Today, the Securities and Exchange Commission is considering whether to approve a final standard regarding the quality control systems of audit firms. I am pleased to approve this standard because it will improve the quality control systems of auditors, and thus better protect investors.
Without high-quality audits, investors won’t receive complete and truthful financial disclosures. Without strong quality control systems, auditors can't consistently conduct high-quality audits.
Nearly 70 years after the stock market crash of 1929, our financial system was once again breaking down. Fraud in financial reporting and accounting eventually led to historic bankruptcies, such as Enron and WorldCom.
Congress responded by passing the Sarbanes-Oxley Act of 2002. Their vision led to reforms establishing the Public Company Accounting Oversight Board (PCAOB) as an independent watchdog over the auditors of public companies and registered broker-dealers.
Previously, auditing standards were set by the American Institute of Certified Public Accountants (AICPA), a professional association. The profession was writing its own rules. That’s an inherent conflict. To correct course, the PCAOB was tasked with setting enhanced auditing standards. The expectation was that the Board would produce a more appropriate set of standards going forward.
The existing PCAOB quality control standards, however, are still those that were carried over twenty-two years ago from the AICPA on an interim basis.
The auditing profession has changed in the 21st century, and the Amendments we are considering today are long overdue. To put in context how important it is to update the quality control standards, the PCAOB found that 46 percent—nearly half—of the auditing engagements it reviewed in 2023 fell short of obtaining sufficient appropriate audit evidence.[1]
An auditing firm is ultimately a professional services firm, and it needs to ensure the quality of the services it provides. Those who rely on the auditors' professional opinion must be able to trust that opinion. That trust, though, is based on the assumption that the firm has strong quality control. It's important, therefore, that firms have a system in place to ensure quality control.
Today’s proposed standard achieves that goal in four ways.
First, the proposed standard requires firms to proactively identify and manage risks within their quality control systems.
Second, the proposed standard reinforces the risk-based requirements by requiring ongoing monitoring and remediation—thus, driving continuous improvement.
Third, the standard holds the firm’s leadership accountable in the event of quality control shortfalls.
Finally, the standard has varying requirements that differ based upon the size and nature of the firm’s audit practice — thus, it's not one-size-fits-all. For instance, while all firms have to design a quality control system, only those that perform engagements under PCAOB standards are required to implement and operate the QC system. Firms would also have flexibility in how they achieve the required quality control objectives.
Meanwhile, the 13 largest firms that annually issue audit reports for over 100 issuers are required to have one or more independent persons evaluate the firm’s significant judgments and conclusions on the effectiveness of its QC system.
Twenty-two years after the passage of Sarbanes-Oxley, I’m proud to support the PCAOB’s proposed changes to instill greater trust among investors and issuers in our markets.
I would like to thank the staff and Board members of the PCAOB for their diligent work on these matters.
I’d also like to thank members of the SEC staff for their work on this proposal, including:
- Paul Munter, Natasha Guinan, Anita Doutt, Shaz Niazi, Keith Hooper, Erin Nelson, Mai-Khoi Nguyen-Thanh, Taylor Pross, Jeanne Riggs, and Shana Wolfson in the Office of the Chief Accountant.
- Megan Barbero, Bryant Morris, Peggy Kim, Dominick Freda, Eduardo Aleman, Rachel McKenzie, and David Russo in the Office of the General Counsel.
- Jessica Wachter, Lauren Moore, Oliver Richard, Charles Woodworth, Lyndon Orton, Vladimir Ivanov, Rebecca Orban, and Mengxin Zhao in the Division of Economic and Risk Analysis.
- Charles Wright, Kristen Pauley, and Ryan Wolfe in the Division of Enforcement.
- Jenson Wayne, Michael Republicano, Nicolina McCarthy, and Meghan Ryan in the Division of Investment Management.
- Diane Marciano-Fritz and Sarah Lowe in the Division of Corporation Finance.
- Emily Russell, John Fahey, Tim Fox, and Thomas McGowan in the Division of Trading and Markets.
- Vanessa Countryman, Matthew DeLesDernier, Kesha Hardin, Naomi Perry Lewis, and Crystal Wilson in the Office of the Secretary.
[1] See PCAOB, “Staff Update on 2023 Inspection Activities,” (August 2024), available at https://assets.pcaobus.org/pcaob-dev/docs/default-source/documents/staff-update-2023-inspection-activities-spotlight.pdf?sfvrsn=2afb0f25_2. In Fig. 1a, 46% represents engagements that have or are expected to have one or more comment forms that will be included in Part I.A of the inspection report.