Facebook-f Twitter Youtube Linkedin Instagram Tiktok

Auditors and Compliance: Part 2 – Ten Key Takeaways for Compliance Professionals

The PCAOB’s recent information release, SPOTLIGHT Auditor Responsibilities for Detecting, Evaluating, and Making  Communications About Illegal Acts, is a critical guide for compliance professionals. The SPOTLIGHT sets out the role of auditors in assessing a company’s compliance with laws and regulations, particularly how auditors must identify, evaluate, and communicate potential illegal acts. However, for compliance officers, the SPOTLIGHT highlights areas where compliance and audit functions intersect and emphasizes collaboration’s importance to maintaining regulatory adherence and upholding financial integrity. Yesterday, we reviewed the roles and duties assigned to auditors. Today, we will dive into the 10 key takeaways for compliance professionals, outlining what they need to know to align their efforts with audit processes and effectively support their organization’s commitment to compliance.

  • Understand the Auditor’s Role in Identifying Illegal Acts

Auditors have a duty to detect and evaluate illegal acts that could materially impact a company’s financial statements. This includes assessing the potential effect of any illegal activity on the company’s financials and reporting these issues to management, the audit committee, and sometimes to the SEC. Compliance professionals need to understand this role to support auditors in fulfilling these obligations, especially by maintaining a strong compliance program that actively monitors regulatory adherence. Compliance should ensure that internal policies align with PCAOB standards and legal requirements, helping auditors conduct a thorough risk assessment as part of their evaluation.

  • Maintain Transparent and Open Communication Channels

Transparency and open communication are vital for a successful compliance-audit relationship. Auditors depend on information from management, the audit committee, and legal counsel to identify and evaluate potential violations. Compliance professionals should facilitate open communication with auditors and provide timely access to relevant information. This includes documentation from internal investigations, responses to auditor inquiries, and any corrective actions taken to address potential illegal acts. Proactively sharing information about compliance efforts demonstrates a commitment to ethical practices and supports auditors’ work to provide an accurate assessment of the company’s financial statements.

  • Foster a Strong Internal Reporting Culture

Auditors must inquire about complaints and tips, including those from whistleblower programs. For compliance professionals, this highlights the importance of fostering an internal reporting culture where employees feel safe raising concerns. A robust whistleblower program and other internal reporting mechanisms help identify potential illegal acts early, allowing the company to take action before issues escalate. Compliance teams should ensure employees know how to report concerns confidentially and clearly communicate that the company prohibits retaliation against whistleblowers. This can help create a steady pipeline of information that aids both compliance and audit functions in proactively addressing potential issues.

  • Document Document Document

Thorough documentation is crucial in every compliance arena, whether regulatory reporting, high-value transactions, or industry-specific regulations. (The Tom Fox Mantra Document Document Document.) Compliance professionals should maintain clear records of all compliance activities, internal investigations, and responses to auditor inquiries. By providing auditors with well-documented information, companies can help auditors assess whether any potential illegal acts are isolated incidents or indicative of broader compliance concerns. Such documentation facilitates the audit process and demonstrates to regulators a serious commitment to compliance.

  • Prioritize High-Risk Areas with Targeted Monitoring

Auditors focus on high-risk areas in their evaluations, such as transactions or activities with greater potential for legal violations. Compliance professionals should proactively monitor these high-risk areas to detect and mitigate issues before they escalate. For instance, compliance in industries with high regulatory scrutiny should ensure that the organization adheres to all industry-specific legal requirements. Regularly evaluating high-risk areas through targeted monitoring helps create a solid foundation for internal and external financial statement audits, reducing the chance of undetected illegal acts.

  • Be Prepared to Act on Auditor Findings Promptly

When auditors identify potential illegal acts, it is essential for compliance to respond swiftly and decisively. This involves conducting a thorough internal investigation and determining any required disclosures or corrective actions. From there, you should perform a Root Cause Analysis and then proactively address any concerns from auditors to help the organization maintain transparency and avoid further regulatory scrutiny. A prompt response strengthens the relationship between the compliance and audit functions and demonstrates to auditors and regulators a proactive approach to managing and mitigating compliance risks.

  • Strengthen Leadership’s Commitment to Compliance

The PCAOB emphasizes the importance of a “tone at the top” in its guidance, noting that auditors consider a company’s commitment to compliance when assessing potential illegal acts. Compliance teams should work with executive leadership to promote a strong culture of ethics and compliance, as this can significantly impact employee behavior and organizational practices. A commitment to compliance at the leadership level signals to employees that ethical conduct is a priority, supporting the organization’s overall compliance efforts. When leadership promotes compliance, employees are more likely to report concerns, and auditors can rely on the company’s internal controls and integrity.

  • Prepare for Potential Notification

If auditors discover a material illegal act and management fails to take appropriate action, the auditor may be required to notify the SEC or DOJ. For compliance professionals, this highlights the importance of swift and transparent responses to any findings of illegal activity. Working closely with auditors to address material findings and avoid potential SEC/DOJ notification is crucial. When the compliance function demonstrates a proactive approach to addressing auditor findings, it helps maintain the organization’s reputation, strengthens auditor relationships, and reduces the likelihood of regulatory intervention.

  • Regularly Review and Update Compliance Training

Auditors also assess a company’s internal compliance functions, including how well employees understand and adhere to compliance obligations. Regular compliance training ensures that employees are informed about identifying and reporting illegal acts, understand whistleblower protections, and know the resources available to them. Compliance professionals should review and update training programs frequently to address any changes in laws or regulations and any emerging risks specific to the company’s industry. Effective training reinforces employees’ commitment to ethical behavior and supports the company’s internal controls, bolstering the compliance-audit relationship.

  • Emphasize Materiality Assessments in Compliance Evaluations

When auditors evaluate the impact of illegal acts, they consider both quantitative and qualitative materiality. Compliance teams should adopt a similar approach when assessing potential violations. For instance, even a small illegal payment could be material if it raises ethical concerns or results in contingent liabilities. By considering potential violations’ financial and reputational implications, compliance teams can better assess the materiality of issues and take appropriate corrective action. This approach aligns with auditor standards and helps create a thorough and effective compliance environment.

Strengthening Compliance and Audit Collaboration

The PCAOB’s guidance reminds compliance professionals that a proactive approach to detecting, evaluating, and addressing potential illegal acts is essential. By understanding the auditor’s role and aligning compliance practices with PCAOB and SEC standards, compliance teams can effectively support auditors and contribute to a thorough evaluation of the organization’s adherence to laws and regulations.

A corporate compliance function plays a crucial role in creating a transparent, accountable organization where employees feel empowered to raise concerns and management responds promptly to address potential issues. Strong compliance-audit collaboration enables companies to build trust with regulators and stakeholders, demonstrating a commitment to ethical business practices. By implementing these takeaways and fostering a culture of compliance, companies can better navigate regulatory requirements and mitigate the risk of material misstatements or regulatory penalties, upholding the integrity of their financial statements and safeguarding their reputation in an increasingly scrutinized environment.

Leave a Reply

Your email address will not be published. Required fields are marked *

Copyright © 2024 The Compliance Evangelist. All Rights Reserved
You subscribed to a blog or podcast or downloaded content from
Tom Fox or www.compliancepodcastnetwork.net

What are you looking for?