Yesterday's blog post from Jim Peterson (Re:Balance) excoriated the PCAOB for proposing to require audit firms to disclose the names of the responsible engagement partners. Jim claims that the PCAOB is wasting its time: the name of the engagement partner is not relevant information to sophisticated users of financial statements; it's one more piece of information that the average investor won't attend to; and it would only fuel the fires of the "unremitting critics of the profession."
Yesterday, I might have been inclined to agree with Jim; but today, I don't. For today brought news (here, here and here) that PCAOB inspectors had concluded (in 2008) that Deloitte & Touche's quality control system was flawed, and that the firm still has not corrected the problem. Specifically, the inspectors found too many instances were DT auditors placed too much reliance on management's representations – what some would derisively call "auditing by inquiry" – without adequately testing the accuracy of those representations.
Based on what I have read so far, here is what I think an investor is entitled to know in a timely manner, and which has never been disclosed:
- Which companies were affected by the allegedly flawed audits?
- Who were the responsible engagement partners?
- Were the responsible engagement partners disciplined or re-trained in any way?
- Which other audits could be flawed because the responsible engagement partners were involved?
Unfortunately, my entire line of questioning falls apart at the beginning because of the PCAOB's longstanding (and controversial) policy of not identifying the companies affected when its inspectors have identified a flawed audit.
And, as for timeliness, I have one more question: The original Part I of the PCAOB report was issued in May 2008. By law, DT had until May 2009 to remedy the problems and in doing so, keep them confidential. Thus, the PCAOB could have issued the report it issued yesterday 30 months earlier. What took them so long?
If the PCAOB truly wants the naming of responsible engagement partners to have information and deterrent value, it needs to be more forthcoming itself about the results of its inspections, and to publish the information in a timely manner.