Comments by the Auditing Standards Committee of the Auditing Section of the American Accounting Association on International Standard on Auditing (ISA) 720 (Revised), The Auditor's Responsibilities Relating to Other Information in Documents Containing or Accompanying Audited Financial Statements and the Auditor's Report Thereon: Participating Committee Members and Other Contributors: Free

• 1. Do respondents agree that there is a need to strengthen the auditor's responsibilities with respect to other information In particular do respondents believe that extending the auditor's responsibilities with respect to the other information reflects costs and benefits appropriately and is in the public interest?

We agree. There clearly is a need for additional information issued by corporations in their financial reports to be examined by auditors in some form or manner. Today, audited financial statements represent only a sub-section of the typical annual report, and it is not clear whether such audited financial statements represent incrementally new information. In light of the fact that the bulk of the market reaction to financial statement information release occurs at the date of the release of unaudited press releases, it is unclear whether annual reports themselves convey material value relevant information (Hollie et al. 2011). So, other information released in the annual report is likely to matter to the extent that it is not stale, and to the extent that it is consistent or inconsistent with the audited financial information. For example, Brazel et al. (2009) show that, when unaudited nonfinancial measures are inconsistent with financial statement information, the risk of fraud is higher. So, these results suggest that auditors should pay attention to the information in annual reports or in other types of regulatory filings that could be inconsistent with the audited numbers. For instance, inclusion of aggressive pro forma numbers in regulatory filings also could be misleading to investors, suggesting that auditors should watch for such aggressive practices.¹ However, the extent of the auditor's responsibility for review of this additional information, as well as the reporting language, needs to be clearly defined. In the absence of such clarity, this ISA could add to auditors' responsibilities without reducing their exposure to added legal liabilities.

In light of this possibility, one contributor has concerns about whether the proposed standard truly provides benefits that advance the public interest, while increasing the potential costs imposed on the auditor. Our concerns are based on the fact that the standard potentially requires the auditor to either withdraw from the engagement or address material inconsistencies in the absence of procedures that amount to those required by an audit, or even a review. Hence, the standard should carefully define the scope and timing of the auditor's responsibility to review such other unaudited information. Absent a clear definition, auditors remain even more exposed to potential litigation, which could have undesirable consequences for the audit markets.

In addition, we are concerned that the exposure draft asks auditors to state whether the other information is consistent with the audited financial statements, which seems reasonable. Paragraph 16 (d) indicates that the auditor is to state in the audit report that she/he “has not audited or reviewed the other information and accordingly does not express an audit opinion or a review conclusion on it.” If the other information is neither audited nor reviewed, how much value can financial statement users and the general public place on the auditor's views on the other information? Further, the proposed standard calls for the auditor to consider withdrawing from the engagement “when the [materially inconsistent] other information was obtained prior to the date of the auditor's report” (Paragraph 14 (a)(ii)) and, “is not corrected after communicating with those charged with governance” (Paragraph 14).

Therefore, the proposal potentially places auditors in the position of withdrawing from an engagement before issuing the audit report, even if the timing of the receipt of the other information is after the fiscal year-end but before the audit report date, based on procedures that do not amount to an audit or review and do not actually affect the audit opinion (Paragraph 16 requires the auditor to note any identified material inconsistencies in the audit report, but there is no impact on the audit opinion itself). Is it practical for an auditor to consider withdrawing from a financial statement audit over a reporting issue that does not affect the financial statement opinion?

One contributor also is concerned about the extent of the true benefit to the public interest from adding an explanatory statement or paragraph to the audit report based on inconsistent nonfinancial information when the independent accountant has not audited or reviewed the other information. An audit is valuable because of its nature, and the public and capital markets rely on audited financial statements because an audit opinion represents the results of a detailed examination of financial statement assertions. When nonaudited information is not subjected to the same level of examination as an audit, it is unclear how valuable auditors' reference to such information to the report will be. While it could be argued that highlighting the importance of this information by making a reference to it could serve the public interest, it also could confuse users of the financial reports. After all, annual reports already are rather long and at times hard to read, and having an auditor make an unclear reference to something that was not audited could confuse financial statement users even more. Thus, it is important to ensure that any additional information that the auditor is to review or examine has been meaningfully opined on. Absent such a clear opinion, users may ignore the auditor's statements about such disclosures or, worse yet, use this lack of clarity as a basis for suing auditors.

In addition, since this is a proposed international auditing standard, it is important to think about the general interaction of legal regimes in different countries and auditors' responsibilities for additional disclosures. For example, in the U.S., auditors only are responsible for the audited financial statements, and we are not aware of any court cases in which auditors were sued successfully over misleading voluntary disclosure. What about the implications of security laws in other countries when it comes to auditors? Could there be a situation in which the lack of clarity with respect to auditor responsibility for additional information beyond required financial statement disclosures under this ISA would actually increase auditors' legal liability?

• 3. Do respondents find the concept of initial release clear and understandable? In particular, is it clear that initial release may be different from the date the financial statements are issued as defined in ISA 560?

One concern is that client managers simply may delay the release of other information to avoid an explanatory statement in the audit report. Paragraph 16 only applies if the auditor receives the other information before the date of the audit report. If a client delays disclosing materially inconsistent other information to the auditor until after the audit report date, but before filing the financial statements with the appropriate regulatory body, what action(s) should the auditor consider (e.g., a dual dated audit report)? In addition, it is not clear why an early release of other information to third parties, such as a bank, is not considered initial release? Any inconsistency or misstatement may adversely affect the bank (see Paragraph A4 and footnote 2), and auditors could be sued by the bank.

Also, as noted in Paragraph A5 of ISA 560 (IAASB 2009), “In the case of the public sector, the date the financial statements are issued may be the date the audited financial statements and the auditor's report thereon are presented to the legislature or otherwise made public.” It is unclear whether “Publishing the documents in accordance with law or regulation” in Paragraph A4 of ISA 720 belongs to either of the above cases. The phrase “the group of users for whom the auditor's report is prepared, often the shareholders,” in Paragraph 9 (b), also seems vague.

• 4. Do respondents agree that the limited circumstances in which a securities offering document would be in scope (e.g., initial release of the audited financial statements in an initial public offering) are appropriate or should securities offering documents simply be scoped out? If other information in a securities offering document is scoped into the requirements of the proposed ISA in these circumstances, would this be duplicating or conflicting with procedures the auditor may otherwise be required to perform pursuant to national requirements?

Audited financial statements constitute core documents in securities filings. As such, any component of the securities offering documents that are “in connection” with the audited financial statements should be within its scope. To selectively leave some documents out of its scope will expose auditors to excess legal liability. The recent example of inclusion by Groupon of aggressive pro forma metrics into a form S-1 is something that auditors should be concerned with (Cohan 2012).

• 5. Do respondents consider that the objectives of the proposed ISA are appropriate and clear? In particular:

  • (a) Do respondents believe that the phrase “in light of the auditor's understanding of the entity and its environment acquired during the audit” is understandable for the auditor? In particular, do the requirements and guidance in the proposed ISA help the auditor to understand what it means to read and consider in light of the auditor's understanding of the entity and its environment acquired during the course of the audit?

  • (b) Do respondents believe it is clear that the auditor's responsibilities include reading and considering the other information for consistency with the audited financial statements?

The proposed ISA provides helpful detailed guidance on how to “read and consider the other information” in Paragraphs A28 through A43. Paragraph 8 of the proposed ISA makes it clear that the auditor's responsibilities include reading and considering the other information for consistency with the audited financial statements.

At the same time, as we discuss above, the use of the terms “read and consider” is open to varying interpretations. This lack of clarity causes auditors' responsibility to be unclear which, in turn, could fail to protect auditors from class-action lawsuits. The added benefits of clarifying the language outweigh the burden of added responsibility.

• 6. Do respondents agree that the definitions of terms of “inconsistency” including the concept of omissions and “a material inconsistency” in the other information are appropriate?

It is appropriate for the proposed ISA to include the concepts of omissions and “a material inconsistency” in the other information in the definitions of terms relating to “inconsistency.” Omitting information that is expected to influence economic decisions made by users for whom the auditor's report is prepared potentially can mislead the users. Thus, it is beneficial to include both concepts in the definition of “inconsistency.” In addition, the clarification about “material inconsistency” helps to set a reasonable boundary for auditors to make decisions about the scope of their reports.

• 7. Do respondents believe that users of auditors' reports will understand that an inconsistency relates to an inaccuracy in the other information as described in (a) and (b) of the definition, based on reading and considering the other information in light of the auditor's understanding of the entity and its environment acquired during the course of the audit?

Users of auditors' reports should be able to understand that an inconsistency relates to an inaccuracy in the other information as described in Paragraphs 9 (a)(i) and 9 (a)(ii) of the definition, based on reading and considering the other information. The phrase “in light of the auditor's understanding of the entity and its environment acquired during the course of the audit” seems unnecessary as the phrase reflects a general assumption regarding the basis of auditors' reports.

The language in the auditor's report should be sufficiently clear to the users so that it conveys information about an inaccuracy or inconsistency. However, we are concerned that, given the lack of a clear definition of the level of evidence needed to be gathered by the auditor to note an inconsistency, the auditor may not be able to be sufficiently clear about the presence of such inconsistencies.

• 9. Do respondents believe that the examples of qualitative and quantitative information included in the Appendix in the proposed ISA are helpful?

The examples of qualitative and quantitative information included in the proposed ISA's Appendix are helpful. Additionally, because qualitative and quantitative information are related to financial information, it is perhaps better to list “quantitative or qualitative” after “financial or nonfinancial” in Paragraph A42 of this proposed ISA.

• 10. Do respondents believe it is clear in the proposed requirements what the auditor's response should be if the auditor discovers that the auditor's prior understanding of the entity and its environment acquired during the audit was incorrect or incomplete?

The proposed requirements clearly specify what the auditor's response should be if the auditor discovers that the auditor's prior understanding of the entity and its environment was incorrect or incomplete. To make the requirements more clear, it is perhaps better to add language such as “ISA 315, Paragraph 31, addresses the responsibility of the auditor in such circumstances” at the end of Paragraph A49 of this proposed ISA rather than using footnote 16.

• 11. With respect to reporting:

  • (a) Do respondents believe that the terminology (in particular, “read and consider,” “in light of our understanding of the entity and its environment acquired during our audit,” and “material inconsistencies”) used in the statement to be included in the auditor's report under the proposed ISA is clear and understandable for users of the auditor's report?

See our response to Question 5 above. The use of the term “read and consider” does not reduce the extent of the auditor's liability to users of audited statements. Either users or management may bring a lawsuit against auditors for damages caused by lack of sufficient “consideration,” or for language in the final report that may cast doubt on the credibility of the annual report or similar other information.

• • (b) Do respondents believe it is clear that the conclusion that states “no audit opinion or review conclusion” properly conveys that there is no assurance being expressed with respect to the other information?

If this ISA eventually settles on auditor responsibilities that are less than conducting a full review or audit procedures, then the proposed reporting language is correct. However, once a professional standard requires the auditor to “read and consider other information,” such a disclaimer may not have much sufficient weight if challenged by users or by management.

We also recommend consideration of a new paragraph in the “Documentation” section of the proposed standard to require the auditor to document all discussions with management required by the proposed standard (e.g., the discussions required in Paragraphs 10 and 13). While Paragraph 20 refers to documenting the work required by this standard, we think that it is best to err on the side of caution to provide assurance that auditors will document their discussions with client management and “those charged with governance” (Paragraph 14). Another option is to add clarification to Paragraph 20 to include these discussions.