ASIC calls for increased powers to address ‘major accounting failures’

Australia may need to follow the path of other jurisdictions such as the USA and UK and introduce greater powers for regulators to act on poor culture and governance in accounting and audit firms, ASIC has said in a recent submission.

ASIC told the Parliamentary Joint Committee on Corporations and Financial Services that several international jurisdictions have increased regulation of auditing and accounting firms.

The UK government began consultation on improving the UK’s audit, corporate reporting and corporate governance systems in March 2021.

“Since then, the UK Government has proposed the establishment of an Audit, Reporting and Governance Authority (replacing and expanding on the role of the current UK regulator, the Financial Reporting Council), and has also recently announced an update to the UK Corporate Governance Code,” the submission said.

ASIC also noted that the USA has also previously taken action to address major failures in corporate accounting following the collapse of Enron and WorldCom in the early 2000s.

US Congress enacted the Public Company Accounting Reform and Investor Protection Act of 2022 to improve auditing and public disclosure by audit firms.

“The Sarbanes-Oxley Act established the Public Company Accounting Oversight Board (PCAOB) and, relevantly, empowers it to conduct investigations and disciplinary proceedings concerning registered accounting firms (and associated persons) for violations of the law, including professional standards, and to take disciplinary action for those violations,” the submission stated.

Since these changes, international regulators with the power to register audit firms have acted on poor culture and governance, ASIC said.

The US Public Company Accounting Oversight Board (PCAOB), for example, sanctioned KPMG Australia for cheating on mandated training by censuring it, imposing a US$450,000 civil penalty, and requiring KPMG to undertake certain remedial actions because KPMG violated PCAOB rules and quality control standards.

The US Securities and Exchange Commission (SEC) fined EY US $US100 million ($144 million) after finding dozens of EY US audit personnel had cheated on the ethics portion of the US Certified Public Accountant exam and that the firm had misled regulators probing the conduct. •

The PCAOB fined PricewaterhouseCoopers LLP Canada US$750,000 ($900,000) for having faulty quality control standards that allowed more than 1,200 professionals to cheat on internal training courses.

“ASIC is unable to take this kind of action on audit firms’ poor culture and governance. Unlike the US, the Australian quality management standard is an auditing standard under the Corporations Act and ASIC can only act against a lead audit partner for non-compliance with an auditing standard in the conduct of an individual audit.

“Further, ASIC registers individuals as Registered Company Auditors (not audit firms) and ASIC has no ability to act against a firm or staff of a firm who are not RCAs for misconduct related to culture and governance.”

The corporate regulator said while there is no legislative requirement for ASIC to undertake proactive surveillance of financial reports and audits, it has conducted financial report surveillance since 1991.

“The objective of our surveillance is to promote confident and informed participation by investors and consumers in the financial system, through high-quality financial reports and audits,” the submission said.

ASIC defends decision to cut back surveillance of company audits

The corporate regulators also defended its decision to combine the surveillance of financial reports and audits under one function, following a review.

“ASIC decided to adopt a risk-based, targeted approach by combining our surveillance of financial reports and audit. This includes utilising greater intelligence capabilities to identify potentially deficient financial reports for review,” it said.

“After our review, we engage with the relevant company and if problems with the financial report are confirmed, we then conduct surveillance on the relevant company’s audit. This is partly because we have found there is a strong link between problems in a financial report and the quality of audit work that was undertaken.”

ASIC acknowledged that its new approach would result in a smaller number of audit files being reviewed but said it would ensure that ASIC’s focus is on the files that are more likely to cause harm to investors and consumers.

“A targeted approach also represents a more effective use of our resources, which have declined in real terms in recent years,” it said.