On May 24, 2007 the Public Company Accounting Oversight Board (PCAOB) in the United States released Audit Standard #5 (AS 5), which supersedes Audit Standard #2 (AS 2). AS 5 is a very important development in the Sarbanes Oxley rules and regulations in the United States, and because of the interrelationship between many Canadian and U.S. companies, has implications for Canada as well. Essentially the PCAOB has taken into consideration feedback from various stakeholders since the implementation of SOX 404, and is now seeking to remedy some of the more onerous requirements.
The key changes can be summarized are as follows:
• Elimination of the requirement for external auditors to perform a separate audit and provide an opinion on management’s assessment of their internal control design and effectiveness. This means that the onus is fully on company management to ensure that internal controls are adequate.
• Top down risk assessment / Entity Level Controls – AS # 5 paves the way for reviewing the financial statements from the top down, identifying risks at the consolidated level, and then emphasizing Entity Level Controls as way of mitigating risks.
Implications for Canada – the CSA and OSC decided in 2006 that the external audit opinion over internal control design and effectiveness would not be required in Canada. At the time, some observers felt that Canadian standards were not as rigid as the US, and that was true. However, Canadian regulators were concerned about the overall burden of this second audit opinion, and elected to pursue a course of action that essentially required compliance with all other aspects of SOX. The expectation was that Canadian companies would be responsible corporate citizens and “step up to the plate” in terms of strong corporate governance, without the need for the second audit opinion. With AS #5, the U.S. is essentially following the Canadian model more closely, and therefore the level of internal control oversight regulations between the two countries has become much more aligned.
Entity Level Controls have become more important, as ELC’s can be used to further mitigate controls in other areas, providing the opportunity for enhancing effectiveness and efficiency in SOX projects.
My opinion is that the regulators are attempting to strike the correct balance between cost and benefit – a natural evolution for SOX. It demonstrates that regulators continue to be very serious about internal controls, but at the same time recognize that there are practical implications and realities. It is also validation that Canadian regulators were on the correct path.
Edelkoort | Smethurst | Schein CPAs LLP is located in Burlington Ontario servicing the Golden Horseshoe and Greater Toronto Area and beyond. The firm is fully licensed with CPA Ontario to provide assurance, tax and accounting services as well as registered as tax preparers with the Canada Revenue Agency (CRA) & Internal Revenue Service (IRS). The firm is also registered as an IRS Certified Acceptance Agent.
All blog posts published on this site are for informational purposes only and do not constitute professional advice. Readers should contact a professional to discuss their individual situation. Neither the author or the accounting firm shall accept any liability for any reliance placed on the information posted.