About the Panelists
Wesley Bricker, chief accountant at the SEC’s Office of the Chief Accountant; Kyle Moffatt, chief accountant at the SEC’s Division of Corporation Finance; and Matt Jacques, chief accountant at the SEC’s Division of Enforcement, were the panelists. Norman Strauss,distinguished lecturer of accountancy at Baruch College, moderated the panel.
The following is an edited and condensed summary of the panel discussion. The views expressed are the panelists’ own personal views and not necessarily those of their employers or those employers’ boards, management, or staff.
The panel began with Bricker giving an update on the Office of the Chief Accountant’s (OCA) activities, starting with some vital statistics. Consultations, he said, are down, which he attributed to the completion of implementation for the new revenue recognition standard. The top five topics for consultations are revenue, consolidations, income taxes (due largely to the effects of the new tax law), financial assets, and long-lived assets. He also described a “very consistent flow of consultations” on auditor independence matters. Bricker stressed the availability of consultation for auditors, firms, and audit committees, saying, “Getting auditor independence right the first time is a way of avoiding a very costly remedial effort in that area.”
Bricker then touched on international accounting topics, saying that the OCA continues to work with both the IASB and the IFRS Foundation, particularly its monitoring board, to “keep the fundamentals [of financial reporting] in clear view” during the standards setting process. “Financial reporting is the bedrock of our capital market system,” Bricker said. “We can’t be siloed about this and disregard the activities that occur internationally because they are a strong influence in the quality of financial reporting that underpins investment decisions that are made in the United States.”
The OCA, Bricker continued, has also continued to engage with audit committees, focusing on their effectiveness in ensuring the quality of audits. “Maintaining integrity in financial reporting as the underlying environment is subject to change is absolutely important,” Bricker said. Audit committees are also integral to auditor independence on multiple fronts, including hiring and firing, risks related to opinion shopping, and fee negotiations. “Fee setting is the statutory oversight responsibility of the audit committee,” Bricker noted, “the auditor fee setting discussion is generally not one that’s suitable to go through a corporate procurement process.”
Moffatt then spoke on the activities of the Division of Corporation Finance (DCF). He said that the DCA’s accounting staff spends the bulk of their time on rulemaking. “We also act as counsel to the staff in the division when they have questions.” Another significant portion of the DCF’s work is handling Rule 313 requests to waive filing of financial statements in special circumstances, particularly in the case of Rule 305 filings for required businesses.
Finally, Jacques detailed the day-to-day doings of the Division of Enforcement (DOE). Accountants in the DOE support the SEC’s attorneys in investigations, not only in cases involving financial statements, but also in matters such as securities fraud, insider trading, and disclosure of foreign assets. “Every investigation is different,” Jacques said, highlighting the care and attention to detail needed to do the job right. The DOE also interacts frequently with the OCA and the DCF, he said.
Auditor independence, Jacques continued, is a focus of the DOE. “It’s fundamental to the financial statement process to have the independent auditor in there,” he said, continuing, “it’s equally important for the auditor to be independent in fact and appearance.” Like Bricker, Jacques stressed the availability of consultations with the SEC for auditors and filers, saying, “If you’re faced with a question that you’re spending time on, you should take advantage of that. A little bit of upfront work and extra consultation can save a lot of people a lot of pain and heartache.”
Bricker then turned the conversation to more specific topics, beginning with internal controls over financial reporting (ICFR), which he said are “key to implementing successfully the new GAAP standards” [i.e., leases, revenue recognition, current expected credit losses]. He stressed the importance of beginning the process with a clear understanding of the risk involved. “If the audit team and the management team skip the conversation early in the audit cycle about risk assessment and risk, it increases the likelihood of a missed conversation later in the cycle, potentially with the consequence of deficiencies late in the cycle,” he said.
Disclosure controls and procedures regarding items such as non-GAAP measures and key performance indicators, important elements of investor communication, Bricker said. “I think it’s always a good idea, if not essential, for a company to have a good policy in place that defines and describes the non-GAAP measures and key performance indicators. It’s that policy that enables the accountants at all levels of the organization to understand how they should do their job and what to do when errors or mistakes are identified.” It is also important to set expectations about materiality and consistency with regard to both non-GAAP and nonfinancial measures.
Jacques added an anecdote about a joint action against four issuers who failed to maintain proper ICFR for up to 10 years. He then said that “if an issuer is sitting on a significant deficiency or material weakness and failing to remediate that over a period of time, that’s an aggravating factor when we’re looking at a misstatement in that area. Too often I see those significant deficiencies just sit there and not get the remediation that they deserve. … That’s a potential ticking time bomb.”
New Accounting Standards
Turning to the subject of new accounting standards, Bricker brought up Statement of Financial Accounting Standards 5, Accounting for Contingencies. “This is an area where many accountants make difficult disclosure judgments,” he said, “so it’s important to have a well-developed internal control framework built around that.” Disclosure of risk or liability associated with asbestos is an example of a long-dated liability that represents significant underlying risk.
“On a topic like that, notwithstanding its complexity, it’s important to apply the framework so that investors are well informed about the nature of the contingency and the nature of recognition of the contingency within the financial statements,” Bricker said. Moffatt discussed the DCF’s approach to the professional judgment required by the new standards. “Any time the staff is dealing with something that requires significant judgment, they’re going to look at it. If it’s a new rule or a new standard, they’re going to look at it,” Moffatt said. “We would look out there, see what was out in the public space, understand what the peers were doing, what their exposures were.”
Bricker noted that even long-term liabilities represent real cash obligations: “Understanding cash obligations is really important to understanding the long-term risks associated with those investments.” “From an enforcement angle, this is obviously an area where we spend time on appropriate, contemporaneous documentation,” Jacques added, “that’s an area in particular where I think everybody benefits by putting down clearly, candidly, what the thought process was at the time.” Moffat also encouraged issuers and practitioners to reach out to his office or the relevant assistant director’s office on any questions regarding the new leasing standard and non-GAAP presentation.
The New Auditor Reporting Model
Bricker then discussed the OCA’s efforts surrounding the PCAOB’s new model for auditor reporting, specifically the upcoming second phase of implementation, which will deal with critical audit matters (CAM). “Level of planning was and is important to successful implementation of this standard,” he said, adding that the objective of such planning should be to foster consistency in communication to investors from management, the audit committee, and the auditor. In this “trio of voices,” each communicates a different, important perspective on the financial statements, and thus they need to work out any material areas of disagreement before the statements are filed; early discussion, Bricker said, facilitates this.
Moffatt said that the DCF has received many questions about CAMs. Some issuers taken the view that, because the PCAOB will be examining CAMs closely, the SEC will not; Moffatt clarified that this is not the case. “This is a new rule, a new standard; the staff will look at it,” he said. “I can imagine that this is going to be at the top of their list when they open the filing, at least for large accelerated filers.” He added that the staff has been “reviewing these filings in these industries for years. They know what to expect. They know what companies should and shouldn’t be doing.”
Strauss then asked Jacques whether the DOE will be adopting a wait-and-see approach to enforcements related to CAMs. Jacques replied that, as with past changes, while the DOE will not immediately jump into investigating CAMs, neither will it hold off if it sees a particularly suspect case. Bricker added that the fundamental point of making sure everything described in the audit report is accurately represented in the file remains true.
Technology and Cybersecurity
Regarding how the changing pace of technology affects regulation and financial reporting, Bricker pointed to the SEC’s new Strategic Hub for Innovation and Financial Technology [FinHub], which provides stakeholders with a place to approach the SEC on technology-related topics, such as cryptocurrency. He also noted that audit committees need to understand how technology is incorporated into financial reporting to understand the risks it entails. This is especially true with regard to cybersecurity, Bricker said, before inviting Jacques and Moffatt to expand upon that topic.
Jacques reiterated the importance of having policies and procedures in place that notify people up the chain when a cyberevent takes place, just as with any other material event in the reporting process. He noted that in some cases, other regulators may be involved who do not want to draw attention to the event right away, but said that the SEC is available and willing to work with filers on such issues.
Moffatt added that, as with other matters, the key thing is that the disclosures are timely and accurate. He cited a 21A report the DCF issued on cyberbreaches and hacking that illustrates the division’s opinion on the matter.
As a final point, Bricker added that “when there’s a breach, it’s important to follow that through and understand the root cause. That root cause may lead to identifying weaknesses within the financial reporting system, even if the breaches occurred within an operational system. Understanding the root causes and what they reveal about the strength of the control environment is a really important step in navigating through follow-up considerations.”
Jacques then discussed non-GAAP reporting and nonfinancial measures. From the DOE’s experience, he said, “The diversity of understanding is wide, and I think there may be some false assurance out there.” He encouraged auditors to hold conversations clarifying their role in the reporting of non-GAAP measures, especially as these measures become more prominent.
Continuing, Jacques affirmed that non-GAAP measures are “a useful tool,” but only if they are accurate, consistent, and fully disclosed. “If there are changes, “ he said, “disclosing those changes is critical to investors being able to rely on them.” Jacques believes that “more candid and clear conversations, and some alignment of expectations, particularly for auditors with their audit committees, would be very helpful in this space.”
While the DCF generally leaves looking at non-GAAP measures to the DOE, egregious cases that attempt to mislead financial statement users will still raise red flags. “I think that’s very important to keep in mind when you have these situations,” Moffat remarked, “we understand that this information is not audited but auditors are at least paying attention to what’s being presented. From our perspective, I think the ultimate driver of any comments we issue, or enforcement being involved, is: ‘Is it misleading?’ It’s not an easy area,” he said, “but we definitely make sure that a number of people have weighed in before we object or, alternatively, tell folks to provide more detailed disclosures.”
Bricker added that it is important for non-GAAP measures not to be more prominent than GAAP measures. “It’s also important to keep in mind that non-GAAP and key operational measures fit into the overall package of communication to investors,” he said. “What we insist upon is, to the extent that non-GAAP is voluntarily reported, that it have integrity; that it’s accurate, materially accurate; that it’s consistent, period, unless there’s the disclosure that lets investors know that there’s been a change. Those are fundamental concepts.” He also added that “operational measures reflect actions, not economic value. It’s a helpful supplement to financial reporting, which reflects economic value in the end.”
Recruiting the Next Generation
Finally, Jacques spoke on the need to recruit new accountants into the profession, urging practitioners to take up the mantle of recruiter when they speak to college and high school students, as well as other people. “Accounting is the language of business,” he said, adding, “It makes my life easier if we have good accountants, because there’s usually less bad things to investigate.”
Strauss then opened the floor to questions from the audience. One audience member asked about the IASB’s project on updating management’s discussion and analysis (MD&A), asking whether the SEC is monitoring those efforts or preparing its own guidance on the topic. Moffatt replied that while some projects may touch on MD&A, there is no current project specifically targeting it. “I don’t think people have identified it as something that needs to be fixed today,” he said.
Bricker added that “there is an important area for management to communicate how they have created value and to include that information in MD&A. That’s well within our existing rule set. One way they can do that is by thinking about good practices, other standards, other frameworks in complying with our MD&A rules. But I don’t think we’re at a point of reducing choice at this stage in the preparation of MD&A. That is, we’ll continue to focus on compliance with existing MD&A rules, which require disclosure of business outlook, capital resources, and how those capital resources have been deployed within the business.”