
transactions, and to review other information that comes to light
during the performance of the audit that may evidence significant
unusual transactions. The amendments also would require auditors to
design and perform specific audit procedures intended to address the
risks of material misstatement uniquely presented by significant
unusual transactions and to facilitate a clearer understanding by
auditors of the business purpose of such transactions.
As I noted earlier, the proposed standard, Related
Parties, and the proposed amendments regarding significant
unusual transactions also are intended to complement each other. For
example, while Appendix A to the new related parties standard
provides guidance to auditors on examples of information that could
indicate the existence of transactions with related parties, it may
also help auditors to identify significant unusual transactions. At
the same time, the new procedures required in connection with the
auditor's evaluation of significant unusual transactions may also
help the auditor identify related parties or transactions with
related parties that were previously undisclosed to the auditor.
I believe that the proposed standard and proposed amendments —
through the increased focus on related party and significant unusual
transactions, and the increase in audit procedures required in these
areas — will increase investor confidence in the financial
statements and serve the public interest. However, I am, as always,
interested in the costs associated with the proposals, and whether
there are any unintended consequences that we should consider before
adopting final standards. In crafting the proposed standard and
other amendments, we considered what burdens would be imposed on
auditors and their clients. For example, in connection with the
proposed requirements relating to the auditor's work to understand
the company's financial relationships and transactions with its
executive officers, we thought carefully about what procedures to
require in order to obtain the maximum benefit without imposing
unreasonable burdens, and I believe we have struck an appropriate
balance.
Cost-benefit analysis has been a much discussed topic recently in
the context of financial regulation. Many believe, and I agree, that
it is difficult to monetize or otherwise quantify the benefits of
such regulations. Nevertheless, we can explain the benefits and
consider the costs of implementing our proposals. In that vein, I
encourage commenters to provide us with your views on the benefits
to investors of the amendments that we have proposed, as well as to
let us know whether management or auditors anticipate significant
cost increases as a result of the additional procedures. Are some
firms already performing the proposed procedures, even if not
currently required? If not, consider whether you can try to apply
the proposed standard and provide us with feedback on your
experiences. Are there other procedures that firms or audit
committees have found effective in these areas? Do investors or
audit committees believe that we have missed any steps that should
be required? Do audit committee members believe that more should be
done, or that additional items should be discussed by the auditor
and the audit committee?
I look forward to receiving thoughtful comments on these
questions and many others posed in the release. In the meantime, I
would like to join my fellow Board members in thanking members of
the Office of the Chief Auditor and of the Office of General Counsel
for their hard work, particularly Greg Scates, Brian Degano, Nick
Grillo, Karen Burgess, Bob Burns, and Nina Mojiri-Azad. As usual,
their work is exemplary. I would also like to thank the staff of the
SEC who took time to provide their views; we always benefit from
their expertise and perspective.