ASB Meeting October 16-19, 2017

Transcription

1 ASB Meeting October 16-19, 2017 Agenda Item 2D Conforming Amendments from AS 18 (AS 2410) The following shows the conforming amendments in Release , AS No. 18 Related Parties AS 18; comparable GAAS paragraphs marked for proposed conforming amendments to eliminate unnecessary differences with the PCAOB standards; and comments. The proposed amendments are shown in bold italics. The comments column includes explanations and rationales for proposing, or not proposing, amendments to GAAS. The amendments are shown in the following order: Section I, amendments to certain PCAOB auditing standards regarding significant unusual transactions (Appendix 2 of Release ), and Section II, other amendments to PCAOB auditing standards (Appendix 3 of Release ). Within each section the amendments have been placed in order of the comparable AU-C section. SECTION I Amendments Relating to Significant Unusual Transactions 1. Auditing Standard No. 12, Identifying and Assessing Risks of Material Misstatement (AS 2110) 56. The auditor's inquiries regarding fraud risks should include the following: a. Inquiries of management regarding: (1) Whether management has knowledge of fraud, alleged fraud, or suspected fraud affecting the company; (2) Management's process for identifying and responding to fraud risks in the company, including any specific fraud risks the company has identified or No comparable requirement in AU-C 315. AU-C 240 Consideration of Fraud in a Financial Statement Audit Discussions With Management and Others Within the Entity 17 The auditor should make inquiries of management regarding a. management s assessment of the risk that the financial statements may be materially misstated due to Impact on PCAOB Standards: Incremental specific requirement based on amendment to AU sec. 316 (AU-C 240). Proposed amendment to GAAS: Yes. Prepared by A. Goldman (September 2017) Page 1 of 68

2 account balances or disclosures for which a fraud risk is likely to exist, and the nature, extent, and frequency of management's fraud risk assessment process; (3) Controls that the company has established to address fraud risks the company has identified, or that otherwise help to prevent and detect fraud, including how management monitors those controls; (4) For a company with multiple locations (a) the nature and extent of monitoring of operating locations or business segments and (b) whether there are particular operating locations or business segments for which a fraud risk might be more likely to exist; (5) Whether and how management communicates to employees its views on business practices and ethical behavior; (6) Whether management has received tips or complaints regarding the company's financial reporting (including those received through the audit committee's internal whistleblower program, if such program exists) and, if so, management's responses to such tips and complaints; and (7) Whether management has reported to the audit committee on how the company's internal control serves to prevent and detect material misstatements due to fraud; and fraud, including the nature, extent, and frequency of such assessments; (Ref: par..a14.a15) b. management s process for identifying, responding to, and monitoring the risks of fraud in the entity, including any specific risks of fraud that management has identified or that have been brought to its attention, or classes of transactions, account balances, or disclosures for which a risk of fraud is likely to exist; (Ref: par..a16) c. management s communication, if any, to those charged with governance regarding its processes for identifying and responding to the risks of fraud in the entity; and d. management s communication, if any, to employees regarding its views on business practices and ethical behavior. e. Whether the entity has entered into any significant unusual transactions and, if so, the nature, terms, and business purpose (or the lack thereof) of those transactions and whether such transactions involved related parties. See row 7 for amendment to define significant unusual transactions. Agenda Item 2D Page 2 of 68

3 (8) Whether the company has entered into any significant unusual transactions and, if so, the nature, terms, and business purpose (or the lack thereof) of those transactions and whether such transactions involved related parties.31a/ Footnote 31A - See AU secs A. 2. Auditing Standard No. 12, Identifying and Assessing Risks of Material Misstatement (AS 2110) 57. In addition to the inquiries outlined in the preceding paragraph, the auditor should inquire of others within the company about their views regarding fraud risks, including, in particular, whether they have knowledge of fraud, alleged fraud, or suspected fraud. The auditor should identify other individuals within the company to whom inquiries should be directed and determine the extent of such inquiries by considering whether others in the company might have additional knowledge about fraud, alleged fraud, or suspected fraud or might be able to corroborate fraud risks identified in discussions with management or the audit committee. Examples of other individuals within the company to whom inquiries might be directed include: AU-C 240 Consideration of Fraud in a Financial Statement Audit.18 The auditor should make inquiries of management, and others within the entity as appropriate, to determine whether they have knowledge of any actual, suspected, or alleged fraud affecting the entity. (Ref: par..a17.a20).a19 Examples of others within the entity to whom the auditor may direct inquiries about the existence or suspicion of fraud include the following: Operating personnel not directly involved in the financial reporting process Employees with different levels of authority Impact on PCAOB Standards: Conforming amendment Proposed amendment to GAAS: yes. company, including, e.g., company personnel with whom the auditor comes into contact during the course of the audit (a) in obtaining an understanding of internal control, (b) in observing inventory or performing cutoff Employees involved in initiating, processing, or recording complex or unusual transactions, (for example, a sales transaction with multiple elements, Agenda Item 2D Page 3 of 68

4 procedures, or (c) in obtaining explanations for significant differences identified when performing analytical procedures; financial reporting process; recording, or processing complex or unusual transactions, e.g., a sales transaction with multiple elements, a significant unusual transaction, or a significant related party transaction; and -house legal counsel. a significant unusual transaction, or a significant related party transaction) and those who supervise or monitor such employees In-house legal counsel Chief ethics officer or equivalent person The person or persons charged with dealing with allegations of fraud.a20 Management is often in the best position to perpetrate fraud. Accordingly, when evaluating management s responses to inquiries with professional skepticism, the auditor may judge it necessary to corroborate responses to inquiries with other information. Agenda Item 2D Page 4 of 68

5 3. Auditing Standard No. 12, Identifying and Assessing Risks of Material Misstatement (AS 2110) 56 c. If the company has an internal audit function, inquiries of appropriate internal audit personnel regarding: (1) The internal auditors' views about fraud risks in the company; (2) Whether the internal auditors have knowledge of fraud, alleged fraud, or suspected fraud affecting the company; (3) Whether internal auditors have performed procedures to identify or detect fraud during the year, and whether management has satisfactorily responded to the findings resulting from those procedures; and AU-C 240 Consideration of Fraud in a Financial Statement Audit.19 For those entities that have an internal audit function, fn 6 the auditor should make inquiries of appropriate individuals within the internal audit function to obtain their views about the risks of fraud; determine whether they have knowledge of any actual, suspected, or alleged fraud affecting the entity; whether the entity has entered into any significant unusual transactions; whether they have performed any procedures to identify or detect fraud during the year; and whether management has satisfactorily responded to any findings resulting from these procedures. Impact on PCAOB Standards: Incremental specific requirement based on amendment to AU sec. 316 (AU-C 240). Proposed amendment to GAAS: Yes. (4) Whether internal auditors are aware of instances of management override of controls and the nature and circumstances of such overrides; and (5) Whether the company has entered into any significant unusual transactions. Agenda Item 2D Page 5 of 68

6 4. 5. Auditing Standard No. 12, Identifying and Assessing Risks of Material Misstatement (AS 2110) 56 b. Inquiries of the audit committee, or equivalent, or its chair regarding: (1) The audit committee's views about fraud risks in the company; (2) Whether the audit committee has knowledge of fraud, alleged fraud, or suspected fraud affecting the company; (3) Whether the audit committee is aware of tips or complaints regarding the company's financial reporting (including those received through the audit committee's internal whistleblower program, if such program exists) and, if so, the audit committee's responses to such tips and complaints; and (4) How the audit committee exercises oversight of the company's assessment of fraud risks and the establishment of controls to address fraud risks; and (5) Whether the company has entered into any significant unusual transactions. Auditing Standard No. 13, The Auditor's Responses to the Risks of Material Misstatement (AS 2301) AU-C 240 Consideration of Fraud in a Financial Statement Audit Those Charged With Governance.20 Unless all of those charged with governance are involved in managing the entity, fn 7 the auditor should obtain an understanding of how those charged with governance exercise oversight of management s processes for identifying and responding to the risks of fraud in the entity and the internal control that management has established to mitigate these risks. (Ref: par..a21.a23).21 Unless all of those charged with governance are involved in managing the entity, the auditor should make inquiries of those charged with governance (or the audit committee or, at least, its chair) to determine their views about the risks of fraud and whether they have knowledge of any actual, suspected, or alleged fraud affecting the entity or whether the entity has entered into any significant unusual transactions. These inquiries are made, in part, to corroborate the responses received from the inquiries of management. AU-C 240 Consideration of Fraud in a Financial Statement Audit Impact on PCAOB Standards: Incremental specific requirement based on amendment to AU sec. 316 (AU-C 240). Proposed amendment to GAAS: Yes. Impact on PCAOB Standards: Amendment adds cross-reference. Agenda Item 2D Page 6 of 68

7 5. The auditor should design and implement overall responses to address the assessed risks of material misstatement as follows: a. Making appropriate assignments of significant engagement responsibilities. The knowledge, skill, and ability of engagement team members with significant engagement responsibilities should be commensurate with the assessed risks of material misstatement.1/ b. Providing the extent of supervision that is appropriate for the circumstances, including, in particular, the assessed risks of material misstatement. (See paragraphs 5 6 of Auditing Standard No. 10, Supervision of the Audit Engagement.) c. Incorporating elements of unpredictability in the selection of audit procedures to be performed. As part of the auditor's response to the assessed risks of material misstatement, including the assessed risks of material misstatement due to fraud ("fraud risks"), the auditor should incorporate an element of unpredictability in the selection of auditing procedures to be performed from year to year. Examples of ways to incorporate an element of unpredictability include: (1) Performing audit procedures related to accounts, disclosures, and assertions that would not otherwise be tested based on their amount or the auditor's assessment of risk;.29 In determining overall responses to address the assessed risks of material misstatement due to fraud at the financial statement level, the auditor should a. assign and supervise personnel, taking into account the knowledge, skill, and ability of the individuals to be given significant engagement responsibilities and the auditor s assessment of the risks of material misstatement due to fraud for the engagement; (Ref: par..a39.a40) b. evaluate whether the selection and application of accounting policies by the entity, particularly those related to subjective measurements and complex transactions, may be indicative of fraudulent financial reporting resulting from management s effort to manage earnings, or a bias that may create a material misstatement; and (Ref: par..a41) c. incorporate an element of unpredictability in the selection of the nature, timing, and extent of audit procedures. (Ref: par..a42)/.a42 Incorporating an element of unpredictability in the selection of the nature, timing, and extent of audit procedures to be performed is important because individuals within the entity who are familiar with the audit procedures normally performed on engagements Proposed amendment to GAAS: No. Agenda Item 2D Page 7 of 68

8 (2) Varying the timing of the audit procedures; (3) Selecting items for testing that have lower amounts or are otherwise outside customary selection parameters; (4) Performing audit procedures on an unannounced basis; and (5) In multi-location audits, varying the location or the nature, timing, and extent of audit procedures at related locations or business units from year to year.2/ d. Evaluating the company's selection and application of significant accounting principles. The auditor should evaluate whether the company's selection and application of significant accounting principles, particularly those related to subjective measurements and complex transactions,3/ are indicative of bias that could lead to material misstatement of the financial statements. may be better able to conceal fraudulent financial reporting. This can be achieved by, for example, performing substantive procedures on selected account balances and assertions not otherwise tested due to their materiality or risk. adjusting the timing of audit procedures from that otherwise expected. using different sampling methods. performing audit procedures at different locations or at locations on an unannounced basis. Footnote 3 - See also paragraphs a of AU sec. 316, Consideration of Fraud in a Financial Statement Audit, and paragraphs.04 and.06 of AU sec. 411, The Meaning of Present Fairly in Conformity With Generally Accepted Accounting Principles. 6. Auditing Standard No. 13, The Auditor's Responses to the Risks of Material Misstatement (AS 2301) AU-C 240 Consideration of Fraud in a Financial Statement Audit Impact on PCAOB Standards: Conforming amendment. Agenda Item 2D Page 8 of 68

9 15. Also, AU sec. 316 indicates that the auditor should perform audit procedures to specifically address the risk of management override of controls including: a. Examining journal entries and other adjustments for evidence of possible material misstatement due to fraud (AU secs ); b. Reviewing accounting estimates for biases that could result in material misstatement due to fraud (AU secs ); and c. Evaluating whether the business purpose for significant transactions that are outside the normal course of business for the company or that otherwise appear to be unusual due to their timing, size, or nature ("significant unusual transactions") indicates that the transactions may have been entered into to engage in fraudulent financial reporting or conceal misappropriation of assets (AU secs A). c. Evaluating the business rationale for significant unusual transactions (AU secs )..32 Even if specific risks of material misstatement due to fraud are not identified by the auditor, a possibility exists that management override of controls could occur. Accordingly, the auditor should address the risk of management override of controls apart from any conclusions regarding the existence of more specifically identifiable risks by designing and performing audit procedures to a. test the appropriateness of journal entries recorded in the general ledger and other adjustments made in the preparation of the financial statements, including entries posted directly to financial statement drafts. In designing and performing audit procedures for such tests, the auditor should (Ref: par..a47.a50 and.a55) i b. review accounting estimates for biases and evaluate whether the circumstances producing the bias, if any, represent a risk of material misstatement due to fraud. In performing this review, the auditor should c. evaluate, for significant unusual transactions that are outside the normal course of business for the entity or that otherwise appear to be unusual given the auditor s understanding of the entity and its environment and other information obtained during the audit, whether the business rationale (or the lack thereof) of the Proposed amendment to GAAS: Yes, to conform wording to significant unusual transactions.. Agenda Item 2D Page 9 of 68

10 transactions suggests that they may have been entered into to engage in fraudulent financial reporting or to conceal misappropriation of assets. (Ref: par..a54) 7. AU sec. 316,Consideration of Fraud in a Financial Statement Audit (AS 2401) Extant par. 66 is deleted and replaced with:.66 Evaluating whether the business purpose for significant unusual transactions indicates that the transactions may have been entered into to engage in fraud. Significant transactions that are outside the normal course of business for the company or that otherwise appear to be unusual due to their timing, size, or nature ("significant unusual transactions") may be used to engage in fraudulent financial reporting or conceal misappropriation of assets. AU-C 240 Consideration of Fraud in a Financial Statement Audit.11 For purposes of GAAS, the following terms have the meanings attributed as follows: Fraud. An intentional act by one or more individuals among management, those charged with governance, employees, or third parties, involving the use of deception that results in a misstatement in financial statements that are the subject of an audit. Impact on PCAOB Standards: Analyzed in subsequent rows. Proposed amendment to GAAS: In addition to those shown in subsequent rows, amendment to define significant unusual transactions. Fraud risk factors. Events or conditions that indicate an incentive or pressure to perpetrate fraud, provide an opportunity to commit fraud, or indicate attitudes or rationalizations to justify a fraudulent action. (Ref: par..a11,.a30, and.a56) Significant unusual transactions. Significant transactions that are outside the normal course of business for the company or that otherwise appear to be unusual due to their timing, size, or nature. Agenda Item 2D Page 10 of 68

11 8. Note: The auditor should take into account information that indicates that related parties or relationships or transactions with related parties previously undisclosed to the auditor might exist when identifying significant unusual transactions. See paragraphs of Auditing Standard No. 18, Related Parties. Appendix A of Auditing Standard No. 18, Related Parties, includes examples of such information and examples of sources of such information. AU-C 550, Related Parties.16 During the audit, the auditor should remain alert evaluate whether the entity has properly identified its related parties and relationships and transactions with related parties by performing procedures to test the accuracy and completeness of the related parties and relationships and transactions with related parties identified by the company, taking into account the information gathered during the audit.. Impact on PCAOB Standards: Incremental guidance Proposed amendment to GAAS: See proposed amendments to AU-C 550 in agenda item 3A. Agenda Item 2D Page 11 of 68

12 9. AU sec. 316,Consideration of Fraud in a Financial Statement Audit (AS 2401) Note: The auditor's identification of significant unusual transactions should take into account information obtained from: (a) the risk assessment procedures required by Auditing Standard No. 12, Identifying and Assessing Risks of Material Misstatement (e.g., inquiring of management and others, obtaining an understanding of the methods used to account for significant unusual transactions, and obtaining an understanding of internal control over financial reporting) and (b) other procedures performed during the audit (e.g., reading minutes of the board of directors meetings and performing journal entry testing). 66A The auditor should design and perform procedures to obtain an understanding of the business purpose or the lack thereof) of each significant unusual transaction that the auditor has identified. The procedures should include: a. Reading the underlying documentation and evaluating whether the terms and other information about the transaction are consistent with explanations from inquiries and other audit evidence about the business purpose (or the lack thereof) of the transaction; AU-C 240 Consideration of Fraud in a Financial Statement Audit 32 Even if specific risks of material misstatement due to fraud are not identified by the auditor, a possibility exists that management override of controls could occur. Accordingly, the auditor should address the risk of management override of controls apart from any conclusions regarding the existence of more specifically identifiable risks by designing and performing audit procedures to --- c. evaluate, for significant transactions that are outside the normal course of business for the entity or that otherwise appear to be unusual given the auditor s understanding of the entity and its environment and other information obtained during the audit, whether the business rationale (or the lack thereof) of significant unusual transactions the transactions suggests that they may have been entered into to engage in fraudulent financial reporting or to conceal misappropriation of assets. The procedures should include (Ref: par..a54) i. Reading the underlying documentation and evaluating whether the terms and other information about the transaction are consistent with explanations from inquiries and other audit evidence about the business purpose (or the lack thereof) of the transaction; Impact on PCAOB Standards: Incremental specific requirement and guidance for procedures around significant unusual transactions, along with rewording of existing requirements and guidance. Proposed amendment to GAAS: Yes. Proposed amendments reflect incremental requirements and guidance; not rewording of requirements and guidance that have equivalents in GAAS. Agenda Item 2D Page 12 of 68

13 10. b. Determining whether the transaction has been authorized and approved in accordance with the company's established policies and procedures; ii. Determining whether the transaction has been authorized and approved in accordance with the company's established policies and procedures; See above c. Evaluating the financial capability of the other parties with respect to significant uncollected balances, loan commitments, supply arrangements, guarantees, and other obligations, if any; fn 24A and iii. Evaluating the financial capability of the other parties with respect to significant uncollected balances, loan commitments, supply arrangements, guarantees, and other obligations, if any; and d. Performing other procedures as necessary depending on the identified and assessed risks of material misstatement. Note: Paragraph 11A of Auditing Standard No. 13 requires the auditor to take into account the types of potential misstatements that could result from significant unusual transactions in designing and performing further audit procedures. 67A The auditor must evaluate whether significant unusual transactions that the auditor has identified have been properly accounted for and disclosed in the financial statements. This includes evaluating whether the financial statements contain the information regarding significant unusual transactions essential for a fair presentation of the financial statements in conformity with the applicable financial reporting framework. fn 25B iv. Evaluating whether significant unusual transactions that the auditor has identified have been properly accounted for and disclosed in the financial statements..33 The auditor should determine whether, in order to respond to the identified risks of management override of controls, the auditor needs to perform other audit procedures in addition to those specifically referred to previously (that is, when specific additional risks of management override exist that are not covered as part of the procedures performed to address the requirements in paragraph.32). (Ref: par..a55) Agenda Item 2D Page 13 of 68

14 11. Footnote 24A - Examples of information that might be relevant to the auditor's evaluation of the other party's financial capability include, among other things, the audited financial statements of the other party, reports issued by regulatory agencies, financial publications, and income tax returns of the other party, to the extent available. AU-C section 550, Related Parties.A35 Examples of substantive audit procedures that the auditor may perform when the auditor has assessed a significant risk that management has not appropriately accounted for or disclosed specific related party transactions (whether due to fraud or error) include the following: See above With respect to material uncollected balances, guarantees, and other obligations, obtaining information about the financial capability of the other party or parties to the transaction. Such information may be obtained from audited financial statements, unaudited financial statements, income tax returns, and reports issued by regulatory agencies, taxing authorities, financial publications, or credit agencies. 12. AU sec. 316,Consideration of Fraud in a Financial Statement Audit (AS 2401) See AU-C 240, par. 32c for corresponding requirement See above Extant par. 67 is deleted and replaced with: Agenda Item 2D Page 14 of 68

15 .67 The auditor should evaluate whether the business purpose (or the lack thereof) indicates that the significant unusual transaction may have been entered into to engage in fraudulent financial reporting or conceal misappropriation of assets. In making that evaluation, the auditor should evaluate whether: -The form of the transaction is overly complex (e.g., the transaction involves multiple entities within a consolidated group or unrelated third parties); -Management has discussed the nature of and accounting for the transaction with the audit committee or another committee of the board of directors or the entire board. -Management is placing more emphasis on the need for a particular accounting treatment than on the underlying economic substance of the transaction (e.g., accounting-motivated structured transaction); and -The transaction involves unconsolidated related parties, including variable interest entities; -The transaction involves related parties or relationships or transactions with related parties previously undisclosed to the auditor; fn 25A -The transaction involves other parties that do not appear to have the financial capability to support the A54 Indicators that may suggest that significant unusual transactions that are outside the normal course of business for the entity, or that otherwise appear to be unusual, may have been entered into to engage in fraudulent financial reporting or to conceal misappropriation of assets include the following: The form of such transactions appears overly complex (for example, the transaction involves multiple entities within a consolidated group or multiple unrelated third parties). Management has not discussed the nature of and accounting for such transactions with those charged with governance of the entity, and inadequate documentation exists. Management is placing more emphasis on the need for a particular accounting treatment than on the underlying economics of the transaction. Transactions that involve nonconsolidated related parties, including special purpose entities, have not been properly reviewed or approved by those charged with governance of the entity. Transactions that involve previously unidentified related parties or parties that do not have the substance or the financial strength to support the transaction without assistance from the entity under audit. Agenda Item 2D Page 15 of 68

16 13. transaction without assistance from the company, or any related party of the company; -The transaction lacks commercial or economic substance, or is part of a larger series of connected, linked, or otherwise interdependent arrangements that lack commercial or economic substance individually or in the aggregate (e.g., the transaction is entered into shortly prior to period end and is unwound shortly after period end); -The transaction occurs with a party that falls outside the definition of a related party (as defined by the accounting principles applicable to that company), with either party able to negotiate terms that may not be available for other, more clearly independent, parties on an arm's-length basis; -The transaction enables the company to achieve certain financial targets; Note: Paragraphs of Auditing Standard No. 14, Evaluating Audit Results, provide requirements regarding the auditor's evaluation of whether identified misstatements might be indicative of fraud.. Footnote 25A - Related parties or relationships or transactions with related parties previously undisclosed to the auditor includes, to the extent not -The transaction lacks commercial or economic substance, or is part of a larger series of connected, linked, or otherwise interdependent arrangements that lack commercial or economic substance individually or in the aggregate (e.g., the transaction is entered into shortly prior to period end and is unwound shortly after period end). -The transaction occurs with a party that falls outside the definition of a related party (as defined by the accounting principles applicable to that company), with either party able to negotiate terms that may not be available for other, more clearly independent, parties on an arm's-length basis. -The transaction enables the company to achieve certain financial targets. Guidance not necessary. Agenda Item 2D Page 16 of 68

17 disclosed to the auditor by management: (1) related parties; (2) relationships or transactions with known related parties; and (3) relationships or transactions with previously unknown related parties. Auditing Standard No. 18, Related Parties, requires the auditor to perform certain procedures in circumstances in which the auditor determines that related parties or relationships or transactions with related parties previously undisclosed to the auditor exist Note: The auditor considers management's disclosure regarding significant unusual transactions in other parts of the company's Securities and Exchange Commission filing containing the audited financial statements in accordance with AU sec. 550, Other Information in Documents Containing Audited Financial Statements. Footnote 25B - See paragraphs of Auditing Standard No. 14. AU sec. 316,Consideration of Fraud in a Financial Statement Audit (AS 2401) Risk Factors Relating to Misstatements Arising From Fraudulent Financial Reporting AU-C 240 Consideration of Fraud in a Financial Statement Audit Appendix A Examples of Fraud Risk Factors Opportunities Note is specific to issuers. Impact on PCAOB Standards: Conforming amendment Proposed amendment to GAAS: Yes Agenda Item 2D Page 17 of 68

18 A.2 The following are examples of risk factors relating to misstatements arising from fraudulent financial reporting. Opportunities a. The nature of the industry or the entity's operations provides opportunities to engage in fraudulent financial reporting that can arise from the following: - Related party transactions that are also significant unusual transactions (e.g., a significant related party transaction outside the normal course of business) - Significant transactions with related parties whose financial statements are not audited or are audited by another firm o Significant related-party transactions not in the ordinary course of business or with related entities not audited or audited by another firm - A strong financial presence or ability to dominate a certain industry sector that allows the entity to dictate terms or conditions to suppliers or customers that may result in inappropriate or non-arm's-length transactions - Assets, liabilities, revenues, or expenses based on significant estimates that involve subjective judgments or uncertainties that are difficult to corroborate - Significant, unusual, or highly complex transactions or significant unusual transactions, especially those The nature of the industry or the entity s operations provides opportunities to engage in fraudulent financial reporting that can arise from the following: Significant related party transactions not in the ordinary course of business or with related entities not audited or audited by another firm - Related party transactions that are also significant unusual transactions (e.g., a significant related party transaction outside the normal course of business) - Significant transactions with related parties whose financial statements are not audited or are audited by another firm A strong financial presence or ability to dominate a certain industry sector that allows the entity to dictate terms or conditions to suppliers or customers that may result in inappropriate or non-arm s-length transactions Assets, liabilities, revenues, or expenses based on significant estimates that involve subjective judgments or uncertainties that are difficult to corroborate Significant, unusual, or highly complex transactions or significant unusual transactions,, especially those close to period end that pose difficult "substance over form" questions Agenda Item 2D Page 18 of 68

19 close to period end, that pose difficult "substance-overform" questions - Significant operations located or conducted across international borders in jurisdictions where differing business environments and cultures exist - Significant bank accounts or subsidiary or branch operations in tax-haven jurisdictions for which there appears to be no clear business justification - Contractual arrangements lacking a business purpose b. There is ineffective monitoring of management as a result of the following: - Domination of management by a single person or small group (in a nonowner-managed business) without compensating controls - Ineffective board of directors or audit committee oversight over the financial reporting process and internal control - The exertion of dominant influence by or over a related party c. There is a complex or unstable organizational structure, as evidenced by the following: - Difficulty in determining the organization or individuals that have controlling interest in the entity Significant operations located or conducted across jurisdictional borders where differing business environments and regulations exist Use of business intermediaries for which there appears to be no clear business justification Significant bank accounts or subsidiary or branch operations in tax-haven jurisdictions for which there appears to be no clear business justification - Contractual arrangements lacking a business purpose The monitoring of management is not effective as a result of the following: Domination of management by a single person or small group (in a nonowner-managed business) without compensating controls. Oversight by those charged with governance over the financial reporting process and internal control is not effective. - The exertion of dominant influence by or over a related party The organizational structure is complex or unstable, as evidenced by the following: Agenda Item 2D Page 19 of 68

20 - Overly complex organizational structure involving unusual legal entities or managerial lines of authority Difficulty in determining the organization or individuals that have controlling interest in the entity - High turnover of senior management, counsel, or board members Overly complex organizational structure involving unusual legal entities or managerial lines of authority d. Internal control components are deficient as a result of the following: High turnover of senior management, legal counsel, or those charged with governance - Inadequate monitoring of controls, including automated controls and controls over interim financial reporting (where external reporting is required) - High turnover rates or employment of ineffective accounting, internal audit, or information technology staff Internal control components are deficient as a result of the following: Inadequate monitoring of controls, including automated controls and controls over interim financial reporting (when external reporting is required) - Ineffective accounting and information systems, including situations involving reportable conditions High turnover rates or employment of staff in accounting, IT, or the internal audit function who are not effective Accounting and information systems that are not effective, including situations involving significant deficiencies or material weaknesses in internal control Weak controls over budget preparation and development and compliance with law or regulation. 16. Auditing Standard No. 16, Communications with Audit Committees (As 1301) AUDITOR'S EVALUATION OF THE QUALITY OF THE COMPANY'S FINANCIAL REPORTING AU-C 260 The Auditor s Communication With Those Charged With Governance 12 The auditor should communicate with those charged with governance (Ref: par..a23) Impact on PCAOB Standards: Conforming amendment Agenda Item 2D Page 20 of 68

21 13. The auditor should communicate to the audit committee the following matters: a. Qualitative aspects of significant accounting policies and practices. 1. The results of the auditor's evaluation of, and conclusions about, the qualitative aspects of the company's significant accounting policies and practices, including situations in which the auditor identified bias in management's judgments about the amounts and disclosures in the financial statements;21/ and 2. The results of the auditor's evaluation of the differences between (i) estimates best supported by the audit evidence and (ii) estimates included in the financial statements, which are individually reasonable, that indicate a possible bias on the part of the company's management.22/ b. Assessment of critical accounting policies and practices. The auditor's assessment of management's disclosures related to the critical accounting policies and practices, along with any significant modifications to the disclosure of those policies and practices proposed by the auditor that management did not make. c. Conclusions regarding critical accounting estimates. The basis for the auditor's conclusions regarding the reasonableness of the critical accounting estimates.23/ a. the auditor s views about qualitative aspects of the entity s significant accounting practices, including accounting policies, accounting estimates, and financial statement disclosures. When applicable, the auditor should (Ref: par..a24.a25) i. explain to those charged with governance why the auditor considers a significant accounting practice that is acceptable under the applicable financial reporting framework not to be most appropriate to the particular circumstances of the entity and ii. determine that those charged with governance are informed about the process used by management in formulating particularly sensitive accounting estimates, including fair value estimates, and about the basis for the auditor's conclusions regarding the reasonableness of those estimates. b. significant difficulties, if any, encountered during the audit. (Ref: par..a26) c. disagreements with management, if any. (Ref: par..a28) d. other findings or issues, if any, arising from the audit that are, in the auditor s professional judgment, significant and relevant to those charged with governance regarding their responsibility to oversee the financial reporting process. (Ref: par..a27) Proposed amendment to GAAS: See agenda material for AS 16. Agenda Item 2D Page 21 of 68

22 d. Significant unusual transactions. The auditor's understanding of the business rationale for purpose (or the lack thereof) of significant unusual transactions.24/ e. Financial statement presentation. The results of the auditor's evaluation of whether the presentation of the financial statements and the related disclosures are in conformity with the applicable financial reporting framework, including the auditor's consideration of the form, arrangement, and content of the financial statements (including the accompanying notes), encompassing matters such as the terminology used, the amount of detail given, the classification of items, and the bases of amounts set forth.25/ f. New accounting pronouncements. Situations in which, as a result of the auditor's procedures, the auditor identified a concern regarding management's anticipated application of accounting pronouncements that have been issued but are not yet effective and might have a significant effect on future financial reporting. g. Alternative accounting treatments. All alternative treatments permissible under the applicable financial reporting framework for policies and practices related to material items that have been discussed with management, including the ramifications of the use of such alternative disclosures and treatments and the treatment preferred by the auditor.26/ Agenda Item 2D Page 22 of 68

23 Footnote 25- See paragraphs of Auditing Standard No. 14, which describe the auditor's responsibilities related to the evaluation of whether the financial statements are presented fairly, in all material respects, in conformity with the applicable financial reporting framework. Other PCAOB standards, such as AU sec. 334Auditing Standard No. 18, Related Parties, and AU sec. 341, The Auditor's Consideration of an Entity's Ability to Continue as a Going Concern, describe the auditor's responsibilities related to evaluation of specific disclosures in financial statements. 17. Auditing Standard No. 12, Identifying and Assessing Risks of Material Misstatement (AS 2110) 13. The following matters, if present, are relevant to the necessary understanding of the company's selection and application of accounting principles, including related disclosures: AU-C 315 Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement.A35 An understanding of the entity s selection and application of accounting policies may encompass such matters as Impact on PCAOB Standards: Conforming amendment for use of significant unusual transactions principles, financial reporting policies, or disclosures and the reasons for such changes; involved in selecting and applying significant new or complex accounting principles; used in the application of significant accounting the methods the entity uses to account for significant and unusual transactions the effect of significant accounting policies in controversial or emerging areas for which a lack of authoritative guidance or consensus exists. significant changes in the entity s accounting policies and disclosures and the reasons for such changes. Proposed amendment to GAAS: Yes. Agenda Item 2D Page 23 of 68

24 principles, especially in determining management's estimates and assumptions; significant accounting principles in controversial or emerging areas for which there is a lack of authoritative guidance or consensus; significant and unusual transactions; and account for significant transactions that are outside the normal course of business for the company or that otherwise appear to be unusual due to their timing, size, or nature ("significant unusual transactions");7a/ and Financial reporting standards and laws and regulations that are new to the company, including when and how the company will adopt such requirements. financial reporting standards, and laws and regulations that are new to the entity and when and how the entity will adopt such requirements. the financial reporting competencies of personnel involved in selecting and applying significant new or complex accounting standards. [Paragraph renumbered by the issuance of SAS No. 128, January 2015.] Agenda Item 2D Page 24 of 68

25 18. Auditing Standard No. 12, Identifying and Assessing Risks of Material Misstatement (AS 2110) 71. Factors that should be evaluated in determining which risks are significant risks include: AU-C 315 Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement Impact on PCAOB Standards: Conforming amendment a. The effect of the quantitative and qualitative risk factors discussed in paragraph 60 on the likelihood and potential magnitude of misstatements; b. Whether the risk is a fraud risk; Note: A fraud risk is a significant risk. c. Whether the risk is related to recent significant economic, accounting, or other developments; d. The complexity of transactions; e. Whether the risk involves significant transactions with related parties; f. The degree of complexity or judgment in the recognition or measurement of financial information related to the risk, especially those measurements involving a wide range of measurement uncertainty; and g. Whether the risk involves significant unusual transactions. Whether the risk involves significant transactions that are outside the normal course of business for the company or that otherwise appear to be unusual due to their timing, size, or nature..29 In exercising professional judgment about which risks are significant risks, the auditor should consider at least a. whether the risk is a risk of fraud; b. whether the risk is related to recent significant economic, accounting, or other developments and, therefore, requires specific attention; c. the complexity of transactions; d. whether the risk involves significant transactions with related parties; e. the degree of subjectivity in the measurement of financial information related to the risk, especially those measurements involving a wide range of measurement uncertainty; and f. whether the risk involves significant unusual transactions that are outside the normal course of business for the entity or that otherwise appear to be unusual. (Ref: par..a139.a143).* *FN See paragraph.11 of section 240 for the definition of significant unusual transactions Proposed amendment to GAAS: Yes to change significant transactions that are outside the normal course of business for the entity or that otherwise appear to be unusual to significant unusual transactions Agenda Item 2D Page 25 of 68

26 19. Auditing Standard No. 12, Identifying and Assessing Risks of Material Misstatement (AS 2110) 73A. The auditor should obtain an understanding of the controls that management has established to identify, authorize and approve, and account for and disclose significant unusual transactions in the financial statements, if the auditor has not already done so when obtaining an understanding of internal control, as described in paragraphs and of this standard. AU-C 315 Understanding the Entity and Its Environment and Assessing the Risks of Material Misstatement.30 If the auditor has determined that a significant risk exists, the auditor should obtain an understanding of the entity s controls, including control activities, relevant to that risk and, based on that understanding, evaluate whether such controls have been suitably designed and implemented to mitigate such risks. (Ref: par..a144.a146) Impact on PCAOB Standards: Incremental specific requirement Proposed amendment to GAAS: No. Par. 29f and par. 30 lead the auditor to understand the controls over significant risks that arise from significant unusual transactions; no performance difference 20. Auditing Standard No. 13, The Auditor's Responses to the Risks of Material Misstatement (AS 2301) 11. For significant risks, the auditor should perform substantive procedures, including tests of details, that are specifically responsive to the assessed risks. Note: Auditing Standard No. 12 discusses identification of significant risks10/ and states that fraud risks are significant risks. 11A. Responding to Risks Associated with Significant Unusual Transactions. Paragraph 71.g. of Auditing Standard No. 12 indicates that one of the factors to be evaluated in determining significant risks is whether the risk involves significant unusual AU-C 330 Performing Audit Procedures in Response to Assessed Risks and Evaluating the Audit Evidence Obtained.22 If the auditor has determined that an assessed risk of material misstatement at the relevant assertion level is a significant risk, the auditor should perform substantive procedures that are specifically responsive to that risk. When the approach to a significant risk consists only of substantive procedures, those procedures should include tests of details. (Ref: par..a58).a58 Paragraph.22 requires the auditor to perform substantive procedures that are specifically responsive Impact on PCAOB Standards:.Incremental specific requirement to AS 13 in response to amendment to AU-C 316. Proposed amendment to GAAS: Add as application material to A58 and make A58 a new paragraph. Agenda Item 2D Page 26 of 68