Please ensure Javascript is enabled for purposes of website accessibility

Critical Audit Matters: The Games Are On

As a guest here recently I took a look at the accumulating experience with extended auditors’ reports—the additional paragraphs that under international standards describe key audit matters (aka critical audit matters under the Public Company Accounting Oversight Board’s standards in the United States).

There I noted a major gap—nobody has yet asked whether investors actually pay any attention or give any value to the extra verbiage, while the evidence builds that they do not, notably the lack of indicative share price moves at Steinhoff Group in South Africa and the U.K.’s Thomas Cook.

If investors show no real concern for KAMs and CAMs, who does—and is auditor behavior affected?

With those questions open, studies are emerging on the first wave of U.S. CAMs. Examples include Deloitte this summer, on 52 large companies with fiscal years ending on June 30, 2019; a second in September by Audit Analytics that looked at 65 large-company filings, followed up and expanded in November; and a third reported in November by Accountancy Europe, summarizing the recent experiences with KAMs in Europe.

The Deloitte study and its commentary focused on the substance of the CAMs—the most common are goodwill and intangibles (35%), revenue (19%), and income taxes (15%)—headline subjects also observed by Audit Analytics.

As a topic for a day to come, it may be safely predicted that another year of experience will confirm these early indications of herding toward a converged set of common CAMs, and a booming bull market in boilerplate language. Meanwhile, there are implications simply in the number of reported CAMs and the potential for gaming involved—something worthy of attention by students of the dynamics between large-company auditors and the PCAOB.

The Deloitte study reported an average of 1.8 CAMs for each reporting company, with a distribution ranging from none at all or only one to an outlying maximum of seven or eight—figures consistent with the Audit Analytics finding of 1.9 each and the average of just over two each for the 20 largest U.S. companies reported.

For the auditors themselves, the simple question of optimal CAM frequency has salience at each of two stages—both when a company blows up in scandal, and also as the auditors go through the antagonistic process of PCAOB inspection. The first is because when challenged in a courtroom, the entire CAM process will have generated hostages to the auditors’ fortune and a litigation nightmare, with hostile lawyers pressing the perpetual question, “Where were the auditors?”

That disputing will likely trace to one of the typically common CAM topics—goodwill and intangibles (see Steinhoff), or the legitimacy of revenue (see Under Armour), or the vexed question whether and when an audit report should have been qualified (see Thomas Cook). Closing jury arguments will be built on one of two themes:

  • If a CAM had been issued: “They saw it, they addressed it, and they still botched it.”
  • Or if not, on the other hand, a back-footed auditor defending a report with few CAMs or none would be called to answer for a client’s fraudulent concealment: “There were billions in falsified transactions—how could they have missed them all?”

In the second case, although the level of PCAOB compliance might be thought of quotidian nuisance, there is the unfortunate frequency of inspected firms to manipulate their working paper files ahead of the inspectors—all the way to the prison-bound criminality involved in the theft of PCAOB inspection lists by personnel of KPMG.

As played straight most of the time, however, the auditors’ CAM counts will be relevant in handling inspections, where commentators since Sarbanes Oxley’s enactment in 2002 are recognizing that box-ticking and checklist fulfillment now rule (see here and here).

In that context, “zero findings” would plainly be the wrong answer. A PCAOB inspector would be understandably incredulous over a public-company audit where nothing rose to CAM-level significance. Likewise, the presentation of only a single CAM would open the auditor to a nitpicker’s prodding: “Out of all the issues you looked at, why only this one?”

Too many CAMs, of course, would provoke a different inspection issue—triggering the familiar maxim, “if everything is important, then nothing is important.”

A Goldilocks strategy emerges—firms will identify two CAMs at least, maybe three at most. Those numbers avoid the tail risks—too many or too few—while the inspectors can be entangled in extended discussions over competing priorities and resources, the interest level and reading tolerance of investors, and the length and complexity of audit reports. The gaming of that process and the accompanying negotiations can be prolonged until all players are cross-eyed with boredom and fatigue.

The result? Three or four years from now, a bright young PhD candidate will have an assured research topic and a glide-path along the tenure track, by compiling experiences under the rubric, “Who ever thought CAMs were a good idea?”

Jim Peterson is a 19-year veteran of Arthur Andersen’s internal legal group. He has been writing about the accounting firms and the Big Audit model since 2002, on his blog, Re:Balance, and in his two books, “Count Down: The Past, Present and Uncertain Future of the Big Four Accounting Firms” (2d ed. 2017) and, just released this May, “DOA: Can Big Audit Survive the UK Regulators?”

Related article:

Critical Audit Matters: Does Anybody Care?